urlscan.io logo urlscan.io
SecurityTrails logo

www.kokomotribune.com Open in urlscan Pro
192.104.182.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kokomotribune.com/
Effective URL: https://www.kokomotribune.com/
Submission: On January 31 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 167 IPs in 12 countries across 163 domains to perform 1035 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is www.kokomotribune.com. The Cisco Umbrella rank of the primary domain is 756667.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 12th 2022. Valid for: 3 months.
This is the only time www.kokomotribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 192.104.182.209 10668 (LEE-ASN)
37 104.18.131.43 13335 (CLOUDFLAR...)
1 99.84.42.126 16509 (AMAZON-02)
2 169.55.1.118 36351 (SOFTLAYER)
2 46 142.250.80.66 15169 (GOOGLE)
1 143.204.150.5 16509 (AMAZON-02)
4 216.17.34.108 10242 (USINTERNET)
1 23.41.169.60 16625 (AKAMAI-AS)
8 104.100.146.176 16625 (AKAMAI-AS)
6 54.82.174.208 14618 (AMAZON-AES)
2 142.251.35.180 15169 (GOOGLE)
1 1 13.225.230.118 16509 (AMAZON-02)
1 54.71.105.208 16509 (AMAZON-02)
2 13.33.46.109 16509 (AMAZON-02)
1 34.197.52.200 14618 (AMAZON-AES)
1 1 3.98.63.202 16509 (AMAZON-02)
1 13.33.46.33 16509 (AMAZON-02)
1 152.195.19.97 15133 (EDGECAST)
10 99.84.42.129 16509 (AMAZON-02)
6 142.250.176.200 15169 (GOOGLE)
4 35.190.39.246 15169 (GOOGLE)
2 31.13.71.7 32934 (FACEBOOK)
4 143.204.137.197 16509 (AMAZON-02)
1 99.84.42.42 16509 (AMAZON-02)
3 54.226.129.154 14618 (AMAZON-AES)
1 130.211.10.17 15169 (GOOGLE)
3 142.250.65.225 15169 (GOOGLE)
1 169.44.76.89 36351 (SOFTLAYER)
1 142.250.65.170 15169 (GOOGLE)
10 35.165.126.69 16509 (AMAZON-02)
9 142.250.81.238 15169 (GOOGLE)
5 9 192.184.68.213 14618 (AMAZON-AES)
1 13.225.70.28 16509 (AMAZON-02)
2 23.41.169.149 16625 (AKAMAI-AS)
1 23.215.130.97 20940 (AKAMAI-ASN1)
25 27 52.116.221.248 36351 (SOFTLAYER)
2 15 35.71.139.29 16509 (AMAZON-02)
1 34.195.162.159 14618 (AMAZON-AES)
4 6 107.178.246.49 15169 (GOOGLE)
2 4 143.204.150.85 16509 (AMAZON-02)
1 1 13.33.46.77 16509 (AMAZON-02)
7 7 34.236.180.141 14618 (AMAZON-AES)
10 13 3.218.90.66 14618 (AMAZON-AES)
1 1 13.226.31.35 16509 (AMAZON-02)
7 8 143.204.150.88 16509 (AMAZON-02)
2 2 162.248.18.11 62713 (AS-PUBMATIC)
24 49 142.251.40.162 15169 (GOOGLE)
1 7 104.36.115.109 62713 (AS-PUBMATIC)
9 21 68.67.179.77 29990 (ASN-APPNEX)
12 48 35.244.159.8 15169 (GOOGLE)
4 5 192.35.249.120 11742 (SPOTX-IAD)
11 11 74.121.140.14 30419 (MEDIAMATH...)
3 6 23.92.190.74 29791 (VOXEL-DOT...)
14 18 199.127.204.142 26120 (RHYTHMONE)
1 2 63.251.28.219 26558 (FREEWHEEL)
2 2 107.178.240.89 15169 (GOOGLE)
5 12 35.190.60.146 15169 (GOOGLE)
2 3 34.229.3.43 14618 (AMAZON-AES)
4 9 54.243.106.181 14618 (AMAZON-AES)
2 3 184.50.205.90 16625 (AKAMAI-AS)
2 5 54.173.43.128 14618 (AMAZON-AES)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.199.204.104 14618 (AMAZON-AES)
1 34.237.173.244 14618 (AMAZON-AES)
1 4 142.250.182.130 15169 (GOOGLE)
1 11 142.250.65.228 15169 (GOOGLE)
2 7 69.173.144.139 26667 (RUBICONPR...)
1 142.250.81.232 15169 (GOOGLE)
5 13.225.214.15 16509 (AMAZON-02)
3 142.251.4.155 15169 (GOOGLE)
1 142.251.40.110 15169 (GOOGLE)
17 142.250.65.162 15169 (GOOGLE)
1 13.33.46.54 16509 (AMAZON-02)
2 99.84.42.95 16509 (AMAZON-02)
7 143.204.150.110 16509 (AMAZON-02)
1 52.160.40.218 8075 (MICROSOFT...)
7 142.251.35.162 15169 (GOOGLE)
14 142.250.176.193 15169 (GOOGLE)
1 13.226.31.96 16509 (AMAZON-02)
1 34.120.58.62 15169 (GOOGLE)
4 69.16.175.10 20446 (HIGHWINDS3)
2 54.164.74.135 14618 (AMAZON-AES)
3 54.237.31.67 14618 (AMAZON-AES)
1 2 3.224.251.175 14618 (AMAZON-AES)
4 23.215.130.232 20940 (AKAMAI-ASN1)
4 104.16.87.20 13335 (CLOUDFLAR...)
38 142.251.40.130 15169 (GOOGLE)
44 142.251.40.193 15169 (GOOGLE)
1 34.117.126.186 15169 (GOOGLE)
6 22 104.16.190.66 13335 (CLOUDFLAR...)
11 52.200.245.104 14618 (AMAZON-AES)
2 23.50.75.217 16625 (AKAMAI-AS)
9 3.230.217.116 14618 (AMAZON-AES)
1 74.119.119.129 19750 (AS-CRITEO)
18 20.60.81.197 8075 (MICROSOFT...)
1 18 209.54.176.128 16509 (AMAZON-02)
5 34.102.227.237 15169 (GOOGLE)
4 34.117.86.81 15169 (GOOGLE)
9 74.119.119.131 19750 (AS-CRITEO)
1 1 13.33.46.101 16509 (AMAZON-02)
20 34.238.175.171 14618 (AMAZON-AES)
6 25 23.41.168.244 16625 (AKAMAI-AS)
16 16 159.127.42.140 25751 (VALUECLICK)
6 6 46.228.164.11 56396 (AMOBEE)
4 9 3.212.61.226 14618 (AMAZON-AES)
6 23.52.161.180 16625 (AKAMAI-AS)
2 34.236.20.32 14618 (AMAZON-AES)
10 173.223.72.70 16625 (AKAMAI-AS)
3 142.250.80.74 15169 (GOOGLE)
2 3.226.102.122 14618 (AMAZON-AES)
8 14 151.101.194.49 54113 (FASTLY)
2 6 107.23.85.233 14618 (AMAZON-AES)
23 23 52.223.40.198 16509 (AMAZON-02)
5 5 68.67.161.205 29990 (ASN-APPNEX)
25 26 18.197.240.17 16509 (AMAZON-02)
2 2 35.211.233.246 15169 (GOOGLE)
5 5 34.237.23.137 14618 (AMAZON-AES)
3 3 54.226.209.67 14618 (AMAZON-AES)
1 20 150.136.222.2 31898 (ORACLE-BM...)
2 3 169.197.150.8 398989 (DEEPINTENT)
6 6 70.42.32.95 22075 (AS-OUTBRAIN)
4 4 54.147.68.28 14618 (AMAZON-AES)
7 7 198.148.27.139 19189 (PULSEPOINT)
1 1 199.187.193.182 47043 (SMARTADSE...)
2 2 192.132.33.46 18568 (BIDTELLECT)
4 4 69.173.151.100 26667 (RUBICONPR...)
3 54.161.185.0 14618 (AMAZON-AES)
1 2 141.226.224.48 200478 (TABOOLA-AS)
1 1 3.208.105.70 14618 (AMAZON-AES)
2 2 52.86.210.192 14618 (AMAZON-AES)
5 5 193.0.160.129 54312 (ROCKETFUEL)
2 104.36.115.113 62713 (AS-PUBMATIC)
16 17 67.202.105.23 32748 (STEADFAST)
1 3 67.202.105.34 32748 (STEADFAST)
4 4 23.50.66.244 16625 (AKAMAI-AS)
2 2 54.234.88.163 14618 (AMAZON-AES)
1 1 124.146.215.46 2514 (INFOSPHER...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
3 142.251.40.195 15169 (GOOGLE)
1 74.119.119.130 19750 (AS-CRITEO)
1 74.119.119.145 19750 (AS-CRITEO)
1 192.229.210.241 15133 (EDGECAST)
3 3 69.173.144.138 26667 (RUBICONPR...)
1 69.147.92.11 14777 (YAHOO)
2 3 185.167.164.49 198622 (ADFORM)
9 8.28.7.83 62713 (AS-PUBMATIC)
2 104.36.115.114 62713 (AS-PUBMATIC)
2 34.75.117.5 396982 (GOOGLE-PR...)
1 1 185.184.10.30 203690 (RTB-HOUSE...)
4 4 207.198.113.169 13768 (COGECO-PEER1)
1 1 107.21.225.177 14618 (AMAZON-AES)
11 34.117.239.71 15169 (GOOGLE)
1 74.119.119.147 19750 (AS-CRITEO)
2 50.116.194.21 6336 (TURN-US-ASN)
2 4 34.96.105.8 15169 (GOOGLE)
3 4 35.227.252.103 15169 (GOOGLE)
1 104.16.19.94 13335 (CLOUDFLAR...)
1 74.119.119.137 19750 (AS-CRITEO)
2 74.119.119.149 19750 (AS-CRITEO)
7 142.251.40.134 15169 (GOOGLE)
2 151.101.193.108 54113 (FASTLY)
2 199.232.196.124 54113 (FASTLY)
4 142.251.41.2 15169 (GOOGLE)
2 2 3.228.147.119 14618 (AMAZON-AES)
181 152.199.4.100 15133 (EDGECAST)
1 2 52.45.237.203 14618 (AMAZON-AES)
1 34.107.222.173 15169 (GOOGLE)
8 152.199.5.184 15133 (EDGECAST)
2 8.28.7.84 62713 (AS-PUBMATIC)
26 193.122.174.27 31898 (ORACLE-BM...)
1 69.166.1.14 27630 (AS-XFERNET)
2 51.222.39.187 16276 (OVH)
2 4 74.119.119.139 19750 (AS-CRITEO)
3 7 54.236.214.209 14618 (AMAZON-AES)
2 2 35.210.53.219 15169 (GOOGLE)
2 38.27.122.126 174 (COGENT-174)
2 2 162.210.196.208 30633 (LEASEWEB-...)
3 3 35.190.90.30 15169 (GOOGLE)
2 3 104.118.8.25 16625 (AKAMAI-AS)
1 35.212.101.174 15169 (GOOGLE)
1 1 15.235.11.22 16276 (OVH)
1 1 38.67.14.232 174 (COGENT-174)
1 52.16.87.205 16509 (AMAZON-02)
1 1 54.85.150.31 14618 (AMAZON-AES)
1 1 3.210.68.57 14618 (AMAZON-AES)
4 4 54.86.119.171 14618 (AMAZON-AES)
1 34.232.192.101 14618 (AMAZON-AES)
3 3 34.102.163.6 15169 (GOOGLE)
2 2 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.98.194 13335 (CLOUDFLAR...)
1 204.79.197.200 8068 (MICROSOFT...)
2 18.223.14.89 16509 (AMAZON-02)
1 1 35.244.216.234 15169 (GOOGLE)
2 2 23.1.193.230 16625 (AKAMAI-AS)
3 3 3.215.60.8 14618 (AMAZON-AES)
1 2 23.88.75.186 24940 (HETZNER-AS)
2 2 104.18.13.5 13335 (CLOUDFLAR...)
1 74.119.119.150 19750 (AS-CRITEO)
2 2 173.231.184.20 29791 (VOXEL-DOT...)
3 3 141.94.170.77 16276 (OVH)
1 3 52.73.153.177 14618 (AMAZON-AES)
1 2 104.22.24.87 13335 (CLOUDFLAR...)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 2 44.198.222.213 14618 (AMAZON-AES)
2 13.33.46.120 16509 (AMAZON-02)
1 1 52.86.150.190 14618 (AMAZON-AES)
2 2 75.101.168.201 14618 (AMAZON-AES)
1 1 52.12.81.72 16509 (AMAZON-02)
1 54.165.130.110 14618 (AMAZON-AES)
2 2 135.148.122.24 16276 (OVH)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 52.23.146.219 14618 (AMAZON-AES)
3 142.250.65.202 15169 (GOOGLE)
2 52.200.22.214 14618 (AMAZON-AES)
1 54.147.104.104 14618 (AMAZON-AES)
2 3.19.190.206 16509 (AMAZON-02)
2 72.21.81.64 15133 (EDGECAST)
1 1 204.2.255.224 2914 (NTT-COMMU...)
1 1 44.194.225.67 14618 (AMAZON-AES)
2 2 35.211.119.26 15169 (GOOGLE)
3 3 104.21.192.116 13335 (CLOUDFLAR...)
1 142.250.199.67 15169 (GOOGLE)
1 142.250.72.102 15169 (GOOGLE)
1 74.217.31.246 29791 (VOXEL-DOT...)
4 69.166.1.10 27630 (AS-XFERNET)
1 23.52.164.7 16625 (AKAMAI-AS)
1 142.250.81.226 ()
1035 167
11    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
kokomotribune.com
www.kokomotribune.com
37    104.18.131.43 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
1    99.84.42.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-126.ewr52.r.cloudfront.net
tags.crwdcntrl.net
2    169.55.1.118 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 76.01.37a9.ip4.static.sl-reverse.com
tag.simpli.fi
46    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googleadservices.com
pubads.g.doubleclick.net
1    143.204.150.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-5.ewr52.r.cloudfront.net
prod.adspsp.com
4    216.17.34.108 (Minneapolis, United States)

ASN10242 (USINTERNET, US)
kokomotribune-cnhi-pw.newsmemory.com
1    23.41.169.60 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-60.deploy.static.akamaitechnologies.com
s.ntv.io
8    104.100.146.176 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-100-146-176.deploy.static.akamaitechnologies.com
digitalservices.ap.org
wintergames.ap.org
6    54.82.174.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-174-208.compute-1.amazonaws.com
static.cnhionline.com
2    142.251.35.180 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f20.1e100.net
japfg-trending-content.appspot.com
1    13.225.230.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-118.jfk51.r.cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
1    54.71.105.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-105-208.us-west-2.compute.amazonaws.com
casmp.adperfect.com
2    13.33.46.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-109.ewr52.r.cloudfront.net
api.circularhub.com
1    34.197.52.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-52-200.compute-1.amazonaws.com
shop.cnhi.com
1    3.98.63.202 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-98-63-202.ca-central-1.compute.amazonaws.com
www.ifoldsflip.com
1    13.33.46.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-33.ewr52.r.cloudfront.net
content.cdntwrk.com
1    152.195.19.97 (San Jose, United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
10    99.84.42.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-129.ewr52.r.cloudfront.net
cdn.viafoura.net
6    142.250.176.200 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f8.1e100.net
www.googletagmanager.com
4    35.190.39.246 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com
bandborder.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
4    143.204.137.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-137-197.ewr52.r.cloudfront.net
c.amazon-adsystem.com
1    99.84.42.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-42.ewr52.r.cloudfront.net
geo.adspsp.com
3    54.226.129.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-129-154.compute-1.amazonaws.com
jadserve.postrelease.com
1    130.211.10.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.10.211.130.bc.googleusercontent.com
www.justapinch.com
3    142.250.65.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f1.1e100.net
lh3.googleusercontent.com
1    169.44.76.89 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 59.4c.2ca9.ip4.static.sl-reverse.com
i.simpli.fi
1    142.250.65.170 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net
ajax.googleapis.com
10    35.165.126.69 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-126-69.us-west-2.compute.amazonaws.com
adspsp.com
9    142.250.81.238 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net
www.google-analytics.com
9    192.184.68.213 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    13.225.70.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-70-28.ewr53.r.cloudfront.net
static.chartbeat.com
2    23.41.169.149 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-149.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
1    23.215.130.97 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-97.deploy.static.akamaitechnologies.com
ntvcld-a.akamaihd.net
27    52.116.221.248 (United States)

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com
um.simpli.fi
15    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    34.195.162.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-162-159.compute-1.amazonaws.com
simplifi.partners.tremorhub.com
6    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
4    143.204.150.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-85.ewr52.r.cloudfront.net
aa.agkn.com
1    13.33.46.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-77.ewr52.r.cloudfront.net
d.agkn.com
7    34.236.180.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-180-141.compute-1.amazonaws.com
pixel.advertising.com
13    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    13.226.31.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-35.ewr53.r.cloudfront.net
sync.intentiq.com
8    143.204.150.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-88.ewr52.r.cloudfront.net
sync1.intentiq.com
2    162.248.18.11 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
49    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net
7    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
21    68.67.179.77 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
48    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
cnhi-d.openx.net
justapinch-com-d.openx.net
eu-u.openx.net
5    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
11    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    23.92.190.74 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
ap.lijit.com
18    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    63.251.28.219 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    107.178.240.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.240.178.107.bc.googleusercontent.com
fei.pro-market.net
12    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
3    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
9    54.243.106.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-106-181.compute-1.amazonaws.com
sync.bfmio.com
3    184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com
stags.bluekai.com
5    54.173.43.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-43-128.compute-1.amazonaws.com
bcp.crwdcntrl.net
ad.crwdcntrl.net
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.199.204.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-204-104.compute-1.amazonaws.com
usermatch.krxd.net
1    34.237.173.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-173-244.compute-1.amazonaws.com
beacon.krxd.net
4    142.250.182.130 (United States)

ASN15169 (GOOGLE, US)
PTR: maa05s22-in-f2.1e100.net
googleads.g.doubleclick.net
11    142.250.65.228 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f4.1e100.net
www.google.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    142.250.81.232 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net
ssl.google-analytics.com
5    13.225.214.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-15.ewr50.r.cloudfront.net
mapi.associatedpress.com
3    142.251.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: gm-in-f155.1e100.net
stats.g.doubleclick.net
1    142.251.40.110 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f14.1e100.net
ampcid.google.com
17    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
www.googletagservices.com
1    13.33.46.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-54.ewr52.r.cloudfront.net
rules.quantcount.com
2    99.84.42.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-95.ewr52.r.cloudfront.net
cdn-resources.prfct.cc
7    143.204.150.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-110.ewr52.r.cloudfront.net
a.wishabi.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
7    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
adservice.google.com
14    142.250.176.193 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f1.1e100.net
2d1b37fe53721e3efb41e50d4b65092a.safeframe.googlesyndication.com
cdn.ampproject.org
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
6868765e4117553c807c0d618fa43454.safeframe.googlesyndication.com
6358cc6f43e096b69013ca8fbe8a0fa0.safeframe.googlesyndication.com
64079d933a1814e8a7c3237fb16b6abd.safeframe.googlesyndication.com
1    13.226.31.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-96.ewr53.r.cloudfront.net
static.adsafeprotected.com
1    34.120.58.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.58.120.34.bc.googleusercontent.com
www.americanhometownmedia.com
4    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net
code.jquery.com
2    54.164.74.135 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-74-135.compute-1.amazonaws.com
ping.chartbeat.net
3    54.237.31.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-31-67.compute-1.amazonaws.com
api.viafoura.co
2    3.224.251.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-251-175.compute-1.amazonaws.com
www.flipp.com
flipp.com
4    23.215.130.232 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-232.deploy.static.akamaitechnologies.com
csp.azureedge.net
4    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
38    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
pagead2.googlesyndication.com
44    142.251.40.193 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f1.1e100.net
tpc.googlesyndication.com
1    34.117.126.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.126.117.34.bc.googleusercontent.com
bids.concert.io
22    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
11    52.200.245.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-245-104.compute-1.amazonaws.com
btlr.sharethrough.com
2    23.50.75.217 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-75-217.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
9    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
18    20.60.81.197 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
18    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    34.102.227.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.227.102.34.bc.googleusercontent.com
f.wishabi.net
4    34.117.86.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.86.117.34.bc.googleusercontent.com
images.wishabi.net
9    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    13.33.46.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-101.ewr52.r.cloudfront.net
s.ad.smaato.net
20    34.238.175.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-175-171.compute-1.amazonaws.com
rtb.gumgum.com
25    23.41.168.244 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-244.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
dsum.casalemedia.com
16    159.127.42.140 (United States)

ASN25751 (VALUECLICK, US)
PTR: iad09-login.dotomi.com
amazon-tam-match.dotomi.com
districtm-match.dotomi.com
33across-match.dotomi.com
synacor-match.dotomi.com
openx2-match.dotomi.com
pubmatic-match.dotomi.com
dclk-match.dotomi.com
6    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
9    3.212.61.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-61-226.compute-1.amazonaws.com
match.sharethrough.com
6    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    34.236.20.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-20-32.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
10    173.223.72.70 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-72-70.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    142.250.80.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f10.1e100.net
fonts.googleapis.com
2    3.226.102.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-102-122.compute-1.amazonaws.com
i.viafoura.co
notifications.viafoura.co
14    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
displayf-tm.everesttech.net
statsf-tm.everesttech.net
6    107.23.85.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-85-233.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
23    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    68.67.161.205 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 799.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
26    18.197.240.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-240-17.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
5    34.237.23.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-23-137.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    54.226.209.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-209-67.compute-1.amazonaws.com
sync.ipredictive.com
20    150.136.222.2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
6    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    54.147.68.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-68-28.compute-1.amazonaws.com
ad.360yield.com
7    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
4    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    54.161.185.0 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-185-0.compute-1.amazonaws.com
ads.yieldmo.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    3.208.105.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-105-70.compute-1.amazonaws.com
nep.advangelists.com
2    52.86.210.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-210-192.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
5    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
17    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
pixel.33across.com
3    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
4    23.50.66.244 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-66-244.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    54.234.88.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-88-163.compute-1.amazonaws.com
cs.emxdgt.com
1    124.146.215.46 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
3    142.251.40.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net
fonts.gstatic.com
1    74.119.119.130 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    74.119.119.145 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
1    192.229.210.241 (United States)

ASN15133 (EDGECAST, US)
synadproducts.synacormedia.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.147.92.11 (Ashburn, United States)

ASN14777 (YAHOO, US)
PTR: e1.ycpi.vip.dca.yahoo.com
ads.yahoo.com
3    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
9    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    34.75.117.5 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 5.117.75.34.bc.googleusercontent.com
dmx.us-east-31.districtm.io
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
4    207.198.113.169 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    107.21.225.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-225-177.compute-1.amazonaws.com
cms-xch.33across.com
11    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
2    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
r.turn.com
4    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com
pix.us.criteo.net
2    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
7    142.251.40.134 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f6.1e100.net
s0.2mdn.net
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    199.232.196.124 (United States)

ASN54113 (FASTLY, US)
cdn.concert.io
4    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
googleads4.g.doubleclick.net
2    3.228.147.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-147-119.compute-1.amazonaws.com
ads.creative-serving.com
181    152.199.4.100 (United States)

ASN15133 (EDGECAST, US)
engage.imds-cdn.com
reflex-engage.imds-cdn.com
am4.imds-cdn.com
vam-streaming.imds-cdn.com
2    52.45.237.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-237-203.compute-1.amazonaws.com
um2.eqads.com
1    34.107.222.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.222.107.34.bc.googleusercontent.com
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
8    152.199.5.184 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
26    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
adtag.technoratimedia.com
uat-net.technoratimedia.com
1    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
2    51.222.39.187 (Canada)

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net
onetag-sys.com
4    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
7    54.236.214.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-214-209.compute-1.amazonaws.com
match.prod.bidr.io
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
3    104.118.8.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-8-25.deploy.static.akamaitechnologies.com
contextual.media.net
1    35.212.101.174 (Washington, United States)

ASN15169 (GOOGLE, US)
PTR: 174.101.212.35.bc.googleusercontent.com
cs.chocolateplatform.com
1    15.235.11.22 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl
ws.rqtrk.eu
1    38.67.14.232 (United States)

ASN174 (COGENT-174, US)
oxp.mxptint.net
1    52.16.87.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-87-205.eu-west-1.compute.amazonaws.com
s.cpx.to
1    54.85.150.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-150-31.compute-1.amazonaws.com
i.w55c.net
1    3.210.68.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-68-57.compute-1.amazonaws.com
pm.w55c.net
4    54.86.119.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-119-171.compute-1.amazonaws.com
i.liadm.com
1    34.232.192.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-192-101.compute-1.amazonaws.com
i6.liadm.com
3    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.98.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
2    18.223.14.89 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-14-89.us-east-2.compute.amazonaws.com
vid.springserve.com
1    35.244.216.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.216.244.35.bc.googleusercontent.com
openx.adhaven.com
2    23.1.193.230 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-193-230.deploy.static.akamaitechnologies.com
px.owneriq.net
3    3.215.60.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-60-8.compute-1.amazonaws.com
rtb.adentifi.com
2    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
2    104.18.13.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    173.231.184.20 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
3    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-6.cloudy.ovh
pixel.onaudience.com
3    52.73.153.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-153-177.compute-1.amazonaws.com
sync.crwdcntrl.net
2    104.22.24.87 (None, )

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    44.198.222.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-222-213.compute-1.amazonaws.com
io.narrative.io
2    13.33.46.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-120.ewr52.r.cloudfront.net
vpaid.springserve.com
1    52.86.150.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-150-190.compute-1.amazonaws.com
sync.extend.tv
2    75.101.168.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-168-201.compute-1.amazonaws.com
vop.sundaysky.com
1    52.12.81.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-81-72.us-west-2.compute.amazonaws.com
dmp.brand-display.com
1    54.165.130.110 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-130-110.compute-1.amazonaws.com
match.justpremium.com
2    135.148.122.24 (United States)

ASN16276 (OVH, FR)
PTR: ns1009095.ip-135-148-122.us
gu.dyntrk.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
openx-ums.acuityplatform.com
2    52.23.146.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-146-219.compute-1.amazonaws.com
ads.adaptv.advertising.com
3    142.250.65.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f10.1e100.net
imasdk.googleapis.com
2    52.200.22.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-22-214.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    54.147.104.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-104-104.compute-1.amazonaws.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
2    3.19.190.206 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-190-206.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
2    72.21.81.64 (United States)

ASN15133 (EDGECAST, US)
playtime.tubemogul.com
1    204.2.255.224 (United States)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
aep.mxptint.net
1    44.194.225.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-225-67.compute-1.amazonaws.com
fksnk.com
2    35.211.119.26 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 26.119.211.35.bc.googleusercontent.com
a.volvelle.tech
3    104.21.192.116 (None, )

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
1    142.250.199.67 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s37-in-f3.1e100.net
csi.gstatic.com
1    142.250.72.102 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f6.1e100.net
ad.doubleclick.net
1    74.217.31.246 (Secaucus, United States)

ASN29791 (VOXEL-DOT-NET, US)
ads.revjet.com
4    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    23.52.164.7 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-164-7.deploy.static.akamaitechnologies.com
sync.teads.tv
1    142.250.81.226 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
181 imds-cdn.com
engage.imds-cdn.com — Cisco Umbrella Rank: 50057
reflex-engage.imds-cdn.com — Cisco Umbrella Rank: 55979
am4.imds-cdn.com — Cisco Umbrella Rank: 56173
vam-streaming.imds-cdn.com — Cisco Umbrella Rank: 70162
2 MB
106 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
ad.doubleclick.net — Cisco Umbrella Rank: 195
pubads.g.doubleclick.net — Cisco Umbrella Rank: 462
853 KB
92 googlesyndication.com
2d1b37fe53721e3efb41e50d4b65092a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
6868765e4117553c807c0d618fa43454.safeframe.googlesyndication.com
6358cc6f43e096b69013ca8fbe8a0fa0.safeframe.googlesyndication.com
64079d933a1814e8a7c3237fb16b6abd.safeframe.googlesyndication.com
ade.googlesyndication.com
1 MB
54 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 4037
adtag.technoratimedia.com — Cisco Umbrella Rank: 55905
uat-net.technoratimedia.com — Cisco Umbrella Rank: 2111
137 KB
52 openx.net
u.openx.net — Cisco Umbrella Rank: 710
us-u.openx.net — Cisco Umbrella Rank: 359
cnhi-d.openx.net — Cisco Umbrella Rank: 143648
rtb.openx.net — Cisco Umbrella Rank: 1548
justapinch-com-d.openx.net — Cisco Umbrella Rank: 62170
eu-u.openx.net — Cisco Umbrella Rank: 2015
7 KB
37 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 16308
489 KB
31 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 609
image2.pubmatic.com — Cisco Umbrella Rank: 1032
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 848
simage4.pubmatic.com — Cisco Umbrella Rank: 1179
aud.pubmatic.com — Cisco Umbrella Rank: 5343
54 KB
30 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
token.rubiconproject.com — Cisco Umbrella Rank: 689
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
64 KB
30 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5236
i.simpli.fi — Cisco Umbrella Rank: 3551
um.simpli.fi — Cisco Umbrella Rank: 745
20 KB
29 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 877
cms-xch.33across.com — Cisco Umbrella Rank: 3591
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1613
pixel.33across.com — Cisco Umbrella Rank: 2343
11 KB
29 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ads.yahoo.com — Cisco Umbrella Rank: 913
11 KB
28 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
acdn.adnxs.com — Cisco Umbrella Rank: 565
64 KB
26 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
12 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
28 KB
24 districtm.io
dmx.districtm.io — Cisco Umbrella Rank: 1407
cdn.districtm.io — Cisco Umbrella Rank: 2067
dmx.us-east-31.districtm.io — Cisco Umbrella Rank: 18293
12 KB
23 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
12 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
54 KB
20 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1288
5 KB
20 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
match.sharethrough.com — Cisco Umbrella Rank: 637
4 KB
19 google.com
www.google.com — Cisco Umbrella Rank: 13
ampcid.google.com — Cisco Umbrella Rank: 1722
adservice.google.com — Cisco Umbrella Rank: 80
6 KB
18 windows.net
citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 40182
390 KB
17 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
584 KB
16 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5757
districtm-match.dotomi.com — Cisco Umbrella Rank: 7157
33across-match.dotomi.com — Cisco Umbrella Rank: 3338
synacor-match.dotomi.com — Cisco Umbrella Rank: 8644
openx2-match.dotomi.com — Cisco Umbrella Rank: 4294
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3523
dclk-match.dotomi.com — Cisco Umbrella Rank: 2859
5 KB
15 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
displayf-tm.everesttech.net — Cisco Umbrella Rank: 4179
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net — Cisco Umbrella Rank: 4988
statsf-tm.everesttech.net — Cisco Umbrella Rank: 3446
7 KB
15 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
7 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
pix.us.criteo.net — Cisco Umbrella Rank: 2536
csm.us.criteo.net — Cisco Umbrella Rank: 2450
77 KB
12 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
id.rlcdn.com — Cisco Umbrella Rank: 738
1 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
6 KB
12 adspsp.com
prod.adspsp.com — Cisco Umbrella Rank: 14247
geo.adspsp.com — Cisco Umbrella Rank: 68332
adspsp.com — Cisco Umbrella Rank: 12802
96 KB
11 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
6 KB
11 kokomotribune.com
kokomotribune.com — Cisco Umbrella Rank: 700812
www.kokomotribune.com — Cisco Umbrella Rank: 756667
126 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
ssl.google-analytics.com — Cisco Umbrella Rank: 279
80 KB
10 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 12030
237 KB
9 wishabi.net
f.wishabi.net — Cisco Umbrella Rank: 12671
images.wishabi.net — Cisco Umbrella Rank: 28869
320 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
rtb.va.us.criteo.com — Cisco Umbrella Rank: 6189
ads.us.criteo.com — Cisco Umbrella Rank: 2392
cat.va.us.criteo.com — Cisco Umbrella Rank: 3459
gum.criteo.com — Cisco Umbrella Rank: 369
dis.criteo.com — Cisco Umbrella Rank: 691
47 KB
9 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1279
3 KB
9 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1542
sync1.intentiq.com — Cisco Umbrella Rank: 5588
10 KB
9 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
adserver-us.adtech.advertising.com Failed
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127
3 KB
9 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1019
pixel.quantserve.com — Cisco Umbrella Rank: 424
cms.quantserve.com — Cisco Umbrella Rank: 1255
13 KB
9 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
ad.crwdcntrl.net — Cisco Umbrella Rank: 6750
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
17 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3243
3 KB
8 ap.org
digitalservices.ap.org — Cisco Umbrella Rank: 85306
wintergames.ap.org
199 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
3 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
174 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
4 KB
7 wishabi.com
a.wishabi.com — Cisco Umbrella Rank: 10019
3 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
372 KB
6 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 6017
vpaid.springserve.com — Cisco Umbrella Rank: 8109
vid-io-cle.springserve.com — Cisco Umbrella Rank: 6871
177 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
4 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
3 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 816
ap.lijit.com — Cisco Umbrella Rank: 690
4 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
2 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
268 KB
6 cnhionline.com
static.cnhionline.com — Cisco Umbrella Rank: 129312
179 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 512
i6.liadm.com — Cisco Umbrella Rank: 1514
3 KB
5 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1699
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
6 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
4 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
2 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6222
ads.yieldmo.com — Cisco Umbrella Rank: 670
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 11023
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
103 KB
5 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 12508
i.viafoura.co — Cisco Umbrella Rank: 12348
notifications.viafoura.co — Cisco Umbrella Rank: 14277
4 KB
5 associatedpress.com
mapi.associatedpress.com — Cisco Umbrella Rank: 64089
48 KB
5 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
3 KB
5 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
d.agkn.com — Cisco Umbrella Rank: 529
3 KB
4 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3408
204 B
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
2 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
62 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
1 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440
188 KB
4 azureedge.net
csp.azureedge.net — Cisco Umbrella Rank: 31108
14 KB
4 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
45 KB
4 bandborder.com
bandborder.com — Cisco Umbrella Rank: 128568
33 KB
4 newsmemory.com
kokomotribune-cnhi-pw.newsmemory.com
181 KB
3 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3750
2 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
1 KB
3 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
946 B
3 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2371
282 B
3 media.net
contextual.media.net — Cisco Umbrella Rank: 516
2 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
us.creativecdn.com — Cisco Umbrella Rank: 3401
947 B
3 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1328
hde.tynt.com — Cisco Umbrella Rank: 4139
7 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
914 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
1 KB
3 concert.io
bids.concert.io — Cisco Umbrella Rank: 11524
cdn.concert.io — Cisco Umbrella Rank: 9698
43 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 510
2 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1077
3 KB
3 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 71
39 KB
3 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117
4 KB
2 volvelle.tech
a.volvelle.tech — Cisco Umbrella Rank: 27353
1 KB
2 tubemogul.com
playtime.tubemogul.com — Cisco Umbrella Rank: 4482
11 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1261
1 KB
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2735
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2498
643 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4756
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
898 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1634
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 2305
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1175
307 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 990
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 642
551 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
1 KB
2 w55c.net
i.w55c.net — Cisco Umbrella Rank: 1698
pm.w55c.net — Cisco Umbrella Rank: 876
1 KB
2 mxptint.net
oxp.mxptint.net — Cisco Umbrella Rank: 4661
aep.mxptint.net — Cisco Umbrella Rank: 6128
1 KB
2 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 2178
718 B
2 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1587
226 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5289
726 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
2 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3893
564 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3972
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
2 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 908
516 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1483
863 B
2 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 969
538 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 746
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2615
935 B
2 flipp.com
www.flipp.com — Cisco Umbrella Rank: 100737
flipp.com — Cisco Umbrella Rank: 20080
1 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1120
401 B
2 prfct.cc
cdn-resources.prfct.cc — Cisco Umbrella Rank: 100350
3 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1214
beacon.krxd.net — Cisco Umbrella Rank: 408
507 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 797
856 B
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2638
814 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
1 KB
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 361
s-jsonp.moatads.com — Cisco Umbrella Rank: 11146
55 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
83 KB
2 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 33244
p.cityspark.com — Cisco Umbrella Rank: 21018
16 KB
2 circularhub.com
api.circularhub.com — Cisco Umbrella Rank: 25862
165 KB
2 appspot.com
japfg-trending-content.appspot.com — Cisco Umbrella Rank: 64256
2 KB
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 868
287 B
1 revjet.com
ads.revjet.com — Cisco Umbrella Rank: 2426
604 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4594
615 B
1 acuityplatform.com
openx-ums.acuityplatform.com — Cisco Umbrella Rank: 5152
635 B
1 justpremium.com
match.justpremium.com — Cisco Umbrella Rank: 3424
325 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1929
328 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
526 B
1 adhaven.com
openx.adhaven.com — Cisco Umbrella Rank: 5730
276 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 273
664 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 2057
877 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 2209
340 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 2308
140 B
1 permutive.app
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app — Cisco Umbrella Rank: 11501
166 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
5 KB
1 synacormedia.com
synadproducts.synacormedia.com — Cisco Umbrella Rank: 144963
97 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
833 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2192
234 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
318 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
531 B
1 americanhometownmedia.com
www.americanhometownmedia.com — Cisco Umbrella Rank: 80346
104 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
484 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 898
430 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
409 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7146
183 B
1 akamaihd.net
ntvcld-a.akamaihd.net — Cisco Umbrella Rank: 6589
6 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1277
14 KB
1 justapinch.com
www.justapinch.com — Cisco Umbrella Rank: 59381
22 KB
1 cdntwrk.com
content.cdntwrk.com — Cisco Umbrella Rank: 60615
25 KB
1 ifoldsflip.com
www.ifoldsflip.com — Cisco Umbrella Rank: 524884
337 B
1 cnhi.com
shop.cnhi.com
3 KB
1 adperfect.com
casmp.adperfect.com — Cisco Umbrella Rank: 123699
2 KB
1 cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
547 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3423
114 KB
0 id5-sync.com Failed
id5-sync.com — Cisco Umbrella Rank: 596 Failed
0 hgrtb.com Failed
sync.hgrtb.com Failed
1035 163
Domain Requested by
167 engage.imds-cdn.com www.kokomotribune.com
engage.imds-cdn.com
49 cm.g.doubleclick.net 24 redirects u.openx.net
rtb.gumgum.com
eus.rubiconproject.com
googleads.g.doubleclick.net
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
www.kokomotribune.com
eb2.3lift.com
bcp.crwdcntrl.net
44 tpc.googlesyndication.com wintergames.ap.org
securepubads.g.doubleclick.net
cdn.ampproject.org
tpc.googlesyndication.com
www.kokomotribune.com
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
engage.imds-cdn.com
ad.doubleclick.net
pagead2.googlesyndication.com
44 securepubads.g.doubleclick.net 1 redirects www.kokomotribune.com
securepubads.g.doubleclick.net
www.googletagservices.com
wintergames.ap.org
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
engage.imds-cdn.com
39 us-u.openx.net 9 redirects www.kokomotribune.com
u.openx.net
prod.adspsp.com
us-u.openx.net
ad-cdn.technoratimedia.com
de.tynt.com
38 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.kokomotribune.com
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
engage.imds-cdn.com
ad.doubleclick.net
pagead2.googlesyndication.com
srcdoc
37 bloximages.chicago2.vip.townnews.com www.kokomotribune.com
bloximages.chicago2.vip.townnews.com
27 um.simpli.fi 25 redirects www.kokomotribune.com
26 x.bidswitch.net 25 redirects ad-cdn.technoratimedia.com
24 uat-net.technoratimedia.com ad-cdn.technoratimedia.com
engage.imds-cdn.com
adtag.technoratimedia.com
eus.rubiconproject.com
vpaid.springserve.com
www.kokomotribune.com
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
23 match.adsrvr.org 23 redirects
21 ib.adnxs.com 9 redirects www.kokomotribune.com
prod.adspsp.com
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
acdn.adnxs.com
www.americanhometownmedia.com
eb2.3lift.com
20 sync.technoratimedia.com 1 redirects ad-cdn.technoratimedia.com
us-u.openx.net
eb2.3lift.com
de.tynt.com
cdn.districtm.io
ads.pubmatic.com
20 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
hde.tynt.com
18 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
us-u.openx.net
eb2.3lift.com
18 citysparkstorage.blob.core.windows.net www.kokomotribune.com
17 www.googletagservices.com wintergames.ap.org
www.kokomotribune.com
securepubads.g.doubleclick.net
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
synadproducts.synacormedia.com
ad.doubleclick.net
15 ssc-cms.33across.com 15 redirects
15 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
um2.eqads.com
15 eb2.3lift.com 2 redirects www.kokomotribune.com
ad-cdn.technoratimedia.com
eb2.3lift.com
13 ups.analytics.yahoo.com 10 redirects www.kokomotribune.com
us-u.openx.net
12 sync.1rx.io 10 redirects ad-cdn.technoratimedia.com
11 cms-xch-chicago.33across.com hde.tynt.com
eus.rubiconproject.com
de.tynt.com
us-u.openx.net
11 cdn.districtm.io 3 redirects s.amazon-adsystem.com
cdn.districtm.io
prod.adspsp.com
ad-cdn.technoratimedia.com
11 btlr.sharethrough.com prod.adspsp.com
11 dmx.districtm.io 3 redirects prod.adspsp.com
cdn.districtm.io
s.amazon-adsystem.com
11 www.google.com 1 redirects www.kokomotribune.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
11 sync.mathtag.com 11 redirects
10 vam-streaming.imds-cdn.com cdn.jsdelivr.net
10 sync-tm.everesttech.net 8 redirects rtb.gumgum.com
www.kokomotribune.com
10 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
hde.tynt.com
ad-cdn.technoratimedia.com
10 adspsp.com www.kokomotribune.com
10 cdn.viafoura.net www.kokomotribune.com
cdn.viafoura.net
9 simage2.pubmatic.com ads.pubmatic.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 static.criteo.net prod.adspsp.com
static.criteo.net
ads.us.criteo.com
9 c2shb.ssp.yahoo.com prod.adspsp.com
www.americanhometownmedia.com
9 sync.bfmio.com 4 redirects www.kokomotribune.com
ad-cdn.technoratimedia.com
9 idsync.rlcdn.com 4 redirects www.kokomotribune.com
ads.pubmatic.com
us-u.openx.net
bcp.crwdcntrl.net
9 www.google-analytics.com www.googletagmanager.com
www.kokomotribune.com
www.google-analytics.com
9 www.kokomotribune.com www.kokomotribune.com
8 ad-cdn.technoratimedia.com engage.imds-cdn.com
ad-cdn.technoratimedia.com
adtag.technoratimedia.com
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
8 sync1.intentiq.com 7 redirects www.kokomotribune.com
7 match.prod.bidr.io 3 redirects ad-cdn.technoratimedia.com
us-u.openx.net
ads.pubmatic.com
7 s0.2mdn.net www.kokomotribune.com
s0.2mdn.net
ad.doubleclick.net
engage.imds-cdn.com
7 bh.contextweb.com 7 redirects
7 ssum-sec.casalemedia.com 4 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
7 adservice.google.com securepubads.g.doubleclick.net
www.kokomotribune.com
engage.imds-cdn.com
7 a.wishabi.com www.kokomotribune.com
7 pixel.quantserve.com 4 redirects www.kokomotribune.com
cdn.cityspark.com
cdn.jsdelivr.net
7 pixel.rubiconproject.com 2 redirects www.kokomotribune.com
eus.rubiconproject.com
7 image2.pubmatic.com 1 redirects www.kokomotribune.com
ads.pubmatic.com
7 pixel.advertising.com 7 redirects
7 wintergames.ap.org www.kokomotribune.com
wintergames.ap.org
ajax.googleapis.com
6 b1sync.zemanta.com 6 redirects
6 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
6 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
hde.tynt.com
ad-cdn.technoratimedia.com
6 ad.turn.com 6 redirects
6 sync.targeting.unrulymedia.com 4 redirects ad-cdn.technoratimedia.com
6 pixel.tapad.com 4 redirects www.kokomotribune.com
us-u.openx.net
6 www.googletagmanager.com www.kokomotribune.com
www.googletagmanager.com
6 static.cnhionline.com www.kokomotribune.com
5 p.rfihub.com 5 redirects
5 sync.srv.stackadapt.com 5 redirects
5 secure.adnxs.com 5 redirects
5 f.wishabi.net www.kokomotribune.com
5 ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com securepubads.g.doubleclick.net
www.kokomotribune.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 mapi.associatedpress.com www.kokomotribune.com
5 sync.search.spotxchange.com 4 redirects www.kokomotribune.com
4 sync.go.sonobi.com www.kokomotribune.com
4 i.liadm.com 4 redirects
4 eu-u.openx.net 1 redirects us-u.openx.net
4 synacor-match.dotomi.com 4 redirects
4 gum.criteo.com 2 redirects www.kokomotribune.com
gum.criteo.com
4 googleads4.g.doubleclick.net www.kokomotribune.com
ad.doubleclick.net
4 rtb.openx.net 3 redirects us-u.openx.net
4 tr.blismedia.com 2 redirects ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
us-u.openx.net
4 pixel-sync.sitescout.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 pixel-us-east.rubiconproject.com 4 redirects
4 ad.360yield.com 4 redirects
4 images.wishabi.net www.kokomotribune.com
4 cdn.jsdelivr.net cdn.cityspark.com
cdn.concert.io
engage.imds-cdn.com
4 csp.azureedge.net cdn.cityspark.com
csp.azureedge.net
4 code.jquery.com bloximages.chicago2.vip.townnews.com
securepubads.g.doubleclick.net
4 googleads.g.doubleclick.net 1 redirects www.kokomotribune.com
4 bcp.crwdcntrl.net 2 redirects www.kokomotribune.com
4 ce.lijit.com 2 redirects www.kokomotribune.com
us-u.openx.net
4 aa.agkn.com 2 redirects ads.pubmatic.com
bcp.crwdcntrl.net
4 c.amazon-adsystem.com prod.adspsp.com
c.amazon-adsystem.com
4 bandborder.com www.kokomotribune.com
bandborder.com
4 kokomotribune-cnhi-pw.newsmemory.com www.kokomotribune.com
kokomotribune-cnhi-pw.newsmemory.com
3 a.clickcertain.com 3 redirects
3 statsf-tm.everesttech.net ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
www.kokomotribune.com
3 imasdk.googleapis.com engage.imds-cdn.com
3 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
3 pixel.onaudience.com 3 redirects
3 rtb.adentifi.com 3 redirects
3 ad.mrtnsvr.com 3 redirects
3 contextual.media.net 2 redirects us-u.openx.net
3 odr.mookie1.com 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 id.rlcdn.com 1 redirects eus.rubiconproject.com
us-u.openx.net
3 token.rubiconproject.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 match.deepintent.com 2 redirects rtb.gumgum.com
3 sync.ipredictive.com 3 redirects
3 fonts.googleapis.com client
cdnjs.cloudflare.com
s0.2mdn.net
3 api.viafoura.co cdn.viafoura.net
3 stats.g.doubleclick.net www.google-analytics.com
3 stags.bluekai.com 2 redirects www.kokomotribune.com
3 loadm.exelator.com 2 redirects www.kokomotribune.com
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 lh3.googleusercontent.com www.kokomotribune.com
3 jadserve.postrelease.com s.ntv.io
www.kokomotribune.com
2 a.volvelle.tech 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 playtime.tubemogul.com displayf-tm.everesttech.net
playtime.tubemogul.com
2 vid-io-cle.springserve.com vpaid.springserve.com
engage.imds-cdn.com
2 prebid-server.rubiconproject.com vpaid.springserve.com
engage.imds-cdn.com
2 ads.adaptv.advertising.com vpaid.springserve.com
engage.imds-cdn.com
2 gu.dyntrk.com 2 redirects
2 vop.sundaysky.com 2 redirects
2 vpaid.springserve.com engage.imds-cdn.com
2 pubmatic-match.dotomi.com 2 redirects
2 io.narrative.io 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 cm.adgrx.com 2 redirects
2 csync.loopme.me 1 redirects us-u.openx.net
2 px.owneriq.net 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 vid.springserve.com engage.imds-cdn.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 sync.aralego.com 2 redirects
2 match.bnmla.com ad-cdn.technoratimedia.com
2 pool.admedo.com 2 redirects
2 onetag-sys.com ad-cdn.technoratimedia.com
2 pixel.33across.com 1 redirects ad-cdn.technoratimedia.com
2 adtag.technoratimedia.com engage.imds-cdn.com
ad-cdn.technoratimedia.com
2 simage4.pubmatic.com ads.pubmatic.com
2 am4.imds-cdn.com engage.imds-cdn.com
2 reflex-engage.imds-cdn.com engage.imds-cdn.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 ads.creative-serving.com 2 redirects
2 cdn.concert.io prod.adspsp.com
cdn.concert.io
2 js-sec.indexww.com prod.adspsp.com
ssum-sec.casalemedia.com
2 acdn.adnxs.com prod.adspsp.com
2 csm.us.criteo.net ads.us.criteo.com
2 ap.lijit.com 1 redirects www.americanhometownmedia.com
2 r.turn.com ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
2 33across-match.dotomi.com 2 redirects
2 dmx.us-east-31.districtm.io s.amazon-adsystem.com
2 districtm-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 de.tynt.com 1 redirects ad-cdn.technoratimedia.com
2 image6.pubmatic.com ads.pubmatic.com
2 beacon.lynx.cognitivlabs.com 2 redirects
2 sync.taboola.com 1 redirects ad-cdn.technoratimedia.com
2 bttrack.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 htlb.casalemedia.com prod.adspsp.com
www.americanhometownmedia.com
2 ping.chartbeat.net www.kokomotribune.com
2 cdn-resources.prfct.cc d1gzrgn7m19oq9.cloudfront.net
2 pippio.com 2 redirects
2 fei.pro-market.net 2 redirects
2 ads.stickyadstv.com 1 redirects www.kokomotribune.com
2 image8.pubmatic.com 2 redirects
2 connect.facebook.net www.kokomotribune.com
connect.facebook.net
2 api.circularhub.com www.kokomotribune.com
2 japfg-trending-content.appspot.com www.kokomotribune.com
2 tag.simpli.fi www.kokomotribune.com
2 kokomotribune.com 1 redirects www.kokomotribune.com
1 ade.googlesyndication.com www.kokomotribune.com
1 sync.teads.tv www.kokomotribune.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 ads.revjet.com ad.doubleclick.net
1 ad.doubleclick.net playtime.tubemogul.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 fksnk.com 1 redirects
1 aep.mxptint.net 1 redirects
1 rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
1 displayf-tm.everesttech.net ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
1 openx-ums.acuityplatform.com 1 redirects
1 match.justpremium.com us-u.openx.net
1 dmp.brand-display.com 1 redirects
1 sync.extend.tv 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 openx.adhaven.com 1 redirects
1 c.bing.com eb2.3lift.com
1 i6.liadm.com us-u.openx.net
1 pm.w55c.net 1 redirects
1 i.w55c.net 1 redirects
1 s.cpx.to us-u.openx.net
1 oxp.mxptint.net 1 redirects
1 ws.rqtrk.eu 1 redirects
1 cs.chocolateplatform.com ad-cdn.technoratimedia.com
1 justapinch-com-d.openx.net www.americanhometownmedia.com
1 apex.go.sonobi.com www.americanhometownmedia.com
1 64079d933a1814e8a7c3237fb16b6abd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app cdn.concert.io
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 6358cc6f43e096b69013ca8fbe8a0fa0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pix.us.criteo.net ads.us.criteo.com
1 cdnjs.cloudflare.com ads.us.criteo.com
1 cms.quantserve.com 1 redirects
1 cat.va.us.criteo.com ads.us.criteo.com
1 cms-xch.33across.com 1 redirects
1 notifications.viafoura.co cdn.viafoura.net
1 us.creativecdn.com 1 redirects
1 ads.yahoo.com eus.rubiconproject.com
1 synadproducts.synacormedia.com www.kokomotribune.com
1 ads.us.criteo.com ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
1 rtb.va.us.criteo.com www.kokomotribune.com
1 tg.socdm.com 1 redirects
1 hde.tynt.com rtb.gumgum.com
1 nep.advangelists.com 1 redirects
1 6868765e4117553c807c0d618fa43454.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 ssbsync.smartadserver.com 1 redirects
1 i.viafoura.co www.kokomotribune.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 bidder.criteo.com prod.adspsp.com
1 cnhi-d.openx.net prod.adspsp.com
1 bids.concert.io prod.adspsp.com
1 flipp.com www.kokomotribune.com
1 www.flipp.com 1 redirects
1 www.americanhometownmedia.com www.kokomotribune.com
1 ad.crwdcntrl.net www.kokomotribune.com
1 static.adsafeprotected.com www.kokomotribune.com
1 2d1b37fe53721e3efb41e50d4b65092a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 p.cityspark.com cdn.cityspark.com
1 rules.quantcount.com secure.quantserve.com
1 ampcid.google.com www.google-analytics.com
1 ssl.google-analytics.com wintergames.ap.org
1 s-jsonp.moatads.com www.kokomotribune.com
1 www.googleadservices.com 1 redirects
1 beacon.krxd.net www.kokomotribune.com
1 usermatch.krxd.net 1 redirects
1 sync.intentiq.com 1 redirects
1 d.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com www.kokomotribune.com
1 ntvcld-a.akamaihd.net www.kokomotribune.com
1 z.moatads.com s.ntv.io
1 static.chartbeat.com www.kokomotribune.com
1 secure.quantserve.com www.kokomotribune.com
1 ajax.googleapis.com wintergames.ap.org
1 i.simpli.fi tag.simpli.fi
1 www.justapinch.com www.kokomotribune.com
1 geo.adspsp.com prod.adspsp.com
1 cdn.cityspark.com www.kokomotribune.com
1 content.cdntwrk.com www.kokomotribune.com
1 www.ifoldsflip.com 1 redirects
1 shop.cnhi.com www.kokomotribune.com
1 casmp.adperfect.com www.kokomotribune.com
1 d1gzrgn7m19oq9.cloudfront.net 1 redirects
1 digitalservices.ap.org www.kokomotribune.com
1 s.ntv.io www.kokomotribune.com
1 prod.adspsp.com www.kokomotribune.com
1 tags.crwdcntrl.net www.kokomotribune.com
0 id5-sync.com Failed www.kokomotribune.com
0 sync.hgrtb.com Failed rtb.gumgum.com
0 adserver-us.adtech.advertising.com Failed prod.adspsp.com
1035 274
Subject Issuer Validity Valid
kokomotribune.com
ZeroSSL ECC Domain Secure Site CA		 2022-01-12 -
2022-04-12		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-09 -
2022-04-09		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
prod.adspsp.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-31 -
2022-03-31		 2 years crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
ap.org
GeoTrust RSA CA 2018		 2022-01-05 -
2022-10-04		 9 months crt.sh
*.cnhionline.com
Go Daddy Secure Certificate Authority - G2		 2020-07-29 -
2022-09-27		 2 years crt.sh
*.appspot.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
editorials.circularhub.com
Amazon		 2021-08-07 -
2022-09-05		 a year crt.sh
*.cnhi.com
Go Daddy Secure Certificate Authority - G2		 2021-06-24 -
2022-07-26		 a year crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-23 -
2022-10-24		 a year crt.sh
viafoura.com
Amazon		 2021-10-07 -
2022-11-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
bandborder.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-10 -
2022-02-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
geo.adspsp.com
Amazon		 2022-01-20 -
2023-02-18		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2020-04-22 -
2022-05-30		 2 years crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
adspsp.com
Amazon		 2022-01-16 -
2023-02-14		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.associatedpress.com
Amazon		 2021-11-04 -
2022-12-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.adperfect.com
Amazon		 2021-05-15 -
2022-06-13		 a year crt.sh
flipp.com
Amazon		 2021-09-30 -
2022-10-29		 a year crt.sh
*.cityspark.com
Go Daddy Secure Certificate Authority - G2		 2020-02-13 -
2022-04-13		 2 years crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2020-05-10 -
2022-07-09		 2 years crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.azureedge.net
Microsoft RSA TLS CA 01		 2021-10-28 -
2022-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
bids.concert.io
GTS CA 1D4		 2022-01-08 -
2022-04-08		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-01-22 -
2023-01-22		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
f.wishabi.net
GTS CA 1D4		 2021-12-22 -
2022-03-22		 3 months crt.sh
images.wishabi.net
GTS CA 1D4		 2021-12-18 -
2022-03-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-15 -
2022-04-16		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-09		 3 months crt.sh
adproducts.synacormedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-24 -
2022-06-24		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-12-23 -
2022-03-23		 3 months crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.concert.io
Go Daddy Secure Certificate Authority - G2		 2020-02-20 -
2022-04-20		 2 years crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.imds-cdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-22		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.partner.permutive.app
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-16 -
2022-10-05		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
chocolateplatform.com
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.springserve.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
loopme.me
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
cms-xch-chicago.33across.com
GTS CA 1D4		 2021-12-09 -
2022-03-09		 3 months crt.sh
tracking.justpremium.com
Amazon		 2021-03-27 -
2022-04-25		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.tmogul.com
DigiCert SHA2 Secure Server CA		 2020-07-14 -
2022-07-19		 2 years crt.sh
*.tubemogul.com
DigiCert SHA2 Secure Server CA		 2020-04-07 -
2022-05-19		 2 years crt.sh
*.revjet.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-12 -
2022-04-10		 2 years crt.sh

This page contains 119 frames:

Primary Page: https://www.kokomotribune.com/
Frame ID: 6D854529E6FB668FA0FE7F4D223ECA0E
Requests: 254 HTTP requests in this frame

Frame: https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d
Frame ID: 6D3E4AA6F7B0C5F834EBB1EF704A4D30
Requests: 13 HTTP requests in this frame

Frame: https://wintergames.ap.org/CNHI/ap_widgets/widget/ad/latest_news
Frame ID: B9F8713E6071909E17F42876705A2AB7
Requests: 8 HTTP requests in this frame

Frame: https://2d1b37fe53721e3efb41e50d4b65092a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 18562786299A48C86F0B6EB9E04F138B
Requests: 1 HTTP requests in this frame

Frame: https://flipp.com/local_storage_data.html
Frame ID: 4B80FB030965D185FBB8E5DE042DBD39
Requests: 1 HTTP requests in this frame

Frame: https://a.wishabi.com/sync/wid_iframe.html
Frame ID: 588928075829B0DCFCA76D981FE82D46
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 99B6D4B942A647BCC8CD8D82ED762B7A
Requests: 26 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: 0D231161FF85DCD18662B773F1584407
Requests: 14 HTTP requests in this frame

Frame: https://api.circularhub.com/flyermodules?key=027f64b1828a4589&t=1643646832088&campaignId=&engaged_flyers=&mtypeid=27176&callback=__flipp_module_callback
Frame ID: 5A7A391006D2282C62C20FED5BA9D949
Requests: 17 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&dcc=t
Frame ID: 6B6A5357004B615A91EED44E39C5600B
Requests: 1 HTTP requests in this frame

Frame: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A5D486DE09DF563C21E45D282134BEA7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Frame ID: 0EAC8C7FA8A01767D8EC95563A64B755
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B64DF7062365821E151626BC8FF14D92
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C5896BCC487FF364DC17306E82C9AAE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE9N5qr-GJx-wtfpcKPGCqAfbgfwgvwEPW324xHFwX5fGtN_GuVmGQJlDJAqGFWGMHXQHa2OVNyrgD3b-lwuV6d5GwFC34sygBpHOFLMvQecmXbmTVt_7NjCuF0ihX64I-cmg67ywOnK3ZT7trM6LNsAEQMB0UO-6FuQjq36gIqZlc2ZTKafLh_wV8kU6pR1cPnJfZyzBwEIcl3CfdplVFPEGYzygkwmmFo-pLTuwH3MlKmJ_akGphE5tLN0x87JUEbdH7TtHFguxOOQaUsTSSpgTre_5zyZw_iMRCSI19g_9AFGaZvwccfMeE6Eh57igtx0-pfg4EEvkGiiLtBfkRlrk-62XFD5jG4aWcMZEdxQJqqw&sig=Cg0ArKJSzAOVSKcV-u7ZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FAC652F4ED9A26320C11CD97849CE67D
Requests: 11 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-3.4.1.min.js
Frame ID: A5BDB9A4267DFA813B8CB1DEEAE2D6F6
Requests: 3 HTTP requests in this frame

Frame: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B68F55D15DE5685ADA78A51D14531B9
Requests: 1 HTTP requests in this frame

Frame: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F8FC91497E9E51D2F37575527D3C86EB
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: CBB3319EA888B4EDD80064D19BA715BE
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: CFAC94D45B96DD3ABEEAD7E03FF8E3AA
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 48553E5C83592E185F9DEEB008C24B64
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbw-JjEsFmQMWhb1BAAAAAAA&expiration=1643733233&is_secure=true
Frame ID: DBD0606CED5B43639FC29B89846CC473
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3949519880991651774
Frame ID: 280FEDE9CDAD1FF9CF551A221F5DA423
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: B66575419737B94702244C9EE49398F3
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: F016378A2009BB59614CFB97198E7FF2
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: A7F45A1AA593B330261D5C72D26AC04D
Requests: 10 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 3BB940323CDE8B0779EB69B32F451934
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 6B7A379606DC676639FD92E174591758
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYNrDlStIj7uUa-yPrujtGGHcA1LK1z2F6QctxvGu59BQJ6wNP86YtJNOVJq8rQwTx2Wnf3SE9RpwMD-tSJlyKAyXWYb4RBRKrcVLCXHGgR5wd-US2laY-vglp3mQj6pRcG9eXjljpWSoF1hBeHJNtU_2wg3kmGlR_MHylcSQ8fGYtn9ppau2tCKeXb107MhY9Db0LLxQKWi4y9wpYxp9Llf4zkjcwEHH-xT4TCTu8LhPm6fTWDMpZhqnczhE_jmXInC0ZpDFHiuIukxya-54I_z9Re4Cl44MQHUnEWTrI5R0UASky_H_-5r7lXjz3jtmklYILCMWcAe1C3idRXzGvkgE1iNeWYeHtZtZcnlZ46Q&sig=Cg0ArKJSzOCNY7aALdlkEAE&uach_m=[UACH]&adurl=
Frame ID: A0202EE1562CE90162F67F0EBEED615F
Requests: 7 HTTP requests in this frame

Frame: https://6868765e4117553c807c0d618fa43454.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0F3D72CFD77F6E608B0BD7557040557F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=&gdpr_consent=
Frame ID: 56CDE60AB7FEB4951B56CB3122007953
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Frame ID: 2611E077E89951F4DB64B07E54F56748
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9hN2VlNzE0Ny0xZDQ1LTQwYTctYTQwNC1lNTY4MmNhMWQzYjI=&gdpr=&gdpr_consent=
Frame ID: F5ED6687F69D8F5B323B4ABA292D4C46
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: A4615715B16728557DAE5D00589836AB
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Frame ID: 8453100FAE595B597B62028654DBBDB9
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=f7b60080-53d0-4379-88f3-81d8f68637b7&t=1646238834
Frame ID: 1C2581B64FC8EB59C5A068216DFB422E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 8ADE2FA0B7C4755C0260121876D25B21
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=emx&i=4909702476009743137brt64401643646834070633ad
Frame ID: 4D120553DC98E9D02BE1807C361D78A2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YfgPcsCo8XoAAFYfHGMAAAAA
Frame ID: 1339916D5D99ACF7C5B6684F76DD865C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=bcnkGZITNXiKo3lkzC0B&pi=gumgum&tc=1
Frame ID: A47D3540A31DA80E9021CF85BDA9596E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COrblOMCEPbe7egCGPitqrgBMAE&v=APEucNWMM7MNfJRgrUGr4zfai2nrthtpssHL3MMcuKum7LGFTi6bapV1z0IgzfrXgynUHpZkCOsq6bpv2Gfnv5qKB6vgdu9wZw
Frame ID: BC64F8BBAB8022E3AD4E6B310FC0D80F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3wKAgdOUqaIPSFVGbasJhtzaBVqFcvA_hJTvv-eKp4hdNEreIJL0dC8v3OqFZQMymmNyZlwv6_iD3mkoozoNfIRS3N7CJBHO8XSAueO3FqmzcJHi976YgVVhUQgN2LStPRkJbbNNOYw3DjP9Lm_bW7ct2iw&dbm_d=AKAmf-D8oFhcCykmBS3nDn-9q_VHqlHbTWBFB2uVml53-sk8sYwheXWpt2sWQMBYxRbkgYO4ULHGmS9j5ma24M-kVX11qcDt3lR8r8el__bXIVbYHZ5DmCaVbLPiyldiqhXtbEr7KyKNpze2oj7Uai9C-tbmJh7_eVBCAsce_1_tXoJrRXEQYnfgEFoZbG6nIreBRpbo5WQnEhdk0o20r0llPOjFiGe4b8goAAleDihdICF9HI3FXD8PmahAQFAisJutoC2895cQlhOyELjlSp8ZA4LMDAGOALj5R6Bv5cfarbxPqvKw2CaO1kjdPNT78e5K0Ze8sLUhoZxHDmtmhf_w2GjiD1hUNclyv9EXO55AK8pb0cmp7Zr--8IBeuSgMN9mn3PcVXUqqBZHMLwJTb5ToGrJRtR9WYljawQib5MtaJ4tZR4Wax6Cx2DW1TZ5zVkZ_VB6kZGgGpzN1lbz5JeRAfA9YGC9p0jY8dW6LIWJUK7J1tNlAX_uksAQOcodW9F5PXsmnvnZPVZUGXVmYvdo463RsvIKoYWpp9xAD4bJtqh8vioQqE4T5Jh_FngkITKh9VvH6tyJ0JDqRkDTrxyfCS8WEvKUuoDEpjnqHsiYalGp7P3u_-20GtImEOY0dfMJA48J3QKGKVVFoJ7-lfyURqmVuwirV8AwcVhdgxENb9rJLoklNIfeeBBarCD0G-EcNtKRvXSxNcztCEfTTsx3sPNB5dIT7WeTLDUoa3F4fefsNIHLn0u3otYjtDWbH_4vWYIzIQKxmqmeT4mClb2IJZsRDH11pUkzMGizgIgjqRHcAhxgadJVLCChFj97TtBL3T_WQezsF1CpUY6OeY1xf98IoBzQyH30hD05Pv3mU4rFgdyuI9HF9cfDZlZORXR68KW8_QJapfjWWY8cgBKkF0bRwjJvkU13vcC4FRkLbOT4OWtSQr0K8FVmCeVOPex8vS8fBbZNRPf8d8-La7A6Cq1PcAWR77Cqxg0h-PlLhm1VNA2BgnHuQzstzHyf98YyPv9HV-61IPrDg6pEA9iywF0nE0Pgg-6FtwZLIUP4UTFTzWSUgmJRNVj9VRqF6ODawrCJEQ91LRhMjqIC53Fle77jzj6lO6EmhE0hXkyJPz6clCnXNjEQ3klCFbgN9STuwRndwVkhd5yv-KSHxenD7AhzXXDcqqR-JGfbTFs0gf_JNra-IyCL-BSbH3qQw1NISfIlB1TEnDuU0Q3-wXEQmLFKF4kQqd4HinREx9oQCdOfy3BUu2EumTmbtyTY7739BgioCafhsScRtJUE_ZNUlzpt2s0VgmPahpjiXAsMcdZdj9PXRhZ5nAsJZ1qvi9bWhUZn5cNxJmL05aXjk93pcLdb2zfSszmlxteTqPlpD5l7ta8Ddh-hjghzX80WBwJeC5fkJx_YMOI_VGIuUHmG-zklAOzCYlgketCW9l9DvPCgXyVrm_rFNR2LW0-ItGFu3R9fI-7rWnmNcCfytLPJADD9J8YbWFZtPiryDETVJKQc7YMk-tULVp8m47bdO1UExmCuznycX3M5lcbOIQkjpf1qWMXOnWgbkLOx9j4ji86dYz_U0wgdKYY9ImgXNJydqIEs42dmoGa2817ojQ2Hu-6ZJmpxCifw9tN6BU4i03eLt0dugxovcFdEKGjXD5hxWZyAfC0dpOPhPNWaFYAH-a6KPg6irOq7FIKXfO5GPfdc10jjvKyn4v2eItZ4S0BQShaizd437OFLbDEZv8fxON_m1Y4DAM_yVXsPGO3PBFZYallDEEYX2aO_cieldAo3nSkKIb33NkZOoNW_fMZzz-SG625Vwtmg1qEAz14cmWG7LYclTUvkoj8bX4XNTsdjmtW46MdlI4L4FKOxlFvK62fG3LuDIGxtswAji3bRGUxGEiiCI5Cba3cO2KgIKPBIEXw8v4c-Tp_l2C_7ImQAkB0mDNJA8eujyM4YbJ9NClqUauhIvyb95MLiE9QO7HQFxRRBc4gIxgWkl4Zg2E1HxcIK81WoZ0YWoGLzrjBfv41oeCmqfx6qN0_LGyp3TNjTfIwgLfl-kleD7lCCy5KI7ekQawjSYq7a_cbuTgZfuI4NihJHsoam9dnk6N_f-sy7b-_sGHFTfH7rj7i3yaiIZPsfVpnMOqUKm54syXnCV-QqtRxnpGIF6wtPCorx8yM1B12yPBa7a2yo9xzEiiX8SVgONWYrE6963qJxgnSxq2VcTjXtaO3O5ZCSMgYHg8UCP_QnDwFh80fV8UHhevShEufvGgSmYoEbKtAURLWZ49Hk6AAAmtPI3N8-mB8Oshmzj0uuNBTxRlmCyH3SuXjEMEOz-1LJZk9UH9ToQzMo7bu4WsUxLR0OtGcnEIroLsuzGDKerEBMP1KVI9ejr1PvQr24DEsv4V81KlRfH5OLaN2UdzHRUeQFiKO4yfLgiLlJmmapUYmX4PIMS8BjWbwdfdkvtB0fDialOtLUZozNaWbqu4mT30FsYIhlbUBLNWPVVWjpaMAUC-28slV5oDQsYmjN4YGcIEa1WnRPqnwPJVE0DYyC7L1sEJFI75JnqITGNJabqY41FOIZ8ggfflnKkspHGkl0pxMHnoVLi2ENDgBHQmeLikoxXrmOuwbllmHJBckynVst61XynZQIXr_PAcFBMmODLG0-bjBISPMo2-ONXvPmJ8oHaFauMsB8fFze26N1Os3GsJKisdrDIJJL_Q34_mMYi0dg5NHJcDpu_pamjT9a2eAhFyb1Tryg1_5xYRRDaGrn9tYKqDreiekqqYxWIkIKP36AQRY6oJoG2Tr4Wjr3sovFMaPsfDXqHqr0e0F0ngd6Fh3rYKloM8GCNtJysZQ6q-Mxwo6Bs7g-yf--VHyY7JuelfkoRdtEgHbs6nmAVV2zfp0aqFJ_iPo1cPdUAZ3dV3cGD1w1Rc1EQicwxHTkZ3VShU435kthOMW5zbRXvv1d2Rx1Wp2Z6I-Tjcuwe4WFGd7ltNEyGMj9aqMFHyojvfJGOkmu0gCiAVHJDN097-CFDbDod-QaPB4sCO0GfKtr2iyckRcXpQETjY79Y3fDlSPdsq5uJtonciTE3IhG1oNawmdAIssrtax-ywt68lpWPIrCqpR88aDBsZDTCkXkdxe8dh6HbzWc7oGhoH7EBbzJDOj99wTMMLq6jgpQkdcaKQr5sdxK2x_jTOD_iKU27toB_sJv2KnaXGcsAyJBeO6l&cid=CAASEuRo97_5wT3OTefaP3zQlOGgkQ&rfl=2%2Chttps%253A%252F%252Fwww.kokomotribune.com%252F%240
Frame ID: 3A4EDB19132BA9AA8387E445D7EFFC06
Requests: 14 HTTP requests in this frame

Frame: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5376543832F6D8D86CC265AA6CC1D916
Requests: 19 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Frame ID: EC2439FF607ED47C96CBAEAFFE83EA74
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE2A650C1FF6A3F67FB3AA4F402A154E
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1h4sjRxrx_1gikn6wyo0m5ntrs2mrlO6i5LReb_VHPKeemH0Koy_32zndsPeSQfRjLrgJRYafbt_7zx9e9xMS4oY8dy0gzk49JCyz1lhPqL9noNXqpQ6OwTE-hk4wqNHtVTWEN7hO6vY7JiKaJwisFnP5_RX972pbF6f65i5s_RapWyZqQyukBWSSZjAhLtt0V_yGAfPQMrtc5f9nrq1DNijLCBJ4lixoHRBJQBU1jubCX8xHnN6iCmYpbQSAwJcAtjsAN8-0HEQcJAF-HSWhTRrqvGW6jkVEWWUVP1t0826Nu-3d4OY49o9H1TDGwACdgyB5Sc3asmnO&sig=Cg0ArKJSzCqWlyzwrCYVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 57BD5839EFD9DAA7CE62B4E51D898C34
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYivsOYXwqh063jTbm_mEsXrETqjGoBG_tkob-y5RRMZX18FVCbJc9HkTQ6MrBrQhF4DzJrFVJ_54wGW2hoURFnlpkhbqcpaKkqoJP1CNYeppG7oTbEQU1Z5FHWwjcdN3Binwj8pc5ccKXhzCBN0dpW41s-PmUhfDSmw4NpF6IhRmxn3FMhgTDOtNgxY-VOoZywIq287xqNp4gYVmhrjABHHG7ZdbCrvrbhweBqmKRrMBvUCKRbZmL8ZHjwra4WjqRJ0kUbOtnWaeYgChWuRh2eu1rhZTBeZqP3C6vYxueAXp6qJmuT-UlvXVHGLnoarUr4tiylfmOskZPIQcNMPZkBxSRdg3Js8g1CpFiJs46Dg&sig=Cg0ArKJSzI9MikHdNZiTEAE&uach_m=[UACH]&adurl=
Frame ID: BE8ACEF2A2A4E53E8A22ADA1980844E5
Requests: 7 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=97A641CF-0105-4E75-A3D1-DE931CED0425
Frame ID: 3B969341C1B219CB32A011FD4634BA9E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfgPcgACvaPt5gBH&gdpr=0&gdpr_consent=
Frame ID: 8F20C58C2E13B31E37257D6BC5D28C05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=0&gdpr_consent=
Frame ID: 1D38624877056A748BC9CF8C5BF726E2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=97A641CF-0105-4E75-A3D1-DE931CED0425&ex=pubmatic.com
Frame ID: 71334819DE0D1232EF7F3AC8E2466B98
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: ADFA8E7CA648AEDE9AA220F3EB15427E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 72752650E57A10D7483A2009BE606999
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 460F75E94F7A88A5DE9856522FF2FE05
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E8C555AE401A3FAD8635CA786BC543B1
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 23DFE5D53E65F1DB7C95017C6404B50D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.concert.io/lib/bids/sync.html
Frame ID: 26D326F033E53ED01EAEBA14B8DEA2D6
Requests: 4 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Frame ID: E2177697E587C85B7F3039F7B291A8A0
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8531CEF316C4E498E5E239A4AE7C8E12
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B599D937510A731AF01B5DBD8D68F3EE
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 602C48646601A3FFD5BAA493AAE72433
Requests: 3 HTTP requests in this frame

Frame: https://6358cc6f43e096b69013ca8fbe8a0fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0E72233D0EAE0431517421825DC0B460
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
Frame ID: BFE3A002B44FD1F1FA1FE9A5042FEFED
Requests: 6 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 97DFF81B2E2C652813BCC44A5219C222
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG3oTgT6sYjVeP6nacE2OLLCDtumraMJ-IOuh2ikvOGxF_NYBrdZ-YO-dyvl00MIX9kzP46bnjg7GzK3x4l-tUGCbfnGYivMh4iVQD9EnDuyiQZ2CbaDrWJ9Rl8qgPsljKx2piP7BvvJJA3fLI0_CedoDwZZ61QsqMeaFhYzOWdY8EcnpiPSHXKtkyFzxDFl3-WLmv5RtQlNGYzq3nKawGAOG_A71uifLqO3R1M7JddIQRUyC3L__4OJWAjxx_VQrmC06EEW6Xwc88jSlIepJt27zNKto1yz3Ozeyq4LokhEUNzayi4n-X9PR86mWMEA&sig=Cg0ArKJSzBLoGyrwsGYoEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0B318E8C92E6A61B9B97D86EE5E04EFE
Requests: 69 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: F19337BDE085034FC4C9E3C1808007CA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 04D32B80FEEE5D93FB7848A0340D202E
Requests: 3 HTTP requests in this frame

Frame: https://64079d933a1814e8a7c3237fb16b6abd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2A7D2316521762E8AE17F6D79B32D88A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIpvoMGhDSEK9G3tBnlf04-C3TA9dfURP7AWHYL7uSs2TSVV2zGpxedA_gfkt7SgEVLby_N30-xmt6kKsnR3uVBml65O0AfoSNF35XAOXK9ZenvoWayR4TvxIbVFJTTlLVbkMkisyxHGFUIlnjYGv-HGebK9utQGWvTLwfVQe1jf-Tb4eQuRgvp0PP8RcUjwKVKxAkaQ1_4a2EScjt-EfSsg-OtF4puLXPSjRK1jNySsGbJ2afFgpkOqF7k7nbq-76IQ3gfeh2dtiCz5kRRDzOeDvvv7AzIRwMLT7lRqjRi-fTM8EKiakObttexbNao7EhFvQN261CwF8aOqJJXMK9yaVARc8J6K-2t5VCuA&sig=Cg0ArKJSzLXeil_bqzQUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A58E4443C0D274A53C058E84C6BEE51A
Requests: 74 HTTP requests in this frame

Frame: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
Frame ID: 6C648C9FCDAEDF635A4AA334A0ED9FD2
Requests: 21 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Frame ID: 6181C1CFE8FB1969CAAF335B1FFA9491
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A0ABA34E1D110452CCD291CF960A54C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E3D2B000A52C04B41D7B2CD30863D378
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/00/00/00/uat_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback
Frame ID: AEB626C6273B21804D0CA304685AB3EB
Requests: 6 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Frame ID: DFB322A07FB6B5FF06092E3EE404AA7E
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html
Frame ID: 5C65425A9B7435EF357D711FD1DBB619
Requests: 23 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html
Frame ID: BB6CE6ED420D0ED5D27646CAFFC08C3F
Requests: 21 HTTP requests in this frame

Frame: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
Frame ID: FC9A501182CF3C74FF454BB6022E12FD
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: 53E4EC118AD9E874CCB7AD6C46CBCE20
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Frame ID: 3483416252FAD70B02DC5E50B8AD8479
Requests: 14 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Frame ID: AA5534B79B93E6EAFB7BDC682ACBD003
Requests: 12 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=101769
Frame ID: FA41DFD22EC91211F8F3818EC269730B
Requests: 3 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Frame ID: 237D762DF8DC9FF2F2C28231E4962B3A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: 5BF2438CD2CB72049371A8F7056A1250
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Frame ID: 65080E90258D8C53EF6FB80E3F8B27DE
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: FAFEA4E5104CC87E4E2674D0FA1FA424
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Frame ID: 3FF609CE22CD4ABB574B7CB5EA2AE99F
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Frame ID: 416FCB3EF12A0C6955E8ADADD6ACD741
Requests: 12 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=101769
Frame ID: B71CD2EA587BB2F7B86B3949CB89433F
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Frame ID: 337C9F4D1D4AF4566E21C3E8B86A5E5A
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: C9BEE2808F98D1F5964188EA7EA92CF2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Frame ID: 66F5604585968D7A44DC02E8C6E9BE53
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DF7A19388A113E96503C63FA6A9A7D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3F425D3753620F807BF277D6CFDED55
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 321502BFB499520EA1B7839A39E34379
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9352F858E9BCAFC068E5BA8F5F1F013D
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 1C4944BC1D37EDC8EB17C69DC95FDC2D
Requests: 12 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AAD-x07D8B8AAAY-sIC1wQ&pid=558502&do=add
Frame ID: 86012954894F1619026A39E124009B41
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 980C868C2F36D837205EC5955D4EB562
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_c4178cd4398a43e0b5321
Frame ID: F5A829A1F43C7B4CA5CE2AFC97D0389C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=965dc45a-82b3-11ec-b646-6a23e1f7cedc
Frame ID: 4CC13CC3DC7E9FDD659FD5597BB59DDF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CSunf-cDTytmJwFi_KJ-CCV4isM
Frame ID: 867DA2925438E3154EF5ED0F9343AE51
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=45&uid=97A641CF-0105-4E75-A3D1-DE931CED0425
Frame ID: 12E46BDF8652FC174A34CF754517D792
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_5ad38643.js
Frame ID: E80882041E1BAD25456D0C9DDAD1E4D2
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_5ad38643.js
Frame ID: 083E1031D122DBF0B9F91F17C3AFE57E
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x383%26iu%3D/5284/syn.synacorengage%26description_url%3Dhttps%253A%252F%252Fwww.kokomotribune.com%252F%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26output%3Dxml_vast3%26impl%3Ds%26correlator%3D1643646837769%26ord%3D1643646837769%26url%3Dkokomotribune.com%26cust_params%3Ddfpcid%253D138343928427%2526dfpadunit%253D%252F5284%252Fsyn.cnhi%252Fcnhi_engage_reflex_ron_payload%2526sizebucket%253Dsmall%2526dfpclient%253Dsyn.cnhi%2526autoplaydomain%253Dkokomotribune.com%2526browserclass%253Dchrome%2526autoplaybucket%253D90%26channel%3Dvastadp
Frame ID: 65401EEA957753456244F83BB7D1A118
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYcT4OJvs6_KmVY36ZyEfOJwmlObglxic9kUz4EvL7RIUwvGiN9GTksnBbpNT_51B8z-A9wBMjjs8MworOtHOKz3vDHXilblCO9p72NwTrylfRx8ZSlZKcKkfqMtcsccoOkVG-IQ8LFq6X2nqg4t5EaK8a11x8L8FCy8MnBBPiOdeF1a-Sg8jKb2FqeoUppsza0fYiHpmC-QXh6dJaHUqfOrdK7z4-10KZlTjYP2nr2Zmsgmd-XvX0G0sNtyKT3JKoigcnNKL5hhuuUINs-Wj-S_6TA7szSeTRhLfozsES4DPzikiytsD7PCDXjI2hiMnZzdznU29SJoxqMw&sig=Cg0ArKJSzMfBP8Fkg7YTEAE&uach_m=[UACH]&adurl=
Frame ID: 0BCA5DF573EBF70356F63C1726E14471
Requests: 8 HTTP requests in this frame

Frame: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB253DC9D3254B3F89FE32DBEFECE8C0
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A72F252A7B41AEB42AF124E97F5C3054
Requests: 8 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=lxssa4KzEeywYj6elZ3eVw.1-1.MB
Frame ID: 52C69505493923518CF5B10431FD69D1
Requests: 5 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Frame ID: 6D149CD0C86A678F1793EE627DB37108
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 45CB77A9F73DAE50D9F02CE202E7351C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: E505F15CBF02EF43A6A5D3BA0FCF17F1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 05334F1382CC169AA9F88D6D5F08140F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: C8EC62D0AF51D24511F8BC3550A40BD8
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=6893/rand=365624566/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20kokomotribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22local%20news%2C%20crime%2C%20weather%2C%20breaking%2C%20sports%2C%20weather%2C%20traffic%2C%20breaking%20news%2C%20kokomo%2C%20howard%20county%2C%20miami%20county%2C%20tipton%22%7D/rt=ifr
Frame ID: DB590653B998B85DD4C393A59BEDC222
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kokomotribune.com
Frame ID: A269AF5B4C40067C7E32FE7DE0DF2073
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 074824D6AE2BEE27B6745326A38A3CC9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40DF1CCF8CDB9B3E46E490824D412AD9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kokomotribune.comArticlesimagesVideosCommented

Page URL History Show full URLs

  1. http://kokomotribune.com/ HTTP 301
    https://www.kokomotribune.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1035
Requests

77 %
HTTPS

0 %
IPv6

163
Domains

274
Subdomains

167
IPs

12
Countries

10377 kB
Transfer

23369 kB
Size

318
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kokomotribune.com/ HTTP 301
    https://www.kokomotribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com HTTP 301
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
Request Chain 46
  • https://www.ifoldsflip.com/read/getTitleCoverUrl/21224/250 HTTP 302
  • https://content.cdntwrk.com/files/aT0xNDQ2ODE3JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPWU4MGZkMjkyMTUwNzk2MGJlYzgxODUyNTA5ZmJjNTM3/-w-250.jpg
Request Chain 95
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 96
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 97
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 98
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1643646830176&ip=37.120.138.195&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D163850504048006765284 HTTP 302
  • https://um.simpli.fi/aa_px?sk=163850504048006765284
Request Chain 99
  • https://um.simpli.fi/nexage HTTP 302
  • https://pixel.advertising.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Request Chain 100
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72F68BF5CAC442F6A9C7DDC6AF708C4C&ckls=true&ci=laymcpWfEK&nc=false&trid=913102020 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D2124307461%26rnd%3D-326685743%26pcid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTdBNjQxQ0YtMDEwNS00RTc1LUEzRDEtREU5MzFDRUQwNDI1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2124307461&rnd=-326685743&pcid=97A641CF-0105-4E75-A3D1-DE931CED0425 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2124307461%3B1402230080%26rnd%3D-1668722323&pcid=$UID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2124307461;1402230080&rnd=-1668722323&pcid=4909702476009743137 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D2124307461%3B1402230080%3B1709765917%26rnd%3D829553842%26pcid%3D HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=2124307461;1402230080;1709765917&rnd=829553842&pcid=1ecf39d0-5deb-4312-a88d-d898376772de HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D2124307461%3B1402230080%3B1709765917%3B1486637409%26rnd%3D2067582216%26pcid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=2124307461;1402230080;1709765917;1486637409&rnd=2067582216&pcid=926f08b8-82b3-11ec-929d-1ee132960503 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D2124307461%3B1402230080%3B1709765917%3B1486637409%3B1072441116%26rnd%3D791299099%26pcid=[MM_UUID] HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=2124307461;1402230080;1709765917;1486637409;1072441116&rnd=791299099&pcid=6a6661f8-0f72-4100-92ed-e1893d6cb49c HTTP 302
  • https://ce.lijit.com/merge?pid=8101&3pid=laymcpWfEK&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D2124307461%3B1402230080%3B1709765917%3B1486637409%3B1072441116%3B1678944572%26rnd%3D-707261827%26pcid%3D%5BSOVRNID%5D HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=2124307461;1402230080;1709765917;1486637409;1072441116;1678944572&rnd=-707261827&pcid=1da497eb4b4e340f36ac8aee HTTP 302
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D2124307461%3B1402230080%3B1709765917%3B1486637409%3B1072441116%3B1678944572%3B396218182%26rnd%3D-2136835725%26pcid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005?redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D2124307461%3B1402230080%3B1709765917%3B1486637409%3B1072441116%3B1678944572%3B396218182%26rnd%3D-2136835725%26pcid%3DRX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=2124307461;1402230080;1709765917;1486637409;1072441116;1678944572;396218182&rnd=-2136835725&pcid=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Request Chain 101
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 102
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 103
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=72F68BF5CAC442F6A9C7DDC6AF708C4C;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=72F68BF5CAC442F6A9C7DDC6AF708C4C;mimetype=img;sr HTTP 302
  • https://idsync.rlcdn.com/400646.gif?partner_uid=-5300206588947378593
Request Chain 104
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=72F68BF5CAC442F6A9C7DDC6AF708C4C&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=72F68BF5CAC442F6A9C7DDC6AF708C4C&j=0&xl8blockcheck=1
Request Chain 105
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&verify=true
Request Chain 106
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 107
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 108
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 109
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dnr=1
Request Chain 110
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNzJGNjhCRjVDQUM0NDJGNkE5QzdEREM2QUY3MDhDNEMQABoNCO6e4I8GEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1177ced81f915cf4ee51c848e60dc6c6107f025e4831dbecf44a76e317e26e28791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxMTc3Y2VkODFmOTE1Y2Y0ZWU1MWM4NDhlNjBkYzZjNjEwN2YwMjVlNDgzMWRiZWNmNDRhNzZlMzE3ZTI2ZTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwI7p7gjwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxMTc3Y2VkODFmOTE1Y2Y0ZWU1MWM4NDhlNjBkYzZjNjEwN2YwMjVlNDgzMWRiZWNmNDRhNzZlMzE3ZTI2ZTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwI7p7gjwYSBAgCEABCAEoA&google_gid=CAESEL0rZVtwwa-jejcL7iEbVvI&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Request Chain 111
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1643646829859&cv=7&fst=1643646829859&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=78050689&cv=7&fst=1643646829859&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bg_4YffNCOePoPMPraWBkAU&sscte=1&crd=CNPgGw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=78050689&cv=7&fst=1643646829859&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=bg_4YffNCOePoPMPraWBkAU&random=2788713793
Request Chain 112
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&__user_check__=1&sync_id=926f0932-82b3-11ec-929d-1ee132960503
Request Chain 113
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 114
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=72F68BF5CAC442F6A9C7DDC6AF708C4C&expires=365
Request Chain 115
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEJqAhdXDtckq8WweGwMQwgc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=72F68BF5CAC442F6A9C7DDC6AF708C4C HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 168
  • https://www.flipp.com/local_storage_data.html HTTP 301
  • https://flipp.com/local_storage_data.html
Request Chain 225
  • https://idsync.rlcdn.com/398526.gif?partner_uid=null HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=bcaca006-dcea-4d81-b391-ce48e2b45013
Request Chain 249
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&dcc=t
Request Chain 254
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 299
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEBvetbCl0YJVgp0CmL1qOLJ6DKcjpNAGap7MHCmWZldWrKCkV2EICTZCJmORBb15s1bwhGv-m8IQG0SFf0VHCrd5rezVnbv-P2YReh0AEJei72cUqwQhst9fo4E6XS6qvKKafhddqEiYlorKxEM0brpsRVWPIZab7sGKNnpMyocev1pT55YBJ07kI32jAXuTTHx8RmhRIsgX0o8lCC7kH7VMWw6EAA5EhK4OVojwNVOrYrxUjO5_Z42QKX4r-TLlUF-5L19wR7CpOeZuyxPZicSPsW9NWzoAXVxPNX0AMIPi_QbPkqN-EKGdWfMvkSc9LK_KcBvv4v9ZXAQ&sig=Cg0ArKJSzA5--AgQ6x_hEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/9980687455272680003? HTTP 302
  • https://tpc.googlesyndication.com/simgad/9980687455272680003
Request Chain 301
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=0d5a1267
Request Chain 302
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=72F68BF5CAC442F6A9C7DDC6AF708C4C&ex=simpli.fi&status=ok
Request Chain 304
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 306
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=3c2e3a05c0b5121b&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbw-JjEsFmQMWhb1BAAAAAAA&expiration=1643733233&is_secure=true
Request Chain 307
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3949519880991651774
Request Chain 308
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 329
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YfgPgQACsmpXoAAy HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfgPgQACsmpXoAAy&_test=YfgPgQACsmpXoAAy
Request Chain 331
  • https://match.adsrvr.org/track/cmf/openx?oxid=e96adf60-11ad-7be1-ece8-4ebbdb2f31cb&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=e96adf60-11ad-7be1-ece8-4ebbdb2f31cb&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7b60080-53d0-4379-88f3-81d8f68637b7&ttd_puid=e96adf60-11ad-7be1-ece8-4ebbdb2f31cb
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNMg0AJHXETp3T091ZSQmM&google_cver=1
Request Chain 335
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=4909702476009743137
Request Chain 336
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=eefa9ad8-4158-46bb-92a1-aaef01e03c3c&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Request Chain 337
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Zo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Zo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2&obuid=ENC(Zo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DZo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb%26uid%3D%7BUSER_ID%7D
Request Chain 338
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=1e577b10-39b8-43b7-8b93-5e56137f308d
Request Chain 339
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-47f2504f-6bfb-4f0b-4dd8-9cfb7e168953$ip$37.120.138.195
Request Chain 340
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-KEDMcAhE2pfN_ZJvABJVd8oZ9EpxE3mqvMIE~A
Request Chain 341
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=946cd5fe-82b3-11ec-a9bf-a10e15a78249
Request Chain 342
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://rtb.gumgum.com/usersync?b=snc&i=23648134860141EF92D2E2886F7673DB
Request Chain 344
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://stags.bluekai.com/site/23178?id=bE3P6EoNpRikArLZ6rOk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVREKM2QGZCW6TTQKJUWWQLSJRNDM4SPNM HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVREKM2QGZCW6TTQKJUWWQLSJRNDM4SPNM HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=bE3P6EoNpRikArLZ6rOk
Request Chain 345
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=7551d5a1-6701-484c-855b-a0261d33ce27
Request Chain 346
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1643646834127 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5467241966 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f7b60080-53d0-4379-88f3-81d8f68637b7 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Request Chain 347
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=voXcyPVxQiGh&ev=1&pid=558355
Request Chain 348
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=3721647956072104407&gdpr=0&gdpr_consent=
Request Chain 351
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=
Request Chain 352
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=
Request Chain 353
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=003a4b88-32d8-4c14-bcd1-5c5358de9a09
Request Chain 354
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KZ2WVVLY-V-AYRH
Request Chain 357
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=4909702476009743137&pn_id=an
Request Chain 358
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=nQHGQJtWlh6GAcUcz1ONHpsCk06GCZkbkgkuksyk HTTP 302
  • https://ads.yieldmo.com/sync?userid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&pn_id=bsw&extinit=0&gdpr=0&gdpr_consent=
Request Chain 359
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 360
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=CSunf-cDTytmJwFi_KJ-CCV4isM
Request Chain 361
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=voXcyPVxQiGh&ev=1&pn_id=pp&pid=561118
Request Chain 366
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&expiration=1646238834&gdpr=0&gdpr_consent=
Request Chain 367
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfgPcVN.dLfCtiUyYqeTcwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1&google_hm=2
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_cver=1
Request Chain 369
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YfgPcVN.dLfCtiUyYqeTcwAA%26989 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=26a94e58-3000-46ba-b05a-3d16faf5595f-tuct8f194f2
Request Chain 370
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c0ae7855-9d0d-4698-897b-bfc60eb0fab4
Request Chain 371
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9b7ad47b-f4ea-409e-afbe-43e4bdfc9bce&expiration=1675182834
Request Chain 372
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420248101649
Request Chain 375
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=&gdpr_consent=
Request Chain 379
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Request Chain 380
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=f7b60080-53d0-4379-88f3-81d8f68637b7&t=1646238834
Request Chain 381
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 382
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9ydGIuZ3VtZ3VtLmNvbS91c2Vyc3luYz9iPWVteCZpPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=4909702476009743137&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly9ydGIuZ3VtZ3VtLmNvbS91c2Vyc3luYz9iPWVteCZpPSRFTVhVSUQ= HTTP 302
  • https://rtb.gumgum.com/usersync?b=emx&i=4909702476009743137brt64401643646834070633ad
Request Chain 383
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YfgPcsCo8XoAAFYfHGMAAAAA
Request Chain 384
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=bcnkGZITNXiKo3lkzC0B&pi=gumgum&tc=1
Request Chain 395
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZ2WVVLY-V-AYRH HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KZ2WVVLY-V-AYRH&ex=d-rubiconproject.com&status=ok
Request Chain 416
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a6661f8-0f72-4100-92ed-e1893d6cb49c&expires=28
Request Chain 417
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyV1ZWTFktVi1BWVJI
Request Chain 419
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ2WVVLY-V-AYRH&sigv=1&esig=2~9bd385c4509decc6785afcac9af2c4499518baca
Request Chain 420
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=&expires=30
Request Chain 421
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfgPcgACvaPt5gBH HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfgPcgACvaPt5gBH&_test=YfgPcgACvaPt5gBH
Request Chain 422
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTNmMjBlZGY2ZTc3NTM4ZTE1OWQ5ZmRmZGM4NWNhZGM1NmYyYWFjNw
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELPfKrfM-TchNcCPs5we63Q&google_cver=1
Request Chain 425
  • https://c1.adform.net/serving/cookie/match?party=14&cid=97A641CF-0105-4E75-A3D1-DE931CED0425 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=97A641CF-0105-4E75-A3D1-DE931CED0425
Request Chain 426
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfgPcgACvaPt5gBH&gdpr=0&gdpr_consent=
Request Chain 427
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=0&gdpr_consent=
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l6ZBzwEFTnWj0d6THO0EJQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 430
  • https://idsync.rlcdn.com/420486.gif?partner_uid=97A641CF-0105-4E75-A3D1-DE931CED0425 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAbrQ6EYFZ7DdjVvIzWhAPA&google_cver=1
Request Chain 431
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOl3p0bIGsdj7r51MyLlb58&google_cver=1
Request Chain 433
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 434
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3949519880991651774&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 435
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 437
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=24TFnElmDWTMk19Moy7cilFWRxE&rurl=//dmx.us-east-31.districtm.io/s/10007/ HTTP 302
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=31daf846e302121c&is_secure=true&version=1&networkId=33921&nuid=24TFnElmDWTMk19Moy7cilFWRxE&rurl=%2F%2Fdmx.us-east-31.districtm.io%2Fs%2F10007%2F HTTP 302
  • https://dmx.us-east-31.districtm.io/s/10007/AAAGbf6wWgd_zwNvyrF1AAAAAAA&expiration=1643733234&nuid=24TFnElmDWTMk19Moy7cilFWRxE&is_secure=true
Request Chain 438
  • https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
  • https://dmx.districtm.io/s/10027/bcnkGZITNXiKo3lkzC0B?pi=districtm
Request Chain 439
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
  • https://dmx.us-east-31.districtm.io/s/10016/YfgPcgACvaPt5gBH
Request Chain 440
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/CSunf-cDTytmJwFi_KJ-CCV4isM
Request Chain 441
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
Request Chain 445
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=KZ2WVVLY-V-AYRH HTTP 302
  • https://rtb.gumgum.com/usersync?b=mag&i=KZ2WVVLY-V-AYRH
Request Chain 446
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 447
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646834529.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 448
  • https://ssc-cms.33across.com/ps/?_=1643646834529.&ri=0013300001r0t9mAAA&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 302
  • https://rtb.gumgum.com/usersync?b=tta&i=117487727574175
Request Chain 449
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=the33across&gdpr=0&user_id=nQHGQJtWlh6GAcUcz1ONHpsCk06GCZkbkgkuksyk HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3Df099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Request Chain 450
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646834529.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Request Chain 451
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-lnHlA3ZE2uGuWpSdjLURanbTLlmW9h7y~A HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-lnHlA3ZE2uGuWpSdjLURanbTLlmW9h7y%7EA&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 452
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=3cd6aea7fa4a121b&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGblmjalQpHAN4929rAAAAAAA&expiration=1643733234&is_secure=true&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGblmjalQpHAN4929rAAAAAAA&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 456
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1
Request Chain 457
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfgPcVN.dLfCtiUyYqeTcwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1&google_hm=2
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMIBjexfOXSzlFz29J28i_U&google_cver=1
Request Chain 459
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwOTcwMjQ3NjAwOTc0MzEzNw%3D%3D
Request Chain 467
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1&google_push=AYg5qPLpJnV9E9uc7kOa1Fe8i4yR-OfFck-w7hg9fS2UUNMuVGrwii1un-LNbI2ezjYy7u0a9VHP_h_ZbgchET2d5M8hb82UUEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk0OTUxOTg4MDk5MTY1MTc3NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1
Request Chain 468
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBQmqHPkrig6yZxh-VMeM7E&google_cver=1&google_push=AYg5qPJKuvAOiYbghyZyu2QhqKVoqdoF2Q1q6kAE7GGMYYF9KO_tZkThBncySQA2pPFCmXp4nzYQFHSKeGq_iQqu_WkS7mc-Pvf8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJKuvAOiYbghyZyu2QhqKVoqdoF2Q1q6kAE7GGMYYF9KO_tZkThBncySQA2pPFCmXp4nzYQFHSKeGq_iQqu_WkS7mc-Pvf8&google_hm=kSzMtCbekLL0WtDb8V8XjQ
Request Chain 470
  • https://rtb.openx.net/sync/dds?google_gid=CAESED04DCgUXgNgOjMi-q8x9k8&google_cver=1&google_push=AYg5qPKbGITijmkuTrxwXdTxxQP1fNVfpH_PLogYs_bNeZllhQT85b3KsR3zBV_8NPlea_HETXa1m3THNaOy8fm3VOjqce2Y8H0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKbGITijmkuTrxwXdTxxQP1fNVfpH_PLogYs_bNeZllhQT85b3KsR3zBV_8NPlea_HETXa1m3THNaOy8fm3VOjqce2Y8H0&google_hm=NjxVXLgrws8KnAIMCDYLcQ==
Request Chain 471
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMXCkz2iiCOzXc0mNQzbafs&google_cver=1&google_push=AYg5qPJx2Syue7zNspUWPiwtf1z4GtlOZUpefcKDaC7MhXaYsbKaYZsz_D06cB0D8yrEiQaPshVwwMgD4l03wrxQGtFFCkW9TN0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJx2Syue7zNspUWPiwtf1z4GtlOZUpefcKDaC7MhXaYsbKaYZsz_D06cB0D8yrEiQaPshVwwMgD4l03wrxQGtFFCkW9TN0&google_hm=YkUzUDZFb05wUmlrQXJMWjZyT2s=
Request Chain 472
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_cver=1&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4
Request Chain 473
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEButtRPm7IHFpjHqABKmj_Y&google_cver=1&google_push=AYg5qPI8B8FLEpHbvH3yKkj4NlvCOhu9CbaTbzgj0RCcqbxUzLfX0UdGOW8nMKe8fLEhJ7SfBaqHzy6sJHVisJNKu1oUFoAByvsK HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI8B8FLEpHbvH3yKkj4NlvCOhu9CbaTbzgj0RCcqbxUzLfX0UdGOW8nMKe8fLEhJ7SfBaqHzy6sJHVisJNKu1oUFoAByvsK&google_hm=1da497eb4b4e340f36ac8aee
Request Chain 475
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KZ2WVVLY-V-AYRH HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KZ2WVVLY-V-AYRH HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZ2WVVLY-V-AYRH&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 491
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUlVSbTVGYkcxRVYxUk5hekU1VFc5NU4yTnBiRVpYVW5oRiJ9.ylG41dXV-7uTjrOq-PItwt76_kT-w1jUIqWXcC0_jbrio1HDLtmQUJI6fUgD-fBZyNv2m3Sbic9SzFq3p76TLw
Request Chain 512
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=NjxVXLgrws8KnAIMCDYLcQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 513
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Request Chain 514
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=946cd5fe-82b3-11ec-a9bf-a10e15a78249
Request Chain 515
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553&gdpr=0&gdpr_consent=
Request Chain 517
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=c7ae5ce9-c9c7-41a8-bfcf-8fb14c8cc5a2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=c7ae5ce9-c9c7-41a8-bfcf-8fb14c8cc5a2&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Request Chain 518
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=bcaca006-dcea-4d81-b391-ce48e2b45013 HTTP 307
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Request Chain 519
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4909702476009743137
Request Chain 521
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3949519880991651774&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 523
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4909702476009743137
Request Chain 525
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB
Request Chain 526
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfgPcgACvaPt5gBH
Request Chain 527
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=2df56434-c37a-4e45-ad98-ed466aaab7de&ssp=index&expires=30&user_group=5&bsw_param=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Request Chain 528
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 529
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Request Chain 593
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 600
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1&google_push=AYg5qPJhOLJlEVc7YFvFYal80nGXXQaQzZHtGUR8BChEwsWSnXJ99Yd1HRVqKi2-7F78D98OS9olKam0YWtt_7OaO2YPOacYxc5rxy4-XOlO2Zsa2UA6ljiRswpUT4hpDQfHq_VfyLloVOc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk0OTUxOTg4MDk5MTY1MTc3NA==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1
Request Chain 601
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPycBHuwmX_G6l-B9YtVSsU&google_cver=1&google_push=AYg5qPK6VdH9jLzQzurxr0mv97xTvOYmvjbucv3RO3gt80Agvp-EtPQKxg4Nm6ud2tpJDK-SQLXJNIuqOfp1giJdhsBG0UnJELxDEtCuEP4if01D7RAYyjxIVWejwYY8C6vg5k0Lrw8M6Fg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPK6VdH9jLzQzurxr0mv97xTvOYmvjbucv3RO3gt80Agvp-EtPQKxg4Nm6ud2tpJDK-SQLXJNIuqOfp1giJdhsBG0UnJELxDEtCuEP4if01D7RAYyjxIVWejwYY8C6vg5k0Lrw8M6Fg&google_hm=hmH4D3P2I2HQ6a3FFA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61F80F73F62361D0E9ADC514BLIS
Request Chain 602
  • https://rtb.openx.net/sync/dds?google_gid=CAESED04DCgUXgNgOjMi-q8x9k8&google_cver=1&google_push=AYg5qPKwsL0DELPH5DkHQmE4lPaA4MSF4WJp8n9si8m1LALaNZHKSQ9AxZWZsFuhRmRQHRuCtEeRGZExlUOnQXCPrXr8ZZaDn_z1Asb-bOnkK-MQMcE7muPYgI9s72Pmotn3ApY3UyGyMUs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKwsL0DELPH5DkHQmE4lPaA4MSF4WJp8n9si8m1LALaNZHKSQ9AxZWZsFuhRmRQHRuCtEeRGZExlUOnQXCPrXr8ZZaDn_z1Asb-bOnkK-MQMcE7muPYgI9s72Pmotn3ApY3UyGyMUs&google_hm=NjxVXLgrws8KnAIMCDYLcQ==
Request Chain 603
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMXCkz2iiCOzXc0mNQzbafs&google_cver=1&google_push=AYg5qPKWSwED0bnA0LpMA-Tni38mn9VtSSBShlrJHQqMJxb-cl1twFff9ClAAjHhKBPc-WzLHoCV1laUb5cdrghjILEFxbI9LM_563BzCjCGTiNtM3rog6kNOmMvZ25bWM3nfafSAXo6uq0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKWSwED0bnA0LpMA-Tni38mn9VtSSBShlrJHQqMJxb-cl1twFff9ClAAjHhKBPc-WzLHoCV1laUb5cdrghjILEFxbI9LM_563BzCjCGTiNtM3rog6kNOmMvZ25bWM3nfafSAXo6uq0&google_hm=YkUzUDZFb05wUmlrQXJMWjZyT2s=
Request Chain 604
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECsqN1p07CMXjlHFxpiyDp4&google_cver=1&google_push=AYg5qPIOhjmlunx3puKLigBzxDtYfPPcpEBN81iLG5Dr81GrRjvImLUQoBZK_oupT-n8DPooaAg1erkN6IA5e4BNC4-MZquMHtIOEc2WUR7msEgKKhzObWgnkRyYnL9apv8cgtAoz2BJfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyV1ZWTFktVi1BWVJI&google_push=AYg5qPIOhjmlunx3puKLigBzxDtYfPPcpEBN81iLG5Dr81GrRjvImLUQoBZK_oupT-n8DPooaAg1erkN6IA5e4BNC4-MZquMHtIOEc2WUR7msEgKKhzObWgnkRyYnL9apv8cgtAoz2BJfA
Request Chain 605
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_cver=1&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4
Request Chain 606
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIrNYEtSYAly_a9VzYDu4dQ&google_cver=1&google_push=AYg5qPIhlEIsnt7dIroFyt3zVWy2OCZxXTTJydUNcisvIVu4DVzV-Q3Ujbdb-PlhE-Rq3b6iALF5-qk273NjS3ztySZWxo3yLcfxCdCdIJ5v8AQlgSxGQh2M7FNaFoL6s5Q7CnqlYTYJXQ4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIhlEIsnt7dIroFyt3zVWy2OCZxXTTJydUNcisvIVu4DVzV-Q3Ujbdb-PlhE-Rq3b6iALF5-qk273NjS3ztySZWxo3yLcfxCdCdIJ5v8AQlgSxGQh2M7FNaFoL6s5Q7CnqlYTYJXQ4%26google_hm%3DBYvu38c3TkgOszE_gO9h1PE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIhlEIsnt7dIroFyt3zVWy2OCZxXTTJydUNcisvIVu4DVzV-Q3Ujbdb-PlhE-Rq3b6iALF5-qk273NjS3ztySZWxo3yLcfxCdCdIJ5v8AQlgSxGQh2M7FNaFoL6s5Q7CnqlYTYJXQ4&google_hm=BYvu38c3TkgOszE_gO9h1PE
Request Chain 747
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 750
  • https://cdn.districtm.io/ids/?sellerid=101769 HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=101769
Request Chain 755
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 756
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4909702476009743137
Request Chain 757
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Request Chain 758
  • https://sync.bfmio.com/syncb?pid=164 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 759
  • https://sync.bfmio.com/syncb?pid=163 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 760
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=926f08b8-82b3-11ec-929d-1ee132960503
Request Chain 762
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005&rndcb=3569068596 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1f612897-dbf9-4d3c-b640-ec045dee66c8&user_group=1&ssp=adconductor&bsw_param=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/f099e3ae-440c-48b2-9845-1d4b4b9f77d8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Request Chain 763
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=7551d5a1-6701-484c-855b-a0261d33ce27
Request Chain 764
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
Request Chain 765
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Request Chain 766
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%% HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=voXcyPVxQiGh&pid=83
Request Chain 768
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=23648134860141EF92D2E2886F7673DB&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D37%26uid%3DUCFUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=UCFUID
Request Chain 769
  • https://pixel.advertising.com/ups/58150/sync?_origin=1&redir=true&uid=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://ups.analytics.yahoo.com/ups/58150/sync?_origin=1&redir=true&uid=23648134860141EF92D2E2886F7673DB&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=47&uid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Request Chain 770
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&ssp=synacor&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10604851223583558621&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsynacor%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=131a2ce2-e10b-4246-8be8-cd21cd382fed&ssp=synacor&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850504048006765284&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10604851223583558621&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 771
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=6e086bef306a121b&is_secure=true&networkId=63258&version=1&nuid=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAGblmjalQplgN_qHOxAAAAAAA&expiration=1643733237&nuid=23648134860141EF92D2E2886F7673DB&is_secure=true
Request Chain 772
  • https://pixel.advertising.com/ups/58182/sync?&gdpr=&gdpr_consent=&redir=true&uid=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://ups.analytics.yahoo.com/ups/58182/sync?&gdpr=&gdpr_consent=&redir=true&uid=23648134860141EF92D2E2886F7673DB&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=52&uid=y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Request Chain 773
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=23648134860141EF92D2E2886F7673DB&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=2866484375683580000V10
Request Chain 777
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 778
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 780
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4909702476009743137
Request Chain 782
  • https://cdn.districtm.io/ids/?sellerid=101769 HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=101769
Request Chain 783
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Request Chain 784
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Request Chain 785
  • https://sync.bfmio.com/syncb?pid=164 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 786
  • https://sync.bfmio.com/syncb?pid=163 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 787
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=926f08b8-82b3-11ec-929d-1ee132960503
Request Chain 789
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005&rndcb=6118671694 HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=adconductor&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/f099e3ae-440c-48b2-9845-1d4b4b9f77d8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Request Chain 791
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=7551d5a1-6701-484c-855b-a0261d33ce27
Request Chain 792
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
Request Chain 793
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Request Chain 794
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%% HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=voXcyPVxQiGh&pid=83
Request Chain 797
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=23648134860141EF92D2E2886F7673DB&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D37%26uid%3DUCFUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=UCFUID
Request Chain 798
  • https://pixel.advertising.com/ups/58150/sync?_origin=1&redir=true&uid=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://ups.analytics.yahoo.com/ups/58150/sync?_origin=1&redir=true&uid=23648134860141EF92D2E2886F7673DB&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=47&uid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Request Chain 799
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=synacor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455420248101649&expires=30&ssp=synacor HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Request Chain 800
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=560972f59bf0121a&is_secure=true&networkId=63258&version=1&nuid=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAGbw-JjEsGQwNSxergAAAAAAA&expiration=1643733237&nuid=23648134860141EF92D2E2886F7673DB&is_secure=true
Request Chain 801
  • https://pixel.advertising.com/ups/58182/sync?&gdpr=&gdpr_consent=&redir=true&uid=23648134860141EF92D2E2886F7673DB HTTP 302
  • https://ups.analytics.yahoo.com/ups/58182/sync?&gdpr=&gdpr_consent=&redir=true&uid=23648134860141EF92D2E2886F7673DB&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=52&uid=y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Request Chain 802
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=23648134860141EF92D2E2886F7673DB&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=2866484375683587000V10
Request Chain 823
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1D531_EA90DFED_6D890629
Request Chain 825
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=Wwci36GL1NezCR5
Request Chain 826
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4969829177705457557
Request Chain 827
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jbxpc4vrOS2WvGov3-4iLYu_PH2WtDYogrSOXqPQ
Request Chain 828
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=CSunf-cDTytmJwFi_KJ-CCV4isM&user_group=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Request Chain 829
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455420248101649
Request Chain 830
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
Request Chain 831
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024 HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024&_li_chk=true&previous_uuid=de4c7605675e481e99947aee106728ca HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024&previous_uuid=17afd0f164e14b23a12abc11e5824ed1 HTTP 303
  • https://i6.liadm.com/s/64716?sha1=&bidder_id=206088&sha2=&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024&md5=
Request Chain 835
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f7b60080-53d0-4379-88f3-81d8f68637b7&dongle=0cfd
Request Chain 836
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=UipM9w5fp&dongle=u6nf
Request Chain 837
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPP-ldGrihMWat_G8VsGxPA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 838
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUwMjA2NTkyNTIxMDY1NzI4Njc5Ng%3D%3D
Request Chain 839
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1502065925210657286796&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1502065925210657286796&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=948f0aba-53ad-47e6-a358-37114db0f5ed&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=948f0aba-53ad-47e6-a358-37114db0f5ed&_noobservation=1&_expected_cookie=ad6ca8002cc51a54575ea3bb91b0e025
Request Chain 840
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1502065925210657286796?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-QIZP1fNE2oRqsiY97cIUhRMGhiQM0jipTLr.uozXVg--~A&dongle=0883
Request Chain 841
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1502065925210657286796&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455420248101649&expires=30&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 844
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=bE3P6EoNpRikArLZ6rOk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MJCTGUBWIVXU44CSNFVUC4SMLI3HET3L&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MJCTGUBWIVXU44CSNFVUC4SMLI3HET3L HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=bE3P6EoNpRikArLZ6rOk
Request Chain 853
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_1427b725-9b38-4a38-9318-cf926914d839
Request Chain 854
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&val=61F80F73F62361D0E9ADC514BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D61F80F73F62361D0E9ADC514BLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=61F80F73F62361D0E9ADC514BLIS
Request Chain 855
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=6ba4a70988db1219&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGblmjalQpowMKc9MNAAAAAAA&expiration=1643733237&nuid={OX_USER_ID}&is_secure=true
Request Chain 856
  • https://px.owneriq.net/eox HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ6969332371368871870&uid=Q6969332371368871870&ref=%2Feox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q6969332371368871870
Request Chain 857
  • https://rtb.adentifi.com/CookieSyncOpenX HTTP 302
  • https://rtb.adentifi.com/CookieSyncOpenX&cuidcheck HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_96358712-82b3-11ec-823f-125e5676ad8d
Request Chain 859
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=e051aedd-84d2-427f-9bb3-f05c29f1c9f7 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=e051aedd-84d2-427f-9bb3-f05c29f1c9f7 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662312525383177
Request Chain 860
  • https://sync.1rx.io/usersync/openx/7a5ccf02-6a18-498a-bc05-17537d977db7 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Request Chain 861
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFELXgwN0Q4QjhBQUFZLXNJQzF3UQ&bee_sync_partners=pm%2Csas%2Csyn%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Csyn%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 863
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3949519880991651774&dongle=d407
Request Chain 866
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=6a6661f8-0f72-4100-92ed-e1893d6cb49c&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 867
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YfgPcgACvaPt5gBH&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 868
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4909702476009743137&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 874
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&khaos=KZ2WVVLY-V-AYRH HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=KZ2WVVLY-V-AYRH
Request Chain 876
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646836822.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 877
  • https://ssc-cms.33across.com/ps/?_=1643646836822.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=117487727574175
Request Chain 878
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1646238837%26external_user_id%3Df7b60080-53d0-4379-88f3-81d8f68637b7 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1646238837&external_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7
Request Chain 879
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646836822.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Request Chain 880
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646836822.4&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D45%2526external_user_id%253D%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553%26partner_url%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%2526bidder_id%253D45%2526external_user_id%253D70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553&partner_url=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553 HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=45&external_user_id=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
Request Chain 881
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646836822.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4909702476009743137
Request Chain 882
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1643646836822.7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=003a4b88-32d8-4c14-bcd1-5c5358de9a09 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=003a4b88-32d8-4c14-bcd1-5c5358de9a09&ts=1643646837&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 888
  • https://dmx.districtm.io/s/v1/users/101769 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=55&uid=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.JcIAus43tcdwYKoXsr0VSQAlg9riW7iKAIPGlXMHnwCAKTDCM0frngwwmfVY9r5ZZTGD-K-2sGxw1P-0Z-temQ
Request Chain 889
  • https://dmx.districtm.io/s/v1/users/101769 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=55&uid=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.hPreT-4qtODoqsd_2h_fgygrbqlRZzjPlwMKjIDc8H4nT-IX3qbyrFaGdd9kC4QehaxHv02tykmY6TNS_TDjHA
Request Chain 890
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD-x07D8B8AAAY-sIC1wQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AAD-x07D8B8AAAY-sIC1wQ&pid=558502&do=add
Request Chain 892
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_c4178cd4398a43e0b5321
Request Chain 893
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=965dc45a-82b3-11ec-b646-6a23e1f7cedc
Request Chain 894
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CSunf-cDTytmJwFi_KJ-CCV4isM
Request Chain 896
  • https://pixel.onaudience.com/?partner=214&mapped=97A641CF-0105-4E75-A3D1-DE931CED0425 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3c07664286ed6cd5124d68918e0f37b2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=f7b60080-53d0-4379-88f3-81d8f68637b7&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=e4cb6d0de85c98aa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=36bdcfee-fa91-429b-7bb0-88f8b1b87b3e&reqId=242f25ef-4c0f-4294-50e1-1702adc8ab75&zcluid=e4cb6d0de85c98aa&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELhomhozPTq9Nv9JohHQFLs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=36bdcfee-fa91-429b-7bb0-88f8b1b87b3e&reqId=242f25ef-4c0f-4294-50e1-1702adc8ab75&zcluid=e4cb6d0de85c98aa&zdid=1332
Request Chain 897
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=97A641CF-0105-4E75-A3D1-DE931CED0425&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=97A641CF-0105-4E75-A3D1-DE931CED0425&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=97A641CF-0105-4E75-A3D1-DE931CED0425&addseg=10,33,39
Request Chain 899
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:97A641CF-0105-4E75-A3D1-DE931CED0425 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=965f0810-82b3-11ec-b070-0a4515f2e365&companyId=673&id=pubmatic_id:97A641CF-0105-4E75-A3D1-DE931CED0425
Request Chain 901
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=97A641CF-0105-4E75-A3D1-DE931CED0425&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kGXxUWdE2uW4RptKCQaG7dFyemKPf0Q-~A&gdpr=0&gdpr_consent=
Request Chain 902
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4909702476009743137&gdpr=0&gdpr_consent=
Request Chain 903
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=946cd5fe-82b3-11ec-a9bf-a10e15a78249&gdpr=0&gdpr_consent=
Request Chain 904
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=97A641CF-0105-4E75-A3D1-DE931CED0425&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7e80aaff23b8121c&is_secure=true&networkId=17100&version=1&nuid=97A641CF-0105-4E75-A3D1-DE931CED0425&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGblmjalQpsgNpfT7pAAAAAAA&expiration=1643733237&nuid=97A641CF-0105-4E75-A3D1-DE931CED0425&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 905
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_96358712-82b3-11ec-823f-125e5676ad8d&gdpr=0
Request Chain 906
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AXolYQctdT8aeiY9UyhuPwd5cG8acno6DnJ62YuR
Request Chain 911
  • https://sync.extend.tv/r.gif?exchange=openx&id= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=64da0456-d77f-494a-8063-92e0b1f47da8
Request Chain 912
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26b5ee0a76404927b0a0c5ea9275e162
Request Chain 913
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=1a6e33b0-a7da-40e0-8c45-96e78831386f
Request Chain 914
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=95f67a7f-6a67-4f11-ba56-4db76b4e16ad&redirectId=2257 HTTP 302
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6 HTTP 302
  • https://match.deepintent.com/usersync/108/ HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_c4178cd4398a43e0b5321
Request Chain 915
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=44a9aa08-e1fe-3e2d-3d82c194
Request Chain 917
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=0 HTTP 302
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=0&prevuid=06030002_61f80f75af97e&knw= HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=06030002_61f80f75af97e
Request Chain 918
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=UipM9w5fp?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=UipM9w5fp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=UipM9w5fp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=UipM9w5fp
Request Chain 920
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=978a92dd-bd2a-4dfb-b626-a4266b8b09cc&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=643924338726
Request Chain 971
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEO86itiiPzEHWFcutPOegc&google_cver=1&google_push=AYg5qPJ3ZdC1iJTvd7dXhDMdGGRa-GpGDHSoyGK4MkWjzF13OhbXykLUp7h4a6X_oBRb3NCdHrYOzXWpFz5ru9IwKeH3GQIUDGJwrcH4lzC5m3atA7DkkDY-0q-j8GxA3fFcrnKDFxiVF7Ni HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4e112ec5c197121b&is_secure=true&networkId=14000&version=1&google_gid=CAESEEO86itiiPzEHWFcutPOegc&google_cver=1&google_push=AYg5qPJ3ZdC1iJTvd7dXhDMdGGRa-GpGDHSoyGK4MkWjzF13OhbXykLUp7h4a6X_oBRb3NCdHrYOzXWpFz5ru9IwKeH3GQIUDGJwrcH4lzC5m3atA7DkkDY-0q-j8GxA3fFcrnKDFxiVF7Ni HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGbf6wWgeAxwNAmdZ8AAAAAAA&expiration=1643733239&google_cver=1&is_secure=true&google_gid=CAESEEO86itiiPzEHWFcutPOegc&google_push=AYg5qPJ3ZdC1iJTvd7dXhDMdGGRa-GpGDHSoyGK4MkWjzF13OhbXykLUp7h4a6X_oBRb3NCdHrYOzXWpFz5ru9IwKeH3GQIUDGJwrcH4lzC5m3atA7DkkDY-0q-j8GxA3fFcrnKDFxiVF7Ni
Request Chain 972
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEKef_mWqfgvVg0Mefo_QdVg&google_cver=1&google_push=AYg5qPJqDAExHW4NrbpVRq9UwdsI0R1mdSyOEo_T3VQ5MuEYByAa_f67BeqHdswVsOXlxyftEyziZrvuyeKsbbK099LaWYGzVt28Zs03QdMcbJWL4BhJZigVAu66hscF5hDBCNx259Q7314 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPJqDAExHW4NrbpVRq9UwdsI0R1mdSyOEo_T3VQ5MuEYByAa_f67BeqHdswVsOXlxyftEyziZrvuyeKsbbK099LaWYGzVt28Zs03QdMcbJWL4BhJZigVAu66hscF5hDBCNx259Q7314&google_hm=UjFENTMxX0VBOTBERkVEXzZEODkwNjI5
Request Chain 973
  • https://fksnk.com/cs/google?google_gid=CAESEAfc_ZmaBUhZj_uqb6bp994&google_cver=1&google_push=AYg5qPLu-U6pl922eOrM_Si5upebDXiIW5Gq8jou6erDQOxn7vrpXk1f35-xMhoWVSuDxoAteUIMkBiJp2Xj7QWqcbSFsnU04bKGdqCHH4I58Pfwn845WqCEpowF2NJSp1276ggYhxBSs4g6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEY0QjU5RjAwMzQxRENERQ==
Request Chain 974
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECAp3ZC-p9EBSbSlaKMp5_o&google_cver=1&google_push=AYg5qPLjLHn7ud4JHEbWkfgaAhDniRKfzLscEkCnX5THMuVhEMVG09FiQMErtl1oTt2lIPJD7R-jDEc1FUpT12h7xme9XS5BqZyFrlywOVMoNz_PAay2O127CcA3T5J7aS5HYANIeCN7pqU HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=52638daa-6014-4119-b150-9bcba7f3100a&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLjLHn7ud4JHEbWkfgaAhDniRKfzLscEkCnX5THMuVhEMVG09FiQMErtl1oTt2lIPJD7R-jDEc1FUpT12h7xme9XS5BqZyFrlywOVMoNz_PAay2O127CcA3T5J7aS5HYANIeCN7pqU&google_hm=8JnjrkQMSLKYRR1LS5932A==
Request Chain 975
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEI1O1naYn38eXjhrBgvc4fg&google_cver=1&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY-xgIGBOtvAM0IEs6SCjtx8NTXwnXdUCrhjGAl1qKsxQrJEyc HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=35cc591c-f543-4cfd-9cb0-2c2dcf2b0b91&ccid=35cc591c-f543-4cfd-9cb0-2c2dcf2b0b91&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEI1O1naYn38eXjhrBgvc4fg%2526google_cver%253d1%2526google_push%253dAYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY%252dxgIGBOtvAM0IEs6SCjtx8NTXwnXdUCrhjGAl1qKsxQrJEyc%2526anx_uId%253d%2524UID HTTP 303
  • https://a.clickcertain.com/px/li/?ccid=35cc591c-f543-4cfd-9cb0-2c2dcf2b0b91&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEI1O1naYn38eXjhrBgvc4fg%26google_cver%3d1%26google_push%3dAYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY%2dxgIGBOtvAM0IEs6SCjtx8NTXwnXdUCrhjGAl1qKsxQrJEyc%26anx_uId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEI1O1naYn38eXjhrBgvc4fg&google_cver=1&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY-xgIGBOtvAM0IEs6SCjtx8NTXwnXdUCrhjGAl1qKsxQrJEyc&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEI1O1naYn38eXjhrBgvc4fg&google_cver=1&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY-xgIGBOtvAM0IEs6SCjtx8NTXwnXdUCrhjGAl1qKsxQrJEyc&anx_uId=4909702476009743137 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY-xgIGBOtvAM0IEs6SCjtx8NTXwnXdUCrhjGAl1qKsxQrJEyc&google_hm=MzVjYzU5MWMtZjU0My00Y2ZkLTljYjAtMmMyZGNmMmIwYjkx
Request Chain 976
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESENdoKSKXrbInG9ahiMxCGhI&google_cver=1&google_push=AYg5qPLz3kJ1GFDfWiAcjW_fTNeZz9ZK5n7oiajXlnt_pmvN-vRSYNxQhxXYIoGkY7z9As6HbgxOGAwr-W1PRXAwjTBp_7vCMBW-Srqnd8T73Om7MpfuZfJ92j064GlmeNyoMgjeiNlgX3cbBg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=e9R6m-r0nkCvvkPkvfybzg&google_push=AYg5qPLz3kJ1GFDfWiAcjW_fTNeZz9ZK5n7oiajXlnt_pmvN-vRSYNxQhxXYIoGkY7z9As6HbgxOGAwr-W1PRXAwjTBp_7vCMBW-Srqnd8T73Om7MpfuZfJ92j064GlmeNyoMgjeiNlgX3cbBg
Request Chain 982
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_cm&google_sc&google_hm=WWZnUGNnQUN2YVB0NWdCSA%3D%3D HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_gid=CAESEMtvt2zDelIhan8x6SfjGmk&google_cver=1
Request Chain 1012
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455420248101649
Request Chain 1013
  • https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=5c10855d-f720-40bb-9d9a-71c7d26af1fd
Request Chain 1014
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Request Chain 1015
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4bd1642a73&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=f7b60080-53d0-4379-88f3-81d8f68637b7&pubid=4bd1642a73 HTTP 302
  • https://id5-sync.com/s/434/9.gif?puid=8bac0724-2036-44e9-8d74-32f1a715d54a&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=8bac0724-2036-44e9-8d74-32f1a715d54a&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/2/8/2.gif?puid=4909702476009743137&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOANbkxMn-i3tTatmqzwVXq1Csnht_z35-tACREw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/3/7/3.gif?puid=6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=f7b60080-53d0-4379-88f3-81d8f68637b7&ttl=%%TTL%% HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOFZF2wiw7HzONgIr7eNNGA&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOFZF2wiw7HzONgIr7eNNGA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4909702476009743137&opid=apx&ops=&utidl=tech:goo:CAESEOFZF2wiw7HzONgIr7eNNGA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A24888306587&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOANbkxMn-i3tTatmqzwVXq1Csnht_z35-tACREw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F4%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/916/4/6.gif?puid=7551d5a1-6701-484c-855b-a0261d33ce27&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD-x07D8B8AAAY-sIC1wQ
Request Chain 1016
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8bac0724-2036-44e9-8d74-32f1a715d54a&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Wjk0UkI1dXFxLVAzbjc5djFqYTNOdw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEIZVlXNWG8RjN3gZhFymNhE&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=voXcyPVxQiGh
Request Chain 1017
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&google_hm=ZjA5OWUzYWUtNDQwYy00OGIyLTk4NDUtMWQ0YjRiOWY3N2Q4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENvZv7c4KYc859jSTTiJ7VM&google_cver=1&ssp=sonobi&bsw_param=f099e3ae-440c-48b2-9845-1d4b4b9f77d8 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Request Chain 1039
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid= HTTP 302
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=fb1c0273-2b53-4da7-8aa2-bd4048893eef

1035 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kokomotribune.com/
Redirect Chain
  • http://kokomotribune.com/
  • https://www.kokomotribune.com/
469 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
72d00116ee3ae71d18dc323070d55ec036172e7c1ebbb7cd45a4c4c6dd1ef2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 31 Jan 2022 16:32:34 GMT
content-type
text/html; charset=UTF-8
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Jan 2022 16:32:31 GMT
x-robots-tag
noarchive
x-xrds-location
https://www.kokomotribune.com/tncms/xrds/
x-ua-compatible
IE=edge
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.394adeeb6831ca20cb80bc3489a2f345.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
x-tncms
1.61.1; app4; 2.8s; 8.6M
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
etag
W/c9b6312d44b068a1a14f05c67af9f80b
content-encoding
gzip
vary
X-IPCountry, Accept-Encoding
age
74
x-vcache
HIT
accept-ranges
bytes
content-length
67951

Redirect headers

date
Mon, 31 Jan 2022 16:32:40 GMT
content-type
text/html; charset=UTF-8
x-loop
1
cache-control
public, max-age=300
x-robots-tag
noarchive
x-xrds-location
https://www.kokomotribune.com/tncms/xrds/
location
https://www.kokomotribune.com/
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms
1.61.1; app11; 0.01s; 1.3M
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
vary
Accept-Encoding
age
68
x-vcache
HIT
content-length
1776
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13209654
cf-ray
6d6458093f638ccd-EWR
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
HIT
server
cloudflare
etag
W/"60e609f2-1882c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 31 Aug 2022 19:01:40 GMT
user.js
www.kokomotribune.com/shared-content/art/tncms/user/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kokomotribune.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
f5ec567cf8be00ed763cfe83ec5d8729a3287e4139897df9644fd261c6ca1bed

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:30:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 20:16:24 GMT
age
178
etag
W/"61f2fd98-2c76"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
4103
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3479514
cf-ray
6d6458093f648ccd-EWR
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 23 Apr 2022 11:58:27 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
21687393
cf-ray
6d6458093f718ccd-EWR
last-modified
Wed, 05 May 2021 20:06:42 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fad2-8154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 11 May 2022 19:01:19 GMT
tnt.394adeeb6831ca20cb80bc3489a2f345.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.394adeeb6831ca20cb80bc3489a2f345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a769d4bf461200d7c95adb57e300810ce0c5e61951f031755e91aad1329c4691
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2233945
cf-ray
6d6458093f758ccd-EWR
last-modified
Tue, 04 Jan 2022 21:06:17 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61d4b6c9-25b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Thu, 05 Jan 2023 20:01:13 GMT
application.cb897187c4718280fd69d2e6d6c3909d.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
21687393
cf-ray
6d6458093f678ccd-EWR
last-modified
Wed, 05 May 2021 20:06:24 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fac0-104a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 05:50:56 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
18048643
cf-ray
6d6458093f668ccd-EWR
last-modified
Tue, 06 Jul 2021 13:05:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e45508-9ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 06 Jul 2022 19:01:54 GMT
bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2233945
cf-ray
6d6458093f4e8ccd-EWR
last-modified
Tue, 04 Jan 2022 21:06:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61d4b6c1-1ab8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Thu, 05 Jan 2023 20:01:13 GMT
font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
18698622
cf-ray
6d6458093f538ccd-EWR
last-modified
Fri, 16 Apr 2021 14:03:10 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6079991e-7257"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 23 Apr 2022 11:58:27 GMT
layout.2ce6292643f5129895871a2478a4614d.css
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		150 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.2ce6292643f5129895871a2478a4614d.css
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5893bd080d50d15706acc7a4a216160ed89641c7f7ef286418a57ca2d684d744
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2233945
cf-ray
6d6458093f588ccd-EWR
last-modified
Tue, 04 Jan 2022 21:05:07 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61d4b683-25797"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Thu, 05 Jan 2023 20:01:14 GMT
theme-basic.feb84265ed22ec1b578ffb91ddb31be4.css
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.feb84265ed22ec1b578ffb91ddb31be4.css
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3290a47b7591b700d705708ab09b138f5fb9d337e5546e92c33a5c2a9af7f4ad
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2233945
cf-ray
6d6458093f598ccd-EWR
last-modified
Tue, 04 Jan 2022 21:05:21 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61d4b691-a330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Thu, 05 Jan 2023 20:01:13 GMT
site.css
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/global/resources/styles/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/global/resources/styles/site.css?_dc=1503084053
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d820f07de3581d48a6d0abc35ec099dc89baa01ab930c8962288566f98c06ae1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3477637
cf-ray
6d6458093f5b8ccd-EWR
last-modified
Fri, 18 Aug 2017 19:20:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"59973e15-1727"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:06:25 GMT
flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		531 B
345 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8888b39fcef68347451a49b9c12fbd7f5af165a42f289fbeef6c4db2f8a33228
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
18695546
cf-ray
6d6458093f5d8ccd-EWR
last-modified
Wed, 05 May 2021 20:07:28 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fb00-213"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:06:25 GMT
jquery-ui.css
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528903065
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3477637
cf-ray
6d6458093f5f8ccd-EWR
last-modified
Wed, 13 Jun 2018 15:17:45 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5b213599-3e62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:06:25 GMT
flex-utility-promo-designer.59905c960650c756bd917d9e081675c9.css
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.59905c960650c756bd917d9e081675c9.css
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc558b378e80259b76862aa50dacf9182374a66418211c9870dcdff3f6cf387
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
18695546
cf-ray
6d6458093f618ccd-EWR
last-modified
Wed, 05 May 2021 20:07:27 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092faff-1ddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:06:25 GMT
cc.js
tags.crwdcntrl.net/c/6893/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/6893/cc.js?ns=_cc6893
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-126.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a4b63c39d5a2746c94fe06cd2dd8ebc7f76b66c2bc423d5f0da630c9cd35090

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 31 Jan 2022 08:25:16 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 16:50:38 GMT
server
AmazonS3
age
29314
etag
W/"39ab9965026eec1d99798a96510f6eb1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 fc07a3272275b95dac262d5ece1fcdf8.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
u-BHXCy1kAcmrdXTZq-LEon_3KQ3b6Bh16MWp68FD5QFiMjzD2s_IQ==
access.js
www.kokomotribune.com/shared-content/art/tncms/api/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kokomotribune.com/shared-content/art/tncms/api/access.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer
https://www.kokomotribune.com/
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:30:37 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 21:16:30 GMT
age
191
etag
W/"61b2722e-15686"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
34923
service-worker-allowed
/
tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6534150
cf-ray
6d6458093f698ccd-EWR
last-modified
Fri, 16 Apr 2021 14:03:28 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60799930-24cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 23 Apr 2022 12:04:11 GMT
tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		888 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
21687392
cf-ray
6d64580afbee8ccd-EWR
last-modified
Wed, 05 May 2021 20:06:34 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092faca-378"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:06:25 GMT
tracking.js
www.kokomotribune.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kokomotribune.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:28:51 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 20:16:24 GMT
age
297
etag
W/"61f2fd98-a4b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1149
service-worker-allowed
/
admanager.js
www.kokomotribune.com/shared-content/art/tncms-ad-manager/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kokomotribune.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:29:33 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 21:41:20 GMT
age
254
etag
W/"61d76200-9d77"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
12873
service-worker-allowed
/
impressions.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/ads/ 		81 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/ads/impressions.js?_dc=1643645111
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b6b46c64c54f443109ad9f87576521545e29e1dab013f5b0df1896b5fe768b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
364
cf-ray
6d6458093f6a8ccd-EWR
last-modified
Mon, 31 Jan 2022 16:05:11 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61f808b7-51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Tue, 31 Jan 2023 16:11:16 GMT
traffic.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/ads/ 		1 KB
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/ads/traffic.js?_dc=1643607310
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767d9851c852d14ed82f1851a578f5cd4e3e1ac99894b4cb954b93714ee471f0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
38787
cf-ray
6d6458093f6e8ccd-EWR
last-modified
Mon, 31 Jan 2022 05:35:10 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61f7750e-5eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Tue, 31 Jan 2023 05:40:57 GMT
settings.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/ads/ 		3 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/ads/settings.js?_dc=1519930349
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4117ae8fa5f3ed1edaeea93087052e9b2cfa16548d7da093fdeb7c83558367e5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
18688789
cf-ray
6d6458093f6c8ccd-EWR
last-modified
Thu, 01 Mar 2018 18:52:29 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5a984bed-d4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 18 Jun 2022 10:09:22 GMT
biz.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/global/resources/scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/global/resources/scripts/biz.js?_dc=1468350368
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d190eba56a70ceebc6f30127b9fc2e441601e159e6e6fc56eeaa47ee568670a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3477637
cf-ray
6d6458093f708ccd-EWR
last-modified
Tue, 12 Jul 2016 19:06:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"57853fa0-1a27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:06:25 GMT
jquery-ui.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/libraries/flex/components/site/resources/scripts/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/libraries/flex/components/site/resources/scripts/jquery-ui.js?_dc=1469051354
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
21687393
cf-ray
6d6458093f6f8ccd-EWR
last-modified
Wed, 20 Jul 2016 21:49:14 GMT
x-vcache
MISS
server
cloudflare
etag
W/"578ff1da-aad1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:06:25 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		200 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
18688789
cf-ray
6d6458093f728ccd-EWR
last-modified
Wed, 26 May 2021 17:42:36 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60ae888c-c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 18 Jun 2022 05:48:35 GMT
fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		253 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3477637
cf-ray
6d64580afbef8ccd-EWR
last-modified
Wed, 25 Aug 2021 16:36:45 GMT
x-vcache
HIT
server
cloudflare
etag
W/"6126719d-3f553"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 31 Aug 2022 19:01:40 GMT
11f04d90-fe05-0135-4418-067f653fa718
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/11f04d90-fe05-0135-4418-067f653fa718
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.55.1.118 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
76.01.37a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
d2140486d3c88d558fba14ed3d9bb8a9909d274dd8d4387710024b8437c77f9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 31 Jan 2022 16:33:49 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
Fs9oFTuscvmbJHVJ40rH
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
4f5f9060-4d77-0136-d0af-06a9ed4ca31b
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/4f5f9060-4d77-0136-d0af-06a9ed4ca31b
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.55.1.118 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
76.01.37a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
50db959d25940c24cdac17cec1c6784d8fc0d677c4e172bd241a7ca58e6d4f8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 31 Jan 2022 16:33:49 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3100
x-request-id
Fs9oFTuW9IDZrkg7IgtJ
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
19a60c448ec2c26af27244a41eb8da427133182653be71ece5fbbdc4936fdd4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27094
x-xss-protection
0
server
sffe
etag
"1118 / 591 of 1000 / last-modified: 1643638952"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 16:33:49 GMT
adb.1710310.min.js
prod.adspsp.com/ 		298 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb.1710310.min.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-5.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ede0b2e4a60c21d66737254c2a833c7d74cf8cc3096dcd98299aa005c62e37f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 11:42:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jan 2022 11:42:30 GMT
Server
AmazonS3
Age
17453
ETag
W/"cf6aafd8910fc4ca8c97819ba66f54b2"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
EWR52-C2
X-Amz-Cf-Id
CuHMVh7k4R79D89_3Q7UfmJYiw7k0z4QuT6kt0VOwpjQDmPQ1u9nJA==
/
kokomotribune-cnhi-pw.newsmemory.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kokomotribune-cnhi-pw.newsmemory.com/?meter&v=1&service=onstop
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 Minneapolis, United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
0b193e9148db8d0686329a827b820586dc18f64f47a126980a9a4bb2f2f31ff6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
6013
Keep-Alive
timeout=2, max=300
Expires
Mon, 31 Jan 2022 18:33:49 UTC
load.js
s.ntv.io/serve/ 		391 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.169.60 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-60.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8b8234cf8ab3052448812e8e8ecc975bd6f9bddccd84a8d2727fd606cd71af47

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Content-Encoding
gzip
x-amz-request-id
QQ1M2KSA4WRGZQTW
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
oySErV68Jfar6SeI8AOSTEUFWssYpoWAIKi4u8oHtGoDLELnntybYGsOhw9+Hn3JU4TVvC0NO7o=
Last-Modified
Fri, 21 Jan 2022 02:47:15 GMT
Server
AmazonS3
ETag
"4348c568061f705b68f72be489c53c85"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
tracker.js
www.kokomotribune.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kokomotribune.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:28:51 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 16:46:36 GMT
age
297
etag
W/"60e72bec-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
/
kokomotribune-cnhi-pw.newsmemory.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kokomotribune-cnhi-pw.newsmemory.com/?meter&v=1
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 Minneapolis, United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
d5defa6e00a7546f37691873bb86fe20b5fae1f6ca84d40e031e95fd244f6d22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Mon, 19 Apr 2021 20:41:21 UTC
Server
Apache
ETag
fdc9e3eda6379554b14e0ffcff52d38e
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
4414
Keep-Alive
timeout=2, max=300
Expires
Mon, 31 Jan 2022 18:33:49 UTC
resizer.client.min.js
digitalservices.ap.org/assets/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digitalservices.ap.org/assets/js/resizer.client.min.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.100.146.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-146-176.deploy.static.akamaitechnologies.com
Software
AWS Server / AP - AK
Resource Hash
70473c8ac1784e732b6f939aacf1b7c7247968e94408fb7d0dbba9fab15a11cc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 09:44:03 GMT
server
AWS Server
x-powered-by
AP - AK
etag
"60bf3be3-3275"
vary
Accept-Encoding
x-varnish
1197411 362360
cache-control
max-age=75817
x-cache-hits
9
x-age
19397
accept-ranges
bytes
content-type
application/javascript
content-length
5196
expires
Tue, 01 Feb 2022 13:37:26 GMT
JAN-NewYearNewYouWidget.jpg
static.cnhionline.com/kokomotribune/art/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/kokomotribune/art/JAN-NewYearNewYouWidget.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
57a5acf7d0218070713c93807f7ebf6b49ef30342cad35704aea170cdaec596d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Tue, 18 Jan 2022 18:42:26 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"9005d1dc-c082-5d5dfa170577d"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
49282
widget_comics.jpg
static.cnhionline.com/kokomotribune/art/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/kokomotribune/art/widget_comics.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
efd556b4480cce52ec0164c1171df9fd7bba0a1bd08d41d2f2c53dd65fc38ca6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Fri, 05 Mar 2021 13:36:24 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"9003ad61-7b21-5bcca2b937bd1"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
31521
widget_puzzles.jpg
static.cnhionline.com/kokomotribune/art/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/kokomotribune/art/widget_puzzles.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
b188229e8c0766a7306bc7290eb8f91f7b91b1b504b5beecb51043480b9fd5d1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Fri, 05 Mar 2021 13:36:24 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"9003ad60-7d20-5bcca2b92c051"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
32032
widgey-dug.php
japfg-trending-content.appspot.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10223&v=1&q=3&i=1
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.180 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f20.1e100.net
Software
nginx /
Resource Hash
bcbaa75591909d554336f09e7aaea5b0590ed18566527cd51f063071a6553fca

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
via
1.1 google
server
nginx
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
retailadvertiser
casmp.adperfect.com/widget/
Redirect Chain
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
54.71.105.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-105-208.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b9776264e5012834a4d0f2aa3318bc454a83a1411da9836b00f5ef2ca96398da

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
content-length
832
expires
Mon, 31 Jan 2022 17:33:49 GMT

Redirect headers

Date
Mon, 31 Jan 2022 16:32:44 GMT
Via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
65
X-Cache
Hit from cloudfront
Content-Type
text/html; charset=UTF-8
Location
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
Cache-Control
max-age=3600
X-Amz-Cf-Pop
JFK51-C1
Content-Length
0
X-Amz-Cf-Id
QvNNrYZtoZPnjegG3BfFQHItFiRM7jrPRO9gcTj1lEPt6H06riMkkQ==
Expires
Mon, 31 Jan 2022 17:32:44 GMT
circularhub_module.js
api.circularhub.com/15574/027f64b1828a4589/ 		579 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.circularhub.com/15574/027f64b1828a4589/circularhub_module.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-109.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
f47e06777dd204f0ed53289bd2d16935dc9b16825f835ba37a52f6e4bbf1f4cf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
gzip
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
status
200 OK
x-request-id
36f3d3e83e867eb60caf8ef57acca157
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.017545
access-control-allow-origin
*
server
nginx
etag
W/"7ce2286ee94e6d76583496d55a027dc7"
content-type
text/javascript; charset=utf-8
via
1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
l3MmjWKF1mIUt4O3rw2qGqmwn1tAsvE7XlbAL6r790fafkTAMzARJg==
x-rack-cache
miss
kokomotribune.js
static.cnhionline.com/cnhi/data/bizmarquee/ 		438 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/bizmarquee/kokomotribune.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
a39dcd8a8301eced8c4825b72a4e737eea03205d2d21310b8bb6a6fde9690bea

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Tue, 11 Jan 2022 13:35:27 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"f00672b0-1b6-5d54e86afbb4f"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
438
kokomotribune.js
shop.cnhi.com/data/premiumads/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.cnhi.com/data/premiumads/kokomotribune.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.197.52.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-52-200.compute-1.amazonaws.com
Software
Apache/2.4.52 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
4253b12ae46ca6eca976e38a55c18ec45d3ac55a6d3803e9ee3914bb0a09c145

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Tue, 25 Jan 2022 14:17:44 GMT
Server
Apache/2.4.52 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"aa2-5d668bfa8b200"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2722
entertainment_now.jpg
static.cnhionline.com/kokomotribune/art/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/kokomotribune/art/entertainment_now.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
39676c150e13bb22ce3b404fba7ec89598be4c62186ded2c74956a031060dbe4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Tue, 04 Aug 2020 15:46:09 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"9003a100-72d9-5ac0f276a81a3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
29401
-w-250.jpg
content.cdntwrk.com/files/aT0xNDQ2ODE3JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPWU4MGZkMjkyMTUwNzk2MGJlYzgxODUyNTA5ZmJjNTM3/
Redirect Chain
  • https://www.ifoldsflip.com/read/getTitleCoverUrl/21224/250
  • https://content.cdntwrk.com/files/aT0xNDQ2ODE3JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPWU4MGZkMjkyMTUwNzk2MGJlYzgxODUyNTA5ZmJjNTM3/-w-250.jpg
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/files/aT0xNDQ2ODE3JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPWU4MGZkMjkyMTUwNzk2MGJlYzgxODUyNTA5ZmJjNTM3/-w-250.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
13.33.46.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-33.ewr52.r.cloudfront.net
Software
/
Resource Hash
7fe9634ea990c141925ed37573193905716b93426033c92f9d8115732bb389ea

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 13:00:39 GMT
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
last-modified
Sat, 29 Jan 2022 13:00:39 GMT
age
185589
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
content-disposition
inline; filename="s3_custom_size_image_61f53a77c1210.jpg"
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
9mSDeyCaukI-98DO9C2DIAyX-NA2g3Y2doWEDgoMly27aGb6ap7wyw==

Redirect headers

date
Mon, 31 Jan 2022 16:33:49 GMT
referrer-policy
unsafe-url
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
location
https://content.cdntwrk.com/files/aT0xNDQ2ODE3JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPWU4MGZkMjkyMTUwNzk2MGJlYzgxODUyNTA5ZmJjNTM3/-w-250.jpg
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
content-length
0
x-content-type-options
nosniff
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D18F) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
347280
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (nyd/D18F)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d0f5d6cb-e01e-0043-6f97-131e51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
rtj_ad.gif
static.cnhionline.com/ksherman/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/ksherman/images/rtj_ad.gif
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
2df38c38b392acba9e07785efbd04f743269ae05c98628eb8279010912cfba5e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Wed, 13 Oct 2021 21:56:53 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"8086067-99d6-5ce430a3af74d"
Content-Type
image/gif
Access-Control-Allow-Origin
http://template1.cnhionline.com
Connection
close
Accept-Ranges
bytes
Content-Length
39382
vf-v2.js
cdn.viafoura.net/ 		658 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe569d4719ebc67d1722edb851df1cf3a18429ef5e4ef436722a69fcf5882333

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
GZkwkUp3iGb7W9S1n8Dv7Oy2G.yUITZz
content-encoding
br
last-modified
Tue, 14 Dec 2021 17:46:18 GMT
server
AmazonS3
age
49
etag
W/"5053ce08e3882a118a117ce1fd221cd9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Mon, 31 Jan 2022 16:33:01 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
KDwS5qAUXDKTZ0ezMtE46bO5ENkVLeNBkGSn-YocOjrZGYu0L1xqug==
dmp.reactive.0e53d3f9d235eed93a6018d451147284.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		510 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.0e53d3f9d235eed93a6018d451147284.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddd466f2537ff1e7c620b9f5d3c50229baa530655c61abbdc412cf7b6c7fd5e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
21687392
cf-ray
6d64580aebe98ccd-EWR
last-modified
Wed, 05 May 2021 20:06:25 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fac1-1fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 05:56:25 GMT
promo_popup.fe40d77fce691e6ed54cb520a782a693.js
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		2 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/promo_popup.fe40d77fce691e6ed54cb520a782a693.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c456b606231cd84cd7408994f7f80580788b94e8e82ef2110dbe3cff907f49
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
16741017
cf-ray
6d64580afbed8ccd-EWR
last-modified
Wed, 05 May 2021 20:06:26 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fac2-635"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 05:50:56 GMT
gtm.js
www.googletagmanager.com/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c1f8a3e56ff16c98b2a45444de34cc9082c8e43715c6118ad36a54a1620a4f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60493
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 16:33:49 GMT
/
www.kokomotribune.com/_services/v1/client_ip_info/ 		84 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kokomotribune.com/_services/v1/client_ip_info/
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
bdade4e5d5794e5e6ad8c8b5cf82eb64921f30aa9fffcb6c0b51a5009ddb2488

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
84
content-type
application/json
lziAsn3sBoY_eEHNBDcAkQ52x-2phlDibnxrxBfvRGURPWrnX2Oq35C
bandborder.com/v2/0/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/lziAsn3sBoY_eEHNBDcAkQ52x-2phlDibnxrxBfvRGURPWrnX2Oq35C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
8dfc0c9808fddc978295b6f61da8d7ec77c99c0d73e8985220c6fc3f62144d48
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-us-east1
etag
"140c0c941957c1166934cfa982d225c1cea713a27f610d2bd847e842e1d5e569"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-wp3l
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 31 Jan 2022 16:33:49 GMT
timing-allow-origin
*
fqiO1a-BJnzVth9GvqGhrJvvpAY_92Nw0Q49N9YIQefEO0u7nZcOQ7jyGvczPlgMZ-b-D2q-w
bandborder.com/v2/0/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/fqiO1a-BJnzVth9GvqGhrJvvpAY_92Nw0Q49N9YIQefEO0u7nZcOQ7jyGvczPlgMZ-b-D2q-w
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d7ab4e45d7758f6c07ddf9d3609c8f188b3341e7635aa0ff019e7b4be2889980
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-us-east1
etag
"a48791bd76c4cc489071aa053cfc7355cf10ef2985e763e35cfa39a8c7233dfe"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-wp3l
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 31 Jan 2022 16:33:49 GMT
timing-allow-origin
*
tracker.gif
www.kokomotribune.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kokomotribune.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1643646829261160012001541890936362&tnms_dt=kokomotribune.com&tnms_upage=1&tnms_do=www.kokomotribune.com&tnms_uri=/&tnms_ref=&rt=1643646829273
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
age
0
etag
"48f79fed-0"
x-vcache
MISS
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
gtm.js
www.googletagmanager.com/ 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KKH5QP
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d25dbc0640fbf7248585a5bd5dc63d920bb4a79e530e68b479ec49b0e2e43282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40017
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 16:33:49 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
0ace6ed2a0443e0ce6c8d2f0bada232e05efdf973b42020b8167591a383096d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GFA68lN9LpMrtzFhoEejgA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 31 Jan 2022 16:39:48 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
mYqFFTlFUurGpnLTIzVJ65HFd9+mqsAVew02GG8Gf9ebAccverrmR4FgnIqrR6YfhA5TQObzk62Dk89EQ3c+sQ==
x-fb-trip-id
1512268381
x-fb-content-md5
0d10574566fdd70dd0e27294f88a9d2d
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 31 Jan 2022 16:33:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7ccf7ee8288cacc3f20585aa0f7b45cc"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
04cc182a-f3e7-11e7-b654-8beed444823b.png
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/custom/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/custom/image/04cc182a-f3e7-11e7-b654-8beed444823b.png
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8443264fddcb27457dabf11f679dfbfb658b3c85ebd0d9f8a255e0db465f3395
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
vary
Accept
cf-cache-status
HIT
age
924023
cf-polished
origFmt=png, origSize=9425
last-modified
Sun, 07 Jan 2018 20:12:00 GMT
content-disposition
inline; filename="04cc182a-f3e7-11e7-b654-8beed444823b.webp"
content-length
3956
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5a527f10-24d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 12 Jan 2023 19:46:23 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6d64580bae058ccd-EWR
cf-bgj
imgq:85,h2pri
1bcb6303273d24de0262af2c7995cd1d
wintergames.ap.org/iframe/widgets/content/ Frame 6D3E 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.100.146.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-146-176.deploy.static.akamaitechnologies.com
Software
AWS Server / AP - AK
Resource Hash
69b4096bc7c135dbf8d5ff7cbadbebd2c7a2cc1fa21dee1bd4f68bb49fc9694a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

content-type
text/html; charset=UTF-8
x-varnish
44769741 44457869
x-age
106
x-cache-hits
5
server
AWS Server
x-powered-by
AP - AK
accept-ranges
bytes
content-encoding
gzip
content-length
5271
cache-control
max-age=130
date
Mon, 31 Jan 2022 16:33:49 GMT
vary
Accept-Encoding
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022012505.js
securepubads.g.doubleclick.net/gpt/ 		354 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:50:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122166
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 31 Jan 2023 04:50:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		211 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kokomotribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
665ce6c74873963f7329ffb5d8998bc22a53e99b5663fb45042d08ac37f2e13b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 31 Jan 2022 16:33:49 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 23:10:05 GMT
content-encoding
gzip
age
62624
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1XBRZNMD5FXHA7ZK4GTX
etag
a89a0f9aa62d9c46ee287cd1f0b6423d
vary
Accept-Encoding
x-amz-version-id
GzCVpXkwVbKPnWWiNgpDCABi9Jbs4BMI
via
1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
vrx091qRIfsckYhUOp9Mo7A_jvE40OuIuOFMYkArUyKS2FgHIfiZQg==
/
geo.adspsp.com/ 		4 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.adspsp.com/
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-42.ewr52.r.cloudfront.net
Software
/
Resource Hash
d0caf6ce9f9dcab483bbd5f2b916786afa4765b0e4eca7f6dcd9f98c6d1e7e0d

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 16:33:49 GMT
via
1.1 76ba6b3d9cbda18b2d8a4974a9dc976a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
content-length
4
x-amz-cf-id
zr39SAYdAp_a4nBjXFOBLpqPgZ2audNzYdLCm-cPo5-ar5Y3hVxoOw==
x-cache
Miss from cloudfront
t
jadserve.postrelease.com/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.kokomotribune.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.226.129.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-129-154.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
86e1b92c04c3b93c5fff597c24357fc797135764b3f39cc6d2bbad62b15f61b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
2728
expires
Mon, 1 Jan 1990 12:00:00 GMT
gtm.js
www.googletagmanager.com/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d3fbe78511419c2baf03068451bfa72db481bc04adffa189237f98e567b4e567
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39032
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 16:33:49 GMT
sprite_icons_6dc7d94.png
www.justapinch.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.10.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 01:28:29 GMT
via
1.1 google
last-modified
Thu, 06 Jan 2022 04:39:24 GMT
server
nginx
age
1782321
x-who
gcloud-web-1
cache-control
max-age=31536000,public
accept-ranges
bytes
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22292
expires
Wed, 11 Jan 2023 01:28:29 GMT
vxi_fvvl-qaR0mpTTLbzSNa3HvIE7Y5994PtpYhgykUUGg5USxnB9YQj4yjYDe_YTCyyYDaDQUsfcrOXKwHPsnXCykpNXQM=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/vxi_fvvl-qaR0mpTTLbzSNa3HvIE7Y5994PtpYhgykUUGg5USxnB9YQj4yjYDe_YTCyyYDaDQUsfcrOXKwHPsnXCykpNXQM=w300-h170-p-rj-l75
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
fife /
Resource Hash
dde67688a28aa1b5d4c0b25ad4e8123df01add0b6dd1ccac7c98e1c65c8a0709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:23:38 GMT
x-content-type-options
nosniff
age
11411
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 01 Feb 2022 01:23:05 GMT
7yq6ouc1w41ZvdJR8Gr3ZlHWYI7uw069FGbg4Cv2ETzDSXOFM-8RzXY4aT7RAMQ94B0uWd73Fpzyx-uW70_9xRlACgLH=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/7yq6ouc1w41ZvdJR8Gr3ZlHWYI7uw069FGbg4Cv2ETzDSXOFM-8RzXY4aT7RAMQ94B0uWd73Fpzyx-uW70_9xRlACgLH=w300-h170-p-rj-l75
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
fife /
Resource Hash
d5dc4d6c11899ddcfb81847e2689d945558fba7a3c9b85750dd93f07890509a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:09:17 GMT
x-content-type-options
nosniff
age
12272
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12142
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 30 Jan 2022 01:08:07 GMT
XsVSloKYer5tZWzOEPlLlC3KAyi1QVxNxI22ZwXR57aoEo0UBQTzeLZmeVJ4gsMEkrYWBNxLee1DygNejmKPaiG9HLiXkg=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/XsVSloKYer5tZWzOEPlLlC3KAyi1QVxNxI22ZwXR57aoEo0UBQTzeLZmeVJ4gsMEkrYWBNxLee1DygNejmKPaiG9HLiXkg=w300-h170-p-rj-l75
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
fife /
Resource Hash
8689b0e4dba0e36e5bf51c687d9068cb295664a558e2fc761ee4745b3a3668eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:10:57 GMT
x-content-type-options
nosniff
age
1372
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11228
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 30 Jan 2022 00:08:03 GMT
p
i.simpli.fi/ 		774 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=91507&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/4f5f9060-4d77-0136-d0af-06a9ed4ca31b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.44.76.89 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
59.4c.2ca9.ip4.static.sl-reverse.com
Software
/
Resource Hash
f0e3fba3d9af9592260ccaaa757fc83019a38ebc1a2648382ddcdad6880921b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 31 Jan 2022 16:33:49 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
resizer.content.min.js
wintergames.ap.org/assets/js/ Frame 6D3E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wintergames.ap.org/assets/js/resizer.content.min.js
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.100.146.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-146-176.deploy.static.akamaitechnologies.com
Software
AWS Server / AP - AK
Resource Hash
21a956bcf5c00db6c1347feed2290e4e1f3290cab567a1b8548c870f4f821441

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 09:44:03 GMT
server
AWS Server
x-powered-by
AP - AK
etag
"60bf3be3-34d7"
vary
Accept-Encoding
x-varnish
110469112 121458461
cache-control
max-age=37758
x-cache-hits
2
x-age
6774
accept-ranges
bytes
content-type
application/javascript
content-length
5078
expires
Tue, 01 Feb 2022 03:03:07 GMT
/
kokomotribune-cnhi-pw.newsmemory.com/ 		169 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kokomotribune-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=fdc9e3eda6379554b14e0ffcff52d38e&v=1&r=6752
Requested by
Host: kokomotribune-cnhi-pw.newsmemory.com
URL: https://kokomotribune-cnhi-pw.newsmemory.com/?meter&v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 Minneapolis, United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
493b0d1099fd2daaa943d3aa89c2bf03e7cc23b2963e98f5ca5b9ea5bbdfdee3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:49 GMT
Last-Modified
Mon, 19 Apr 2021 20:41:21 UTC
Server
Apache
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Keep-Alive
timeout=2, max=299
Expires
Mon, 31 Jan 2022 18:33:49 UTC
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:51:26 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
20544
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 edf41293681a3c1555cb4f36266904cc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-type
application/javascript
x-amz-cf-id
WvGCOoKek8r5pkffsOEG_tH0_sbCxYjJJKZSsmz659zBHh0P__bbRw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 6D3E 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 21:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Jan 2023 21:08:57 GMT
/
adspsp.com/pt/1710310/19/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/19/1/?a=2,aX0,EfVfO0SYcQ&aa=&b=&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof&g=1Tx5&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.4a6&m=z&rnd=1643646829751
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
618ddc6ca6c30.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/d/a1/da1e8990-4366-11ec-9ce0-3faed2c17136/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/d/a1/da1e8990-4366-11ec-9ce0-3faed2c17136/618ddc6ca6c30.image.jpg?resize=640%2C943
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c394ec2ee93af879865739c69caad59161b8b8e6e83746769b33c42ec3242121
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=74121
last-modified
Fri, 12 Nov 2021 03:15:57 GMT
content-disposition
inline; filename="618ddc6ca6c30.webp"
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"752c484d4e6fe73d84ebbc340961b335"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 31 Jan 2023 13:24:15 GMT
cache-control
public, max-age=31536000
cf-ray
6d64580e2d138ccd-EWR
cf-bgj
imgq:85,h2pri
61f40546229a9.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/2/a4/2a4008a6-804b-11ec-8db0-ef63ee7b1cc9/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/2/a4/2a4008a6-804b-11ec-8db0-ef63ee7b1cc9/61f40546229a9.image.jpg?resize=640%2C427
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ef34825751aeb2b81acd036304d68e62aecf1d9fdd564424296b95352ec9bb1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
15108
cf-polished
origSize=43448, status=webp_bigger
last-modified
Fri, 28 Jan 2022 15:01:26 GMT
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"a69489d659b64d7377b38fef108070a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 31 Jan 2023 05:05:03 GMT
cache-control
public, max-age=31536000
cf-ray
6d64580e2d158ccd-EWR
cf-bgj
imgq:85,h2pri
61b0fb6271a8f.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/5/d0/5d09af96-5849-11ec-9919-232c45ebbb6a/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/5/d0/5d09af96-5849-11ec-9919-232c45ebbb6a/61b0fb6271a8f.image.jpg?resize=420%2C560
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df2aedfce5f1b1d0d549bdc24bac8ff8041df350bf45c0b225d4d84260150b9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
vary
Accept
cf-cache-status
HIT
age
15108
cf-polished
qual=85, origFmt=jpeg, origSize=23630
last-modified
Wed, 08 Dec 2021 18:37:22 GMT
content-disposition
inline; filename="61b0fb6271a8f.webp"
content-length
22572
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"bf4f69417c2e95cb384ea0b1d0d88d9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 30 Jan 2023 21:03:16 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6d64580e2d178ccd-EWR
cf-bgj
imgq:85,h2pri
61f6cdff13821.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/1/4d/14da5102-81f3-11ec-bcf4-cfaecef5cb22/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/1/4d/14da5102-81f3-11ec-bcf4-cfaecef5cb22/61f6cdff13821.image.jpg?resize=200%2C90
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a015445f2a03b0c7b4864804e25903bcc16ff7283b38b1ed3c8932396cdfacd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
vary
Accept
cf-cache-status
HIT
age
15108
cf-polished
qual=85, origFmt=jpeg, origSize=5348
last-modified
Sun, 30 Jan 2022 17:42:23 GMT
content-disposition
inline; filename="61f6cdff13821.webp"
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"53d550b1e0f6e14f2ef053e2bdff0fda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 31 Jan 2023 01:07:03 GMT
cache-control
public, max-age=31536000
cf-ray
6d64580e2d198ccd-EWR
cf-bgj
imgq:85,h2pri
61f44059d2bd3.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/1/79/179ca2fe-806e-11ec-8e3b-ebf85a2edb46/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/1/79/179ca2fe-806e-11ec-8e3b-ebf85a2edb46/61f44059d2bd3.image.jpg?resize=200%2C133
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeb7bb8e834d218b3e1439745d932596446ddebc85054532ba1c1e76e56a7fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
cf-cache-status
HIT
age
15108
cf-polished
origSize=6083, status=webp_bigger
last-modified
Fri, 28 Jan 2022 19:13:29 GMT
strict-transport-security
max-age=604800
content-length
5904
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6a1044df1ed982a64647dc357c9b0629"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 31 Jan 2023 01:07:03 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6d64580e2d1c8ccd-EWR
cf-bgj
imgq:85,h2pri
61f1de7205ac0.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/d/87/d87a4e76-7f02-11ec-a4ff-d7d9f976640b/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/d/87/d87a4e76-7f02-11ec-a4ff-d7d9f976640b/61f1de7205ac0.image.jpg?resize=200%2C133
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2c09b0ac927ec0bacd68659899c7babd73d2eab22d2961e63698a8b0a2b10c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
76128
cf-polished
degrade=85, origSize=10177, status=webp_bigger
last-modified
Wed, 26 Jan 2022 23:51:14 GMT
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"77c98e0e4a8ca291bd247a888d3e0c7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 29 Jan 2023 09:45:46 GMT
cache-control
public, max-age=31536000
cf-ray
6d64580e2d1f8ccd-EWR
cf-bgj
imgq:85,h2pri
559a1269ca2c1.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/1/62/162905de-23a0-11e5-a378-1f703bea55f3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/1/62/162905de-23a0-11e5-a378-1f703bea55f3/559a1269ca2c1.image.jpg?resize=200%2C133
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7062c71186c3d113954f7c16fa2a97ac412ec1f3567c643524e2ff3466b74450
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
76128
cf-polished
origSize=8175, status=webp_bigger
last-modified
Mon, 06 Jul 2015 05:30:18 GMT
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"4a88a74723619bc96bff9fd142ab629f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 28 Jan 2023 23:58:39 GMT
cache-control
public, max-age=31536000
cf-ray
6d64580e2d238ccd-EWR
cf-bgj
imgq:85,h2pri
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKH5QP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6771
date
Mon, 31 Jan 2022 14:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 31 Jan 2022 16:40:59 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.213 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 07 Feb 2022 16:33:50 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.70.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-70-28.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 14:49:03 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 06:48:52 GMT
server
nginx
age
6287
etag
W/"61f391d4-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
FfV5lBf57kml8APjrjM-VYVGSSAyYOrtLuXxj8gJ0Iu5_VP8QNo28A==
expires
Mon, 31 Jan 2022 16:49:03 GMT
gtm.js
www.googletagmanager.com/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d7334e3058fafd087fd49936884e71a6581aa51b2c2333fb4bc005cf79ecdee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35157
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 16:33:50 GMT
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=13489
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:49 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
82F91A5245B4499C
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43363
accept-ranges
bytes
content-length
55696
x-amz-id-2
HxMX4YuovAQtPtmyLOMRI+UKS+eXimafQxyTKx6QVTsrLXpgKIsdNaO+akPBc5GSeAZ3/sC+L9U=
trk.gif
jadserve.postrelease.com/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3642092&ntv_pl=1091317
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.226.129.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-129-154.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
CE5EC1774DCD49A09D0854F3E1753790.png
ntvcld-a.akamaihd.net/image/upload/w_161,h_121,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntvcld-a.akamaihd.net/image/upload/w_161,h_121,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/CE5EC1774DCD49A09D0854F3E1753790.png
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.215.130.97 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-97.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
242fef2eb261b4818f86b0b830c3281a5d8ebf5080b47d7aa93d239dbb05b95a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:50 GMT
X-Check-Cacheable
YES
X-Serial
1732
ETag
"f41671d61cc295321a2782df782503a1"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1549927
Last-Modified
Wed, 19 Jan 2022 15:06:17 GMT
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
5190
Server
Akamai Image Manager
Expires
Fri, 18 Feb 2022 15:05:57 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=3ff01f74-c7fb-4d5c-b355-6bcdf01d3270&ntv_a=bUIHAJUdSA9aYQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWQISAsQ_UToJy2F8VWZ6c6-InmqQoxUbtsMrIAzp1QMgBetkjHcMngCRbOxPjUIXIRTRA0RHHN1-Y3OehU5JZhix3iRCC7CIW0GyvcSgCwzi_zJeykalMYvwP-ilCHmZ3e-tUnUSFm312P3Lfu4tz5GFIB113nDGDCRTWgimbhFI4qgKRE6tPG752DW_OFPozg==&ord=-1924428667&ntv_ht=bQ_4YQA&ntv_tad=16&ntv_it
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.226.129.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-129-154.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		285 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=dda93a5d13fb9f97f916b61b69c0971b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
9192cb6f6c6d382208a3392fc275f83d86be7c82079c9288baf0a1f59b24acb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.kokomotribune.com/
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
0Yqc5OyjygUR/rpgZ0I6cQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 31 Jan 2023 14:45:19 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82046
x-fb-rlafr
0
x-fb-debug
WW396+X2WDroGeoyJ6WzyNFyL0XsuXORjOxFoIH2/nYXoa1fCiCZRiD1+aQqKAaTZoTP428NaBQYEYTbLvtHKQ==
x-fb-trip-id
1512268381
x-fb-content-md5
22715f45b8e5abc38046d4a140029895
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 31 Jan 2022 16:33:50 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3b34e56814bf73b32925d10dff78a3d7"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7969&xuid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date
Mon, 31 Jan 2022 16:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=72F68BF5CAC442F6A9C7DDC6AF708C4C
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
34.195.162.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-162-159.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Mon, 31 Jan 2022 16:33:50 GMT
x-content-type-options
nosniff
server
nginx
location
https://simplifi.partners.tremorhub.com/sync?UISF=72F68BF5CAC442F6A9C7DDC6AF708C4C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:50 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
95 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
date
Mon, 31 Jan 2022 16:33:50 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://d.agkn.com/pixel/10751/?che=1643646830176&ip=37.120.138.195&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D163850504048006765284
  • https://um.simpli.fi/aa_px?sk=163850504048006765284
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/aa_px?sk=163850504048006765284
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
52.116.221.248 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
f8.dd.7434.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:50 GMT
via
1.1 2c6ca3b401fc63cf43d9316aff164af4.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
https://um.simpli.fi/aa_px?sk=163850504048006765284
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
hQu_MmFAndyD2_KphdPW0947VO5YkPaT2pq9OpmhuOgj6D2Jh642pw==
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/nexage
  • https://pixel.advertising.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1
  • https://pixel.advertising.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
date
Mon, 31 Jan 2022 16:33:50 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72F68BF5CAC442F6A9C7DDC6AF708C4C&ckls=true&ci=laymcpWfEK&nc=false&trid=913102020
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D2124307461%26rnd%3...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTdBNjQxQ0YtMDEwNS00RTc1LUEzRDEtREU5MzFDRUQwNDI1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2124307461&rnd=-326685743&pcid=97A641CF-0105-4E75-A3D1-DE931CED0425
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2124307461%3B1402230080%26rnd%3D-1668722323&pci...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2124307461;1402230080&rnd=-1668722323&pcid=4909702476009743137
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D2124...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=2124307461;1402230080;1709765917&rnd=829553842&pcid=1ecf39d0-5deb-4312-a88d-d898376772de
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D2124307461%3B...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=2124307461;1402230080;1709765917;1486637409&rnd=2067582216&pcid=926f08b8-82b3-11ec-929d-1ee132960503
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D2124307461%3B14022300...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=2124307461;1402230080;1709765917;1486637409;1072441116&rnd=791299099&pcid=6a6661f8-0f72-4100-92ed-e18...
  • https://ce.lijit.com/merge?pid=8101&3pid=laymcpWfEK&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D2124307461%3B14...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=2124307461;1402230080;1709765917;1486637409;1072441116;1678944572&rnd=-707261827&pcid=1da497eb4b4e340f...
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D2124307461%3B14022300...
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005?redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=2124307461;1402230080;1709765917;1486637409;1072441116;1678944572;396218182&rnd=-2136835725&pcid=RX-8b...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=2124307461;1402230080;1709765917;1486637409;1072441116;1678944572;396218182&rnd=-2136835725&pcid=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
143.204.150.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-88.ewr52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:00 GMT
via
1.1 c9b8615e0529e4075f3b458a6fe96d44.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
sEvoPxv8GaBqmddd6yjVe9A9w5VyXYBa_cpocpjxClke3dxcQRW_Dg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 16:34:00 GMT
Server
Tengine
ETag
RX8beedfc7374e480eb3313f80ef61d4f1005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=2124307461;1402230080;1709765917;1486637409;1072441116;1678944572;396218182&rnd=-2136835725&pcid=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Connection
keep-alive
Content-Type
text/html
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug029:0:371
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 31 Jan 2022 16:33:50 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:50 GMT
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=72F68BF5CAC442F6A9C7DDC6AF708C4C
43 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
63.251.28.219 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:50 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1643646830931002-13

Redirect headers

date
Mon, 31 Jan 2022 16:33:50 GMT
x-content-type-options
nosniff
server
nginx
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=72F68BF5CAC442F6A9C7DDC6AF708C4C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:50 GMT
400646.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=72F68BF5CAC442F6A9C7DDC6AF708C4C;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=72F68BF5CAC442F6A9C7DDC6AF708C4C;mimetype=img;sr
  • https://idsync.rlcdn.com/400646.gif?partner_uid=-5300206588947378593
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/400646.gif?partner_uid=-5300206588947378593
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:51 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp7.us1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://idsync.rlcdn.com/400646.gif?partner_uid=-5300206588947378593
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=72F68BF5CAC442F6A9C7DDC6AF708C4C&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=72F68BF5CAC442F6A9C7DDC6AF708C4C&j=0&xl8blockcheck=1
0
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=72F68BF5CAC442F6A9C7DDC6AF708C4C&j=0&xl8blockcheck=1
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 31 Jan 2022 16:33:50 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=72F68BF5CAC442F6A9C7DDC6AF708C4C&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&verify=true
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&verify=true
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&_origin=1&verify=true
date
Mon, 31 Jan 2022 16:33:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
54.243.106.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-106-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 31 Jan 2022 16:33:50 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:50 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:50 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=72F68BF5CAC442F6A9C7DDC6AF708C4C
62 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:50 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

date
Mon, 31 Jan 2022 16:33:50 GMT
x-content-type-options
nosniff
server
nginx
location
https://stags.bluekai.com/site/29931?id=72F68BF5CAC442F6A9C7DDC6AF708C4C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:50 GMT
tpid=72F68BF5CAC442F6A9C7DDC6AF708C4C
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=72F68BF5CAC442F6A9C7DDC6AF708C4C
49 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-43-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.244
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=72F68BF5CAC442F6A9C7DDC6AF708C4C
cache-control
no-cache
x-server
10.40.45.118
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://ce.lijit.com/merge?pid=2&3pid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dnr=1
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:50 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:50 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=72F68BF5CAC442F6A9C7DDC6AF708C4C&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNzJGNjhCRjVDQUM0NDJGNkE5QzdEREM2QUY3MDhDNEMQABoNCO6e4I8GEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1177ced81f915cf4ee51c848e60dc6c6107f025e4831dbecf44a76e317e26e28791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxMTc3Y2VkODFmOTE1Y2Y0ZWU1MWM4NDhlNjBkYzZjNjEwN2YwMjVlNDgzMWRiZWNmNDRhNzZlMzE3ZTI2ZTI4NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxMTc3Y2VkODFmOTE1Y2Y0ZWU1MWM4NDhlNjBkYzZjNjEwN2YwMjVlNDgzMWRiZWNmNDRhNzZlMzE3ZTI2ZTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwI7p7gjwYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
34.237.173.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-173-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1643646831
x-served-by
beacon-n018-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
date
Mon, 31 Jan 2022 16:33:51 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a006-ash-prod.krxd.net
/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1643646829859&cv=7&fst=1643646829859&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=78050689&cv=7&fst=1643646829859&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=78050689&cv=7&fst=1643646829859&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=78050689&cv=7&fst=1643646829859&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=bg_4YffNCOePoPMPraWBkAU&random=2788713793
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=78050689&cv=7&fst=1643646829859&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=bg_4YffNCOePoPMPraWBkAU&random=2788713793
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&__user_check__=1&sync_id=926f0932-82b3-11ec-929d-1ee132960503
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&__user_check__=1&sync_id=926f0932-82b3-11ec-929d-1ee132960503
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
395
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 31 Jan 2022 16:33:50 GMT
Server
nginx
Location
/partner?adv_id=7797&uid=72F68BF5CAC442F6A9C7DDC6AF708C4C&__user_check__=1&sync_id=926f0932-82b3-11ec-929d-1ee132960503
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
256
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D72F68BF5CAC442F6A9C7DDC6AF708C4C
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:50 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
3e154d92-38f2-4bc7-b0af-b49cca74978d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:50 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
35aea296-05b4-4c69-84ef-20b1a42b8ef9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D72F68BF5CAC442F6A9C7DDC6AF708C4C
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=72F68BF5CAC442F6A9C7DDC6AF708C4C&expires=365
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=72F68BF5CAC442F6A9C7DDC6AF708C4C&expires=365
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Mon, 31 Jan 2022 16:33:50 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=72F68BF5CAC442F6A9C7DDC6AF708C4C&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:50 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
date
Mon, 31 Jan 2022 16:33:50 GMT
via
1.1 google
server
OXGW/17.1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEJqAhdXDtckq8WweGwMQwgc&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=72F68BF5CAC442F6A9C7DDC6AF708C4C
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
52.116.221.248 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
f8.dd.7434.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 30 Jan 2022 16:33:50 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13489
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		318 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/13489?t=2022031166
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
17bb3786c165a2e201f712c8a9cdcb7313cddac82c910284aeccacfd8e8ba5c7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
gcoNlE6hNdOO6SPLdxg7U7i7OZh7AZ3.
last-modified
Mon, 31 Jan 2022 15:46:53 GMT
server
AmazonS3
x-amz-request-id
K09Z094NGQ58TN65
etag
"a33e4d1181db0a3c15e56921199331bd"
content-type
application/octet-stream
date
Mon, 31 Jan 2022 16:33:50 GMT
accept-ranges
bytes
content-length
318
x-amz-id-2
DtrxC+szqt8S7tiWbwZXnIkJ0/Sjf2QQ/6H3ykyhseoCrBy+ki9vgvdJ3Z2fyYdFYgVcthWn+gM=
/
kokomotribune-cnhi-pw.newsmemory.com/ 		88 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kokomotribune-cnhi-pw.newsmemory.com/?meter&service=autologout&ta_MACHINE_ID=fdc9e3eda6379554b14e0ffcff52d38e&r=1643646830062
Requested by
Host: kokomotribune-cnhi-pw.newsmemory.com
URL: https://kokomotribune-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=fdc9e3eda6379554b14e0ffcff52d38e&v=1&r=6752
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 Minneapolis, United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:50 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST
Content-Type
text/html
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
88
Keep-Alive
timeout=2, max=300
61f5d188624ef.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/8/02/802cace8-815d-11ec-a907-bfc4a6a330d8/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/8/02/802cace8-815d-11ec-a907-bfc4a6a330d8/61f5d188624ef.image.jpg?resize=200%2C152
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0e9ef1f62d757a9cc35d52d7c73f4b879a1f1014da711583cfd93f6f0bf381f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
vary
Accept-Encoding
cf-cache-status
HIT
cf-polished
degrade=85, origSize=11375, status=webp_bigger
last-modified
Sat, 29 Jan 2022 23:45:12 GMT
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"2de07856ce3b242db46b85942f0df9ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 31 Jan 2023 06:04:59 GMT
cache-control
public, max-age=31536000
cf-ray
6d6458101b0c8ccd-EWR
cf-bgj
imgq:85,h2pri
618f47159ae9e.image.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/f/98/f984b114-443e-11ec-824f-73da8d4410f1/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/assets/v3/editorial/f/98/f984b114-443e-11ec-824f-73da8d4410f1/618f47159ae9e.image.jpg?resize=200%2C193
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65663dee4751f568ca96f15471fdd2e9ed91725459a2ebb7473f6a50e2c87155
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=7059
last-modified
Sat, 13 Nov 2021 05:03:17 GMT
content-disposition
inline; filename="618f47159ae9e.webp"
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"018196a7e7ffc57feb9bef5316f38e41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 27 Jan 2023 03:41:09 GMT
cache-control
public, max-age=31536000
cf-ray
6d6458104b998ccd-EWR
cf-bgj
imgq:85,h2pri
95356b82-6d8b-11e8-a4bf-337d6ae5ea08.jpg
bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/custom/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/custom/image/95356b82-6d8b-11e8-a4bf-337d6ae5ea08.jpg?resize=200%2C200
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bdf4d47347587c1bc0642cef00f65a4783f395f4f982ae47768d22d74e18ab
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
vary
Accept
cf-cache-status
HIT
age
2462156
cf-polished
qual=85, origFmt=jpeg, origSize=4250
last-modified
Mon, 11 Jun 2018 15:24:53 GMT
content-disposition
inline; filename="95356b82-6d8b-11e8-a4bf-337d6ae5ea08.webp"
content-length
2816
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"031908ba97280d4fd0a8e95894183ae8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 02 Dec 2022 19:13:17 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6d6458104ba18ccd-EWR
cf-bgj
imgq:85,h2pri
ap_widgets.css
wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/ Frame 6D3E 		46 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/ap_widgets.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.100.146.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-146-176.deploy.static.akamaitechnologies.com
Software
AWS Server / AP - AK
Resource Hash
40f3b375ce51b5862cf2bd6ed720107513cc2eff0db49c1e17cfff62d69707d6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 10:27:09 GMT
server
AWS Server
x-powered-by
AP - AK
etag
"61962a7d-b847"
vary
Accept-Encoding
x-varnish
3965240 892061
cache-control
max-age=34282
x-cache-hits
11
x-age
107793
accept-ranges
bytes
content-type
text/css
content-length
5482
expires
Tue, 01 Feb 2022 02:05:12 GMT
latest_news
wintergames.ap.org/CNHI/ap_widgets/widget/ad/ Frame B9F8 		1 KB
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wintergames.ap.org/CNHI/ap_widgets/widget/ad/latest_news
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.100.146.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-146-176.deploy.static.akamaitechnologies.com
Software
AWS Server / AP - AK
Resource Hash
933629f4a68375cf93d1ba6f36b5b0d2ecd685400de8eac8f4772b87f41db788

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d

Response headers

content-type
text/html; charset=UTF-8
x-varnish
43699395 43627356
x-age
32
x-cache-hits
2
server
AWS Server
x-powered-by
AP - AK
accept-ranges
bytes
content-encoding
gzip
content-length
524
date
Mon, 31 Jan 2022 16:33:50 GMT
vary
Accept-Encoding
v2.js
wintergames.ap.org/profiles/verticals/modules/custom/ap_widgets/src/js/ Frame 6D3E 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wintergames.ap.org/profiles/verticals/modules/custom/ap_widgets/src/js/v2.js?_=1643646830123
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.100.146.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-146-176.deploy.static.akamaitechnologies.com
Software
AWS Server / AP - AK
Resource Hash
caf523362238fb40fef75372c56e8354af12ad15c8fa7ec2107afe0af532a92d

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d
X-Requested-With
XMLHttpRequest
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 09:44:04 GMT
server
AWS Server
x-powered-by
AP - AK
etag
"60bf3be4-104b"
vary
Accept-Encoding
x-varnish
56723948 56334948
cache-control
max-age=47005
x-cache-hits
2
x-age
3814
accept-ranges
bytes
content-type
application/javascript
content-length
903
expires
Tue, 01 Feb 2022 05:37:15 GMT
analytics.js
ssl.google-analytics.com/ Frame 6D3E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/analytics.js
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/iframe/widgets/content/1bcb6303273d24de0262af2c7995cd1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2513
date
Mon, 31 Jan 2022 15:51:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 31 Jan 2022 17:51:57 GMT
preview.jpg
mapi.associatedpress.com/v1/items/352e5db810024163bf52e012637cb476/preview/ Frame 6D3E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mapi.associatedpress.com/v1/items/352e5db810024163bf52e012637cb476/preview/preview.jpg?s=100x100
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-15.ewr50.r.cloudfront.net
Software
/
Resource Hash
f4fd771eec52660fba576989381168a5537a7a70ef63390902f0b3be1bb98b38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 13:06:01 GMT
Via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
12469
X-DNS-Prefetch-Control
off
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8383
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 30 Jan 2022 16:01:22 GMT
ETag
"59d741a3373347fda0a49aa4dd9479e4"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Amz-Cf-Pop
EWR50-C1
X-Amz-Cf-Id
FbLnt9qftsuldqveUy-Kz6fMSdTwVjFtJMNiDJYnnliFdAqtOdh2tg==
preview.jpg
mapi.associatedpress.com/v1/items/b15184dfad804257a9847ec004a59fd9/preview/ Frame 6D3E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mapi.associatedpress.com/v1/items/b15184dfad804257a9847ec004a59fd9/preview/preview.jpg?s=100x100
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-15.ewr50.r.cloudfront.net
Software
/
Resource Hash
5ac0bbb7d70f87cd2e6ee7a62ce39d7aa6fe114d47e47bec8d50bb55759bbf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 08:36:45 GMT
Via
1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
28625
X-DNS-Prefetch-Control
off
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9170
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 31 Jan 2022 05:01:42 GMT
ETag
"212383f4a4bdef79227038f53fc3b003"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Amz-Cf-Pop
EWR50-C1
X-Amz-Cf-Id
7EJNDRYXQS5mEJcYUOsSI4mM-hDqDTRhsbp7kMeBfYa8XSWMLAvdbw==
preview.jpg
mapi.associatedpress.com/v1/items/97b53cb5ccdb46ce8a5c723295ed11af/preview/ Frame 6D3E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mapi.associatedpress.com/v1/items/97b53cb5ccdb46ce8a5c723295ed11af/preview/preview.jpg?s=100x100
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-15.ewr50.r.cloudfront.net
Software
/
Resource Hash
e885da579684e0f5edd18d83f0dc5d249faa8f2b74b10c4b859409ec4d956cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 08:17:37 GMT
Via
1.1 7f59e30d6672b7ea91c10bca6108d29a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
29773
X-DNS-Prefetch-Control
off
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9644
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 31 Jan 2022 01:50:36 GMT
ETag
"0800a4952797e100898949d9b278edc8"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Amz-Cf-Pop
EWR50-C1
X-Amz-Cf-Id
IC3WvjxntBCNIKMtAs4V6shWg87jXxiSwsLK2RuljeaG9HmqiJbKAw==
preview.jpg
mapi.associatedpress.com/v1/items/18ffd26b30424508829d1c05e3013358/preview/ Frame 6D3E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mapi.associatedpress.com/v1/items/18ffd26b30424508829d1c05e3013358/preview/preview.jpg?s=100x100
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-15.ewr50.r.cloudfront.net
Software
/
Resource Hash
2014958457f9c77c4c253c58a3d7d0d44f87b6cbbb009a7c0b4d055b74bcdc7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 03:01:28 GMT
Via
1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
48742
X-DNS-Prefetch-Control
off
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9331
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 26 Jan 2022 16:47:19 GMT
ETag
"6359403bba00b3080677b6db628ecff5"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Amz-Cf-Pop
EWR50-C1
X-Amz-Cf-Id
JqTDY1NWDIiSDjEL-gnCVV6VIW1la_Q6O4iJgjnqk9oMpEdqfN69Wg==
preview.jpg
mapi.associatedpress.com/v1/items/4cfe7af11b5a4741bdab449d53c0e562/preview/ Frame 6D3E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mapi.associatedpress.com/v1/items/4cfe7af11b5a4741bdab449d53c0e562/preview/preview.jpg?s=100x100
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-15.ewr50.r.cloudfront.net
Software
/
Resource Hash
9a3905be72bc6c9f36cbbcdf926ee9432fd182c16d173f677ab9cd3c1e5cd1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 17:26:23 GMT
Via
1.1 a7c7e4aa6d7cf400aa51dc847716996e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
83247
X-DNS-Prefetch-Control
off
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9602
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 29 Jan 2022 07:06:12 GMT
ETag
"bc670063bdd740c86661bcafa407b4f5"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Amz-Cf-Pop
EWR50-C1
X-Amz-Cf-Id
C7kxJFWv6B-I5Fl-v9mcld7vTTx2_VrHS0YxuE7dwrNA-CyOqsoy-A==
Good-W05-News.woff
wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/fonts/goodot/ Frame 6D3E 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/fonts/goodot/Good-W05-News.woff
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/ap_widgets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.100.146.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-146-176.deploy.static.akamaitechnologies.com
Software
AWS Server / AP - AK
Resource Hash
560200d3df1251de2e33e73b5dc39c2d39227c9ec21528d3246428078cda9053

Request headers

Referer
https://wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/ap_widgets.css
Origin
https://wintergames.ap.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
etag
"613a1d38-162da"
last-modified
Thu, 09 Sep 2021 14:42:00 GMT
server
AWS Server
x-powered-by
AP - AK
x-varnish
40889057 524582
cache-control
max-age=137
x-cache-hits
28208
x-age
1446889
accept-ranges
bytes
content-type
font/woff
content-length
90842
expires
Mon, 31 Jan 2022 16:36:07 GMT
Good-W05-Cond-Bold.woff
wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/fonts/goodot/ Frame 6D3E 		86 KB
86 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/fonts/goodot/Good-W05-Cond-Bold.woff
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/ap_widgets.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.100.146.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-146-176.deploy.static.akamaitechnologies.com
Software
AWS Server / AP - AK
Resource Hash
a9d030922966efac8bc7d2cf47756946383b523d9487d1a34e2babd7f7b59b66

Request headers

Referer
https://wintergames.ap.org/profiles/verticals/themes/ap_wintergames/widgets/css/ap_widgets.css
Origin
https://wintergames.ap.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
etag
"613a1d38-15704"
last-modified
Thu, 09 Sep 2021 14:42:00 GMT
server
AWS Server
x-powered-by
AP - AK
x-varnish
41073433 262480
cache-control
max-age=358
x-cache-hits
26017
x-age
1450391
accept-ranges
bytes
content-type
font/woff
content-length
87812
expires
Mon, 31 Jan 2022 16:39:48 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2313981-47&cid=368398424.1643646830&jid=678104614&gjid=330901194&_gid=1807568385.1643646830&_u=YGBAgEABAAAAAE~&z=1747406503
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 Jan 2022 16:33:50 GMT
content-type
text/plain
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2313981-1&cid=368398424.1643646830&jid=1528804242&gjid=2043147184&_gid=1807568385.1643646830&_u=YGDAgEABAAAAAE~&z=1129447363
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 Jan 2022 16:33:50 GMT
content-type
text/plain
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f14.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1591636544&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kokomotribune.com%2F&ul=en-us&de=UTF-8&dt=kokomotribune.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=678104614&gjid=330901194&cid=368398424.1643646830&tid=UA-2313981-47&_gid=1807568385.1643646830&gtm=2wg1q0KKH5QP&cd2=1643646829861.68dbhrup&cd3=2022-01-31T16%3A33%3A49.861%2B00%3A00&z=833864890
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 09:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25101
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1591636544&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kokomotribune.com%2F&ul=en-us&de=UTF-8&dt=kokomotribune.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAE~&jid=1528804242&gjid=2043147184&cid=368398424.1643646830&tid=UA-2313981-1&_gid=1807568385.1643646830&gtm=2wg1q0KKH5QP&z=2092264128
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 09:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25101
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1591636544&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.kokomotribune.com%2F&ul=en-us&de=UTF-8&dt=kokomotribune.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section&ea=Load&el=homepage&ev=1&_u=YGDAgEABAAAAAE~&jid=&gjid=&cid=368398424.1643646830&tid=UA-2313981-47&_gid=1807568385.1643646830&gtm=2wg1q0KKH5QP&z=98784096
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 09:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25101
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame B9F8 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/CNHI/ap_widgets/widget/ad/latest_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
b5ff7ce5d36fa56a72f6fe5982cdc9e2f02c54f23a3e921caeaaa25e0850764c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27242
x-xss-protection
0
server
sffe
etag
"1118 / 766 of 1000 / last-modified: 1643639060"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 16:33:50 GMT
rules-p-eb6rW8CarLDWY.js
rules.quantcount.com/ 		3 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-eb6rW8CarLDWY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-54.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:43:53 GMT
via
1.1 bdfe34c94134f86b07ebb7714d12d094.cloudfront.net (CloudFront)
age
20998
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:03:26 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
x-amz-cf-id
ZYH47XQcqmXDxT8NHz8npMU2WwHnzPqrw6l0quWI_H8S2CvsY4KVdg==
advertiserwidget.css
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202112060/css/ 		522 B
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202112060/css/advertiserwidget.css
Requested by
Host: d1gzrgn7m19oq9.cloudfront.net
URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-95.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 23:16:36 GMT
Via
1.1 95e9f369e54eb77c8abfd772b46c5a7a.cloudfront.net (CloudFront)
Last-Modified
Mon, 06 Dec 2021 15:18:00 GMT
Server
AmazonS3
Age
62236
ETag
"b325bb01ffc184ad1cb95dcd96959b45"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C4
Accept-Ranges
bytes
Content-Length
522
X-Amz-Cf-Id
MVhQI9SJkS1fDQpDTY0T1h6yWYpaxUs2yUS9ZzO028tATaPBYFskeQ==
advertiserwidget.js
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202112060/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202112060/js/advertiserwidget.js
Requested by
Host: d1gzrgn7m19oq9.cloudfront.net
URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-95.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe87433fa1130af12f23ff8ecc0fc3dd20d3d3f82bacbaca450b708467965cda

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 31 Jan 2022 11:23:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Dec 2021 15:18:00 GMT
Server
AmazonS3
Age
18609
ETag
W/"818bf56af8bae4d989b6fe947c57fae2"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6afc1c7b9e6d4dbe30a0b3eae05d0f9e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
EWR52-C4
X-Amz-Cf-Id
vUxLJ1Ox4ZU3Aj4GfLlF1CuQzc4tBKExRf4oRJ-m4HbxbEhNn0g_BQ==
js
www.googletagmanager.com/gtag/ 		158 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dabb7a364d98701c4715933cb35deab6445b8413697d3d3fa63e73c49de252d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60063
x-xss-protection
0
expires
Mon, 31 Jan 2022 16:33:50 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54716522-7&cid=368398424.1643646830&jid=1466944708&gjid=1466685786&_gid=1807568385.1643646830&_u=YGDAgUABAAQCAE~&z=1829494233
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 Jan 2022 16:33:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1591636544&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kokomotribune.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=kokomotribune.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAQCAE~&jid=1466944708&gjid=1466685786&cid=368398424.1643646830&tid=UA-54716522-7&_gid=1807568385.1643646830&gtm=2wg1q0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.kokomotribune.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=2799&z=519919244
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 09:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25102
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022012601.js
securepubads.g.doubleclick.net/gpt/ Frame B9F8 		355 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
097f27605ca0d079486d606eb3ab573a5685710b4f6d9d906327bcbffa45bec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 01:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122255
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 09:34:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 31 Jan 2023 01:39:58 GMT
pixel;r=318973880;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.kokomotribune.com%2F;uht=2;fpan=1;fpa=P0-1899493760-1643646831096;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=ko...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=318973880;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.kokomotribune.com%2F;uht=2;fpan=1;fpa=P0-1899493760-1643646831096;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=kokomotribune.com;je=0;sr=1600x1200x24;dst=0;et=1643646831096;tzo=0;ogl=type.website%2Curl.https%3A%2F%2Fwww%252Ekokomotribune%252Ecom%2F%2Cimage.https%3A%2F%2Fbloximages%252Echicago2%252Evip%252Etownnews%252Ecom%2Fkokomotribune%252Ecom%2Fcontent%2Ftncms%2Fcus%2Cimage%3Awidth.200%2Cimage%3Aheight.200%2Ctitle.kokomotribune%252Ecom%2Cdescription.Read%20the%20latest%20news%252C%20sports%252C%20features%252C%20weather%20and%20breaking%20stories%20from%20Kokomo%2Csite_name.Kokomo%20Tribune
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.213 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
www.google-analytics.com/g/ 		0
137 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe1q0&_p=1591636544&sr=1600x1200&ul=en-us&cid=368398424.1643646830&_s=1&dl=https%3A%2F%2Fwww.kokomotribune.com%2F&dt=kokomotribune.com&sid=1643646830&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.skin_version=3.155.0&ep.subscription_required=No&epn.blox_render_time=2799&up.logged_in=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track.gif
a.wishabi.com/ 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=load&st=module&t=1643646831166&module_id=27176
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-110.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
via
1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
2A4JXyQGkUo4N6Vjm0RB1WtePM152OWNcvbwHu6YoCXmDiLhSeC74w==
x-cache
Miss from cloudfront
gtm.js
www.googletagmanager.com/ 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
40d608a878688699c09b2399f1d15283184ab7c75c944bc5edbbbd9864e26764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39032
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 16:33:51 GMT
fontawesome-webfont.e6cf7c6ec7c2d6f670ae9d762604cb0b.woff2
bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/fontawesome-webfont.e6cf7c6ec7c2d6f670ae9d762604cb0b.woff2?v=4.6.3
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Mon, 06 Jun 2016 15:20:27 GMT
content-length
71896
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"575594bb-118d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6d645816fbab3314-EWR
expires
Fri, 06 Jan 2023 00:21:42 GMT
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
widgetinfo
p.cityspark.com/api/widgets/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=1437&callback=jsonp1643647023937
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0304020d555cd01e64c4a0aa6e52e16d829db28b917bb6abf54c6602a487cfb1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
truncated
/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c15de2b5340a556c099e0154a767d50bd42c3713fe89bd5c2369def7d93767bf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
img/png
integrator.js
adservice.google.com/adsid/ Frame B9F8 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wintergames.ap.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B9F8 		40 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4113451364258125&correlator=2531930316110921&output=ldjh&impl=fifs&eid=31064600%2C31064613&vrg=2022012601&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=15786418%2Cwintergames%2CCNHI%2Clatest_news&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&cdm=wintergames.ap.org&bc=31&abxe=1&dt=1643646831309&lmt=1643646831&dlt=1643646830209&idt=1073&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=2&adxs=441&adys=51&adks=1803448813&ucis=on8tlmadju8d&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=2&url=https%3A%2F%2Fwintergames.ap.org%2FCNHI%2Fap_widgets%2Fwidget%2Fad%2Flatest_news&ref=https%3A%2F%2Fwintergames.ap.org%2Fiframe%2Fwidgets%2Fcontent%2F1bcb6303273d24de0262af2c7995cd1d&top=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x0&ga_vid=498031773.1643646831&ga_sid=1643646831&ga_hid=1375977555&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e10a7643601b9ae48195f155cec4ab03854c5d2c11d6df55eba63a28055f91f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10198
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wintergames.ap.org
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2d1b37fe53721e3efb41e50d4b65092a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1856 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://2d1b37fe53721e3efb41e50d4b65092a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 16:33:51 GMT
expires
Tue, 31 Jan 2023 16:33:51 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
skeleton.gif
static.adsafeprotected.com/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-96.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 18:48:18 GMT
via
1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
age
25652734
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
GR_wQjDJ8kT5OPE5Wj35MCf8by8-GEG-ppr-FSQhnFOpEqYNk8Zwfg==
var=tncms_siteaud
ad.crwdcntrl.net/5/c=6880/pe=y/ 		141 B
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.crwdcntrl.net/5/c=6880/pe=y/var=tncms_siteaud
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-43-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e1f6f93d995771ca388da54dd27a57b33c7bae3f5cf489b4eb38b73ac64e7e04

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.41.224
content-type
application/javascript;charset=utf-8
content-length
141
expires
0
diberp-tcx-v4.29.0-v2.js
www.americanhometownmedia.com/static/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 23:01:00 GMT
content-encoding
gzip
age
1445571
x-guploader-uploadid
ADPycdthvLH0siiA-NfCdJfyBYMywA4rk82-OgWRCUVu2gnXUmmsqs4185h5io8ySqZSv9oYGTOgOeQ64yaTV5un0-osPBj3ew
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
106099
last-modified
Thu, 04 Mar 2021 16:18:32 GMT
server
UploadServer
etag
"02c7b9ff3fbd84a1b8d93e95e255b626"
vary
Accept-Encoding, Origin
x-goog-hash
crc32c=2R6v6g==, md5=Ase5/z+9hKG42T6V4lW2Jg==
x-goog-generation
1614874712638160
cache-control
public, max-age=31536000
x-goog-stored-content-length
106099
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 14 Jan 2023 23:01:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
3c5dc62e6570d4f38388ab5e91d4f5c6ae09d7214bed826b569ad689668b4b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27242
x-xss-protection
0
server
sffe
etag
"1118 / 313 of 1000 / last-modified: 1643639060"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 16:33:51 GMT
ui-bg_flat_75_ffffff_40x100.png
code.jquery.com/ui/1.10.4/themes/smoothness/images/ 		260 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.10.4/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528903065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
91411b5954162a3763020415863fec17438020e287ec1822dd99bbf07e6cf991

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
"611feaca-104"
x-hw
1643646831.dop040.ny3.t,1643646831.cds223.ny3.hn,1643646831.cds048.ny3.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
260
ui-icons_454545_256x240.png
code.jquery.com/ui/1.10.4/themes/smoothness/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.10.4/themes/smoothness/images/ui-icons_454545_256x240.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528903065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
f1f7b44bca6fa1be603ce2616c3a100f43ad9c5bbb2527a645326065b43c3dfa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
"611feaca-1b3d"
x-hw
1643646831.dop040.ny3.t,1643646831.cds223.ny3.hn,1643646831.cds207.ny3.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6973
ui-icons_888888_256x240.png
code.jquery.com/ui/1.10.4/themes/smoothness/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.10.4/themes/smoothness/images/ui-icons_888888_256x240.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/kokomotribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528903065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
cc765c2c6c219c6082e91d06ddf23142ebe46f856560a0deda8f04f1c7f03691

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
"611feaca-1b84"
x-hw
1643646831.dop040.ny3.t,1643646831.cds223.ny3.hn,1643646831.cds044.ny3.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7044
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cnhi.com&p=%2F&u=Q2pGAByeZ72DD7jUs&d=kokomotribune.com&g=34377&g0=kokomotribune&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8022&o=1610&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3058&t=DV5eM_DT1dhdg1V_TC_Em-VB1SseT&V=129&i=kokomotribune.com&tz=0&sn=1&sv=DPEFOWCr0IThB2mZKjDwvEiBCjwJR8&sd=1&im=061b2ffa&_
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.74.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-74-135.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
v2
api.viafoura.co/v2/www.kokomotribune.com/bootstrap/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.kokomotribune.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.31.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-31-67.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89b5f1bbabbec5d3e258d1644d8c4bf4f8b906c5c22995f6ea2a86671f91d6f9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-08a3357b88babfbf3
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 31 Jan 2022 16:33:52 GMT
v2
api.viafoura.co/v2/www.kokomotribune.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.kokomotribune.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.31.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-31-67.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.kokomotribune.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
server
nginx/1.18.0 (Ubuntu)
expires
Mon, 31 Jan 2022 16:33:51 GMT
cache-control
max-age=0
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-max-age
1728000
local_storage_data.html
flipp.com/ Frame 4B80
Redirect Chain
  • https://www.flipp.com/local_storage_data.html
  • https://flipp.com/local_storage_data.html
1 KB
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://flipp.com/local_storage_data.html
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.251.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-251-175.compute-1.amazonaws.com
Software
nginx/1.19.2 /
Resource Hash
9f6a73b8178f3cc6cea6cf7932c28b768bdc324fc55f2baf77f8d441d4497348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
content-type
text/html
server
nginx/1.19.2
last-modified
Tue, 28 Dec 2021 09:21:28 GMT
cache-control
max-age=0
etag
W/"c6528c0af03c1a375f92cc2739994db5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 176468abf50e2f86186eec9185a1ae22.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
x-amz-cf-id
gnyTeTCBCbRvhvI11PexRPe6QjW_DJ_2BTHZK6mlookqvRXdltFd3g==
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

date
Mon, 31 Jan 2022 16:33:51 GMT
content-type
text/html
content-length
169
location
https://flipp.com/local_storage_data.html
server
nginx/1.19.2
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
wid_iframe.html
a.wishabi.com/sync/ Frame 5889 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.wishabi.com/sync/wid_iframe.html
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-110.ewr52.r.cloudfront.net
Software
/
Resource Hash
0a75a24eb7d1cb855611174482489741928526514df4e2a17eecde39c2cce489

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

content-length
1578
date
Mon, 31 Jan 2022 16:33:51 GMT
x-cache
Miss from cloudfront
via
1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
SfS9bkiT6KqxOaH7YwBwWdBj1mxzmHh4p3NJKH2AFwnEs6WqTM_MgQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.kokomotribune.com&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:45:05 GMT
via
1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
server
Server
age
10125
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.kokomotribune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
hMLQIXj7daU17i021rZQfAd9d6t-f8zrDUYUoq03vZgiGpydf4rt4w==
analytics.js
www.google-analytics.com/ Frame 99B6 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6773
date
Mon, 31 Jan 2022 14:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 31 Jan 2022 16:40:59 GMT
WidgetTemplate.min.css
csp.azureedge.net/cdn/widget/ Frame 99B6 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.232 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-232.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
029086d89d5b475ab8cb71cb223c502ba19980692d60958dcfd6571aed75d98f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 15:51:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d799c9204b6e07"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3242
angular.min.js
cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/ Frame 99B6 		233 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3479034
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19138-FRA, cache-ewr18136-EWR
timing-allow-origin
*
server
cloudflare
etag
W/"3a3d1-mQhO7M4PisJK9aOZxo7KSLWf0fo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6d64581c7b4e3354-EWR
widgetcombined2.min.js
csp.azureedge.net/cdn/widget/ Frame 99B6 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/widgetcombined2.min.js?v=7
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.232 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-232.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 15:51:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d799c9204b52b1"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3738
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame 99B6 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.213 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:51 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B9F8 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
d041889b54d1c0bdb0b6b9b4d20c4f87b95e12d2ad04b138bae6038ab647b24e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8943
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111152338000/ Frame 0D23 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
307304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55581
x-xss-protection
0
server
sffe
date
Fri, 28 Jan 2022 03:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8559bae154d80579"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Jan 2023 03:12:08 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 0D23 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
307304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4994
x-xss-protection
0
server
sffe
date
Fri, 28 Jan 2022 03:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b314c3eb801664ba"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Jan 2023 03:12:08 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 0D23 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
307304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28443
x-xss-protection
0
server
sffe
date
Fri, 28 Jan 2022 03:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"976e6f5df80f4e35"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Jan 2023 03:12:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 0D23 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
307304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1727
x-xss-protection
0
server
sffe
date
Fri, 28 Jan 2022 03:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"423ab13fb6ff63c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Jan 2023 03:12:08 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 0D23 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
307304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
server
sffe
date
Fri, 28 Jan 2022 03:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08cf721d9e54e414"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Jan 2023 03:12:08 GMT
truncated
/ Frame 0D23 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bc46531a41b4ad6b5cb15ade0afebc3df9d789da57200727d05a32800fdc1aa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
856114496422413000
tpc.googlesyndication.com/simgad/ Frame 0D23 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/856114496422413000?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk_HHOql6urIoO0v4511fkWvJLnbw
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/CNHI/ap_widgets/widget/ad/latest_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
245fa809aa43b27d3fe006d71779fe9ddbb79e0d1a566345f3bc480cb59cbe50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 16:05:50 GMT
x-content-type-options
nosniff
age
433682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33806
x-xss-protection
0
last-modified
Thu, 03 Dec 2020 00:29:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 26 Jan 2023 16:05:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0D23 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/CNHI/ap_widgets/widget/ad/latest_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 17:24:30 GMT
x-content-type-options
nosniff
server
cafe
age
83362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 31 Jan 2022 17:24:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0D23 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/CNHI/ap_widgets/widget/ad/latest_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 00:17:40 GMT
x-content-type-options
nosniff
server
cafe
age
58572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 01 Feb 2022 00:17:40 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0D23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKv-Zbw_4YZr2FY2-NbHQorAL65bz92e0xs6axgzIjfSBARABINfYnSJgycapi8Ck2A-gAa73mdIDyAECqQJ3Sq2M51SqPuACAKgDAcgDCKoEpwJP0HmK-aIIP8BOt4-n-LHGW-_C9gpErIzoqW-naCNGPlJ__10eeYCzOFUWc7cSfdDT4IwyC_R0DEUKLm7P7MPtprLPTd-MK7P1pnXctu4jrN5QCbTBbrdLypBPX3pt70j7NriSSns9DntXocJ1NsFzSiGUGfY2mscALqzBc9Iihes3uTpdkPPEAqr5jwAxeUcf-v0XgBF3TIBIgLYdeSBZ3Rc9bIurXTkFu3-qCe6J8lj-KXGzj34bFIK5rJim_OKRAQQzHjPe4L6bfw8ZHdih-V1Ja_RebeF_NRosIeXgKMTWey_c0GtCRKjmJZgAQ4wTwuFWF_g26Bxfn2Izwtoj6YoaL4KkY3A72vlGBrmBEBFEki_z0MHbtgw3RH1HXkOR6YyoRZaawASk2ObtxAPgBAGSBQQIBBgBkgUECAUYBKAGAoAHuojmLagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENibCdIIBwiAYRABGB2ACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItODQ3NTY4NTQ2OTU0NDQ3Nxji1RQ&sigh=Jyf_JVlLVHM&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: wintergames.ap.org
URL: https://wintergames.ap.org/CNHI/ap_widgets/widget/ad/latest_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
bid
c.amazon-adsystem.com/e/dtb/ 		199 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.kokomotribune.com%2F&pid=OEp2k53b954lP&cb=0&ws=1600x1200&v=7.72.0&t=1200&slots=%5B%7B%22sd%22%3A%22adb_mediumRectangle_btf2_flex%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22kokomotribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22kokomotribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_btf1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22kokomotribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_atf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22kokomotribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_leaderboard_mid%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22kokomotribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22kokomotribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_floorboard%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22kokomotribune%2Frichmedia%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
f7db615fa861c49ffd2bfbee29f3f352c0ebb4cf7194b02cf0ed1ca9bebcad42
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
via
1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
DWTHE0AAMQ0XZ81NJA4Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
199
x-amz-cf-id
nRP-qFk6yR6Shcguh0vsCrVM3onIMMEERmhOKM_BxiY67HN_sdkBkQ==
/
adspsp.com/pt/1710310/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/1/2/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=1//7-6^8c`6y.8c`go:4@540161677^8c`6y,5@11747857^8c`6y,8@4627232^8c`6y,10@206474^8c`6y,20@31660670^8c`6y,33@RdDNDHspumwjeZ0rUNnd0pI3^8c`6y,35@705289^8c`6y,115@8a969412017373b5acfab636c1720056^8c`6y_2^k8`2i.qy`6y:4@540161672^k8`2i.qy`6y,5@11747827^k8`2i.qy`6y,6@6708^k8`2i,8@4627228^k8`2i,10@206470^k8`2i,20@11988240^k8`2i.qy`6y,33@kweVjHUGArBG6hf26MQludWF^qy`6y,33@Wzw8PTIjiCweyzaXnMKNHN27^k8`2i,35@173355^k8`2i.qy`6y,115@8a969412017373b5acfab636b9130052^k8`2i.qy`6y_5^8c`6y.8c`go:4@540161676^8c`6y,5@11747850^8c`6y,8@4627233^8c`6y,10@206473^8c`6y,20@31660668^8c`6y,33@QelwClNwBTEkTmmySB7CPYkI^8c`6y,35@705287^8c`6y,115@8a969412017373b5acfab636c35f0057^8c`6y_4^8c`6y.8c`go:4@540161675^8c`6y.8c`go,5@11747838^8c`6y.8c`go,6@6708^8c`go,8@4627231^8c`6y,8@4627234^8c`go,10@206472^8c`6y,10@206472^8c`go,20@11988242^8c`6y.8c`go,33@0rzKSepXgqC5dUuQI3ZJy4I0^8c`go,33@6dS25Ty7ddFE8mVv0Zcann5W^8c`6y,35@173357^8c`6y.8c`go,115@8a969412017373b5acfab636bf190055^8c`6y.8c`go_14^k8`2i.qy`6y:4@540161674^k8`2i.qy`6y,5@12812950^k8`2i.qy`6y,6@6708^k8`2i,6@6708^qy`6y,10@213819^k8`2i,10@213819^qy`6y,20@12812850^k8`2i.qy`6y,33@ccVECva4DSFcmufUCsC4hRze^qy`6y,33@RhAhHL3X0jLoZaEznwQUyb71^k8`2i,115@8a969412017373b5acfab636bb140053^k8`2i.qy`6y,172@CNHI^k8`2i.qy`6y_3^k8`2i:4@540161673^k8`2i,5@11747832^k8`2i,6@6708^k8`2i,6@6708^qy`6y,8@4627229^k8`2i,10@206471^k8`2i,10@206471^qy`6y,20@31660665^k8`2i,33@PDDWminnzbApknGlqgkxpZCm^k8`2i,35@705284^k8`2i,115@8a969412017373b5acfab636bb140053^k8`2i,172@CNHI^k8`2i_11^qy`2i.k8`2i:4@540327076^qy`2i.k8`2i,5@11908123^qy`2i.k8`2i,6@6708^k8`2i,6@6708^qy`2i,8@4955987^k8`2i,8@4955988^qy`2i,10@302372^k8`2i,10@302373^qy`2i,20@19672429^qy`2i.k8`2i,33@4toHxb5i3eKGPsfolJ10gLL8^k8`2i,33@ZKnbpUBWqDmzqbvOMugL6P14^qy`2i,35@531933^qy`2i.k8`2i,115@8a969412017373b5acfab636ad1b004e^qy`2i.k8`2i&bu=U1d4414755984b6,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&bu=U390505f4d876e1,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&bu=U43305148b18c11,adb_mediumRectangle_btf1,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&bu=U5cf19a0aa9a3a3,adb_mediumRectangle_atf,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&bu=U6a5d358bcc334d,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&bu=U8f2d540e6f8fd4,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&bu=U94f9a409f61a93,adb_floorboard,%2F9869277%2Fcnhi%2Fkokomotribune%2Frichmedia&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2T2n1&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6cz&m=z&rnd=1643646831979
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
prebid
bids.concert.io/bids/ 		22 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/bids/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
via
1.1 google
x-lat-long
40.712775,-74.005973
x-powered-by
Express
x-region
US
x-city
New York
alt-svc
clear
content-length
22
x-response-time
222.487ms
server
Google Frontend
etag
W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
x-cloud-trace-context
5a7332f7af0be3035bc26fafe867c520/15872231454925240049
access-control-allow-credentials
true
x-region-subdivision
USNY
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d64581c19b115a7-EWR
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d64581c19b215a7-EWR
access-control-allow-headers
origin, content-type
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.245.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-245-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.kokomotribune.com
Date
Mon, 31 Jan 2022 16:33:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cygnus
htlb.casalemedia.com/ 		39 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=206474&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22R106c7c3173d5b97e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kokomotribune.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0-pre%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22BR18c855cec018c5a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22206474%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%23adb_mediumRectangle_btf2_flex%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR3176e69a08444a7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22206470%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%23adb_leaderboard_atf%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR448092ea60a5948%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22206473%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%23adb_mediumRectangle_btf1%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR5757b9a5e23722b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22206472%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22206472%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%23adb_mediumRectangle_atf%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR6924c748ba1d36d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22213819%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22213819%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%23adb_leaderboard_mid%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR8285e0427e7457%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22206471%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience%23adb_leaderboard_btf%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR9683782c373b707%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22302372%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Frichmedia%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22302373%22%2C%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Frichmedia%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Frichmedia%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fkokomotribune%2Frichmedia%23adb_floorboard%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.50.75.217 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-75-217.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c34f4b2926b04bf089af27b7c1dde78082327f65a3f9eb6342e65a9f2e422540

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:52 GMT
x-ak-initial-geo
CC:[US], RC:[NY], CN:[NA], CIP:[37.120.138.195], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.kokomotribune.com
x-cs-client-geo
01
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
39
x-ak-client-geo
01
expires
Mon, 31 Jan 2022 16:33:52 GMT
prebid
ib.adnxs.com/ut/v3/ 		860 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f4ecff17da0c2dba7a9dbb44194633791f97ca6c5aececd277191d4798f2877d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Jan 2022 16:33:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
62803fb5-a371-4cef-a61b-bc529b8c014f
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.kokomotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
cnhi-d.openx.net/w/1.0/ 		191 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnhi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kokomotribune.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=78dcb140-16c9-4912-be44-456ecc9ef6a1%2C97de7ba9-8724-4a4e-a8fd-ada37e71f225%2C51959b40-9d49-4104-a1e3-40fe210fd018%2Ce9b53d96-cf4f-4bc9-8708-c8ad31190c69%2Ca4262854-c5ca-4fd1-be13-cb3cbfdaade1%2C8326b346-7437-4bd7-bde2-a75010482f22%2Ccc276716-0e53-4de2-8a18-8111a30ee2a2&nocache=1643646832008&gdpr_consent=&gdpr=0&us_privacy=1---&aus=300x250%7C728x90%2C970x250%7C300x250%7C300x250%2C300x600%7C728x90%2C970x250%7C728x90%7C970x90%2C728x90&divids=adb_mediumRectangle_btf2_flex%2Cadb_leaderboard_atf%2Cadb_mediumRectangle_btf1%2Cadb_mediumRectangle_atf%2Cadb_leaderboard_mid%2Cadb_leaderboard_btf%2Cadb_floorboard&aucs=%252F9869277%252Fcnhi%252Fkokomotribune%252Ftotalaudience%2523adb_mediumRectangle_btf2_flex%2C%252F9869277%252Fcnhi%252Fkokomotribune%252Ftotalaudience%2523adb_leaderboard_atf%2C%252F9869277%252Fcnhi%252Fkokomotribune%252Ftotalaudience%2523adb_mediumRectangle_btf1%2C%252F9869277%252Fcnhi%252Fkokomotribune%252Ftotalaudience%2523adb_mediumRectangle_atf%2C%252F9869277%252Fcnhi%252Fkokomotribune%252Ftotalaudience%2523adb_leaderboard_mid%2C%252F9869277%252Fcnhi%252Fkokomotribune%252Ftotalaudience%2523adb_leaderboard_btf%2C%252F9869277%252Fcnhi%252Fkokomotribune%252Frichmedia%2523adb_floorboard&auid=540161677%2C540161672%2C540161676%2C540161675%2C540161674%2C540161673%2C540327076&aumfs=50%2C50%2C50%2C50%2C50%2C50%2C50
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
f5568372f539f814a9c247e2331531406a7b3df2515863deebf383ab8f5aa9f3

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.kokomotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=1;misc=1643646832010;us_privacy=1---;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627232/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=2;misc=1643646832011;us_privacy=1---;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627228/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=3;misc=1643646832011;us_privacy=1---;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627233/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=4;misc=1643646832011;us_privacy=1---;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627231/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=5;misc=1643646832011;us_privacy=1---;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627234/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=6;misc=1643646832011;us_privacy=1---;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627229/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=7;misc=1643646832011;us_privacy=1---;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955987/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=8;misc=1643646832011;us_privacy=1---;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955988/0/0/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		747 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5b876f20b70a708f8dba01ec3cfc7e4c1012c8fac2497228e88a00c4a366580c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Jan 2022 16:33:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
07c36e82-c015-4022-a33b-eaa62bf9e5fe
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.kokomotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636c1720056&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fa33a91f3d8f5d44090b4ea55057a033e51aba7a1ff8768e9155d00633e894f2

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636b9130052&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
77ca84ae032abb3c76a97fff40f9fafd9ea69c665fb96f96b6a9b24e752935a3

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636c35f0057&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b9d1505716feb1343be02437a313be73dd35a8cc9af3f5545e7f6460bcbf531d

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636bf190055&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cb8c40a86a8bd756124b36ff0f15b72e0d7bc315d4bb21857554d75a69ca20aa

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636bb140053&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8052a24fb7595ce538f0d69f9f3c5c18d50407bb3a6e67615786338eb96870ce

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636bb140053&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
29c1ed9f153ac000ec2ec75b7a8e96354f694a73a455255e5315561d566bf5d7

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636ad1b004e&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
55afb3ad4190adc79e7f90ee0640802905b5e794b9220401134babd8368b7589

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.9.0-pre&cb=12873250146
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:51 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v2uolHiCiWT2-g5YV89WYH7DO-MspIK8BomEslEofuDkngT9tqxJp6XywcZ62fSLlPUFSRUzzLA
bandborder.com/ 		201 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2uolHiCiWT2-g5YV89WYH7DO-MspIK8BomEslEofuDkngT9tqxJp6XywcZ62fSLlPUFSRUzzLA
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/lziAsn3sBoY_eEHNBDcAkQ52x-2phlDibnxrxBfvRGURPWrnX2Oq35C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7e261eac2f55fbad96d40e3d22fb257b5988902863f951fa5cf746d4dff3f9b3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-us-east1
date
Mon, 31 Jan 2022 16:33:52 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-us-east1-spot-wp3l
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
201
expires
Mon, 31 Jan 2022 16:33:51 GMT
flyermodules
api.circularhub.com/ Frame 5A7A 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.circularhub.com/flyermodules?key=027f64b1828a4589&t=1643646832088&campaignId=&engaged_flyers=&mtypeid=27176&callback=__flipp_module_callback
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-109.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
54913bb21529a236f8d181d6dbd4ac21e241fb85bf11f3850087a0a83477a809

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
status
200 OK
content-length
2189
x-request-id
d7ac3c08e2805889f1903adea91a0bcf
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.289768
access-control-allow-origin
*
server
nginx
etag
W/"ee59924e13bd55b0113dec33f21675bb"
content-type
application/json; charset=utf-8
via
1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
pxrciQvscosUOSzwrrsbk66zGVYXdVO_g8ct_AFNehG_8J8p5qzNsw==
x-rack-cache
miss
396846.gif
idsync.rlcdn.com/ Frame 5A7A
Redirect Chain
  • https://idsync.rlcdn.com/398526.gif?partner_uid=null
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=bcaca006-dcea-4d81-b391-ce48e2b45013
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=bcaca006-dcea-4d81-b391-ce48e2b45013
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:52 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=bcaca006-dcea-4d81-b391-ce48e2b45013
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
v2tybBqyxlbKjOVFslkqOZT0jj2WmNalk82R2tS0qb-CyOmXlEY-SeUjjN-4GYQP_C9FAnpdJpg
bandborder.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2tybBqyxlbKjOVFslkqOZT0jj2WmNalk82R2tS0qb-CyOmXlEY-SeUjjN-4GYQP_C9FAnpdJpg
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/lziAsn3sBoY_eEHNBDcAkQ52x-2phlDibnxrxBfvRGURPWrnX2Oq35C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-us-east1
date
Mon, 31 Jan 2022 16:33:52 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-us-east1-spot-wp3l
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B9F8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:52 GMT
ajax-loader.gif
csp.azureedge.net/cdn/widget/ Frame 99B6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csp.azureedge.net/cdn/widget/ajax-loader.gif
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.232 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-232.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
last-modified
Wed, 25 Aug 2021 15:51:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d799c9204b5952"
content-type
image/gif
accept-ranges
bytes
content-length
4178
icomoon.woff
csp.azureedge.net/cdn/widget/fonts/ Frame 99B6 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.232 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-232.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27

Request headers

Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
last-modified
Wed, 25 Aug 2021 15:51:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d799c9204b4edc"
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
2012
ec322069-c3dc-4932-9569-fcfd44464aa6.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ec322069-c3dc-4932-9569-fcfd44464aa6.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 14:23:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF8DD0DB3545
Content-Type
image/png
x-ms-request-id
74975ffc-c01e-003d-47c0-168009000000
x-ms-version
2009-09-19
Content-Length
22838
7ecc90e0-477e-4437-ac0e-2e5f148f6822.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7ecc90e0-477e-4437-ac0e-2e5f148f6822.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 14:40:43 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF903004470A
Content-Type
image/png
x-ms-request-id
9b2e3ec3-301e-0016-23c0-1600c5000000
x-ms-version
2009-09-19
Content-Length
22838
5ed6ab57-c110-46e9-ac05-6c673f27fd24.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5ed6ab57-c110-46e9-ac05-6c673f27fd24.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:52 GMT
Last-Modified
Tue, 04 Jan 2022 15:04:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF939073E3C4
Content-Type
image/png
x-ms-request-id
754f7bf2-401e-0051-54c0-166b9e000000
x-ms-version
2009-09-19
Content-Length
22838
e8a50030-711b-46a7-a722-bc2ac1fd9f11.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/e8a50030-711b-46a7-a722-bc2ac1fd9f11.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 14:29:43 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF8EA69C933F
Content-Type
image/png
x-ms-request-id
f803daa8-c01e-002d-48c0-164561000000
x-ms-version
2009-09-19
Content-Length
22838
c1da0c0e-778e-4c01-aa0b-3d984f060e51.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/c1da0c0e-778e-4c01-aa0b-3d984f060e51.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 15:59:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF9B3F5D2FA4
Content-Type
image/png
x-ms-request-id
03c9ef76-701e-005a-2dc0-1690f5000000
x-ms-version
2009-09-19
Content-Length
22838
fc4aa0fe-5347-4330-9999-37ebb0aa86b9.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/fc4aa0fe-5347-4330-9999-37ebb0aa86b9.medium.JPG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
53f183385547d275506baad2ee19452845612da03ea555f18265f136ed9754b8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Fri, 21 Jan 2022 16:53:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ggVOmbBtSjD8pRsJV3LvDg==
ETag
0x8D9DCFE938DE9BF
Content-Type
image/jpeg
x-ms-request-id
d58cd2ce-701e-0007-52c0-169a71000000
x-ms-version
2009-09-19
Content-Length
13674
ade5f97e-7549-40bf-99d1-eb122caf23b7.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ade5f97e-7549-40bf-99d1-eb122caf23b7.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 14:48:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF91365E5C19
Content-Type
image/png
x-ms-request-id
d58cd2d3-701e-0007-57c0-169a71000000
x-ms-version
2009-09-19
Content-Length
22838
61d95b6c-8969-42ba-a5a1-af58e4921a62.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/61d95b6c-8969-42ba-a5a1-af58e4921a62.medium.JPG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4099b5bdf9be49fcf654fac34b0b17aeb6fc365f3fbfc624735da28992c25de1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:52 GMT
Last-Modified
Tue, 11 Jan 2022 16:00:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
p4b59s7Ub9TJEYbCtkuZ7g==
ETag
0x8D9D51B846C3B00
Content-Type
image/jpeg
x-ms-request-id
74976007-c01e-003d-50c0-168009000000
x-ms-version
2009-09-19
Content-Length
11406
66be9d57-33cd-4741-adee-e95c848372e0.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/66be9d57-33cd-4741-adee-e95c848372e0.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:52 GMT
Last-Modified
Tue, 04 Jan 2022 23:31:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CFDA634B729D
Content-Type
image/png
x-ms-request-id
754f7c06-401e-0051-67c0-166b9e000000
x-ms-version
2009-09-19
Content-Length
22838
1de04a52-7b99-48b2-b62d-81caca203aa3.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1de04a52-7b99-48b2-b62d-81caca203aa3.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 15:44:20 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF9912C46937
Content-Type
image/png
x-ms-request-id
03c9ef7a-701e-005a-31c0-1690f5000000
x-ms-version
2009-09-19
Content-Length
22838
2bb5fc33-6b2f-43ca-9564-53bc4447bd8d.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2bb5fc33-6b2f-43ca-9564-53bc4447bd8d.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 14:34:50 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF8F5DBB1A4C
Content-Type
image/png
x-ms-request-id
f803dad0-c01e-002d-6bc0-164561000000
x-ms-version
2009-09-19
Content-Length
22838
18fb4523-d9de-43fe-9fb5-5ea1a501256f.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/18fb4523-d9de-43fe-9fb5-5ea1a501256f.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 23:46:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CFDC6CB11C80
Content-Type
image/png
x-ms-request-id
9b2e3eca-301e-0016-2ac0-1600c5000000
x-ms-version
2009-09-19
Content-Length
22838
b60a71ee-8633-458a-b6aa-a104a4b97336.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/b60a71ee-8633-458a-b6aa-a104a4b97336.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 16:18:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF9DDF7B05BA
Content-Type
image/png
x-ms-request-id
d58cd2d9-701e-0007-5dc0-169a71000000
x-ms-version
2009-09-19
Content-Length
22838
4c3e8c2a-ad63-4942-9809-c9d1a8bd7c3a.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/4c3e8c2a-ad63-4942-9809-c9d1a8bd7c3a.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f413f76885dc0997d51df48269f92427ce8b98ba17d47816027d944aa1e6ecc7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:52 GMT
Last-Modified
Thu, 26 Aug 2021 17:56:46 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
GNagJpBTnAemD3ErcmtPJw==
ETag
0x8D968BADF2A6DA2
Content-Type
image/png
x-ms-request-id
7497600c-c01e-003d-54c0-168009000000
x-ms-version
2009-09-19
Content-Length
14689
qcMKreGsgkGY2qsTjpJF3g.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/qcMKreGsgkGY2qsTjpJF3g.medium.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
52e00080a18c25ea403e7f2fd282bf52526d8efa6c56f1a5ba280c172eb5d80d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Fri, 14 Jan 2022 22:44:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Nm29pP4BeteoCCFpTuj97A==
ETag
0x8D9D7AF71DDAB64
Content-Type
application/octet-stream
x-ms-request-id
03c9ef7c-701e-005a-33c0-1690f5000000
x-ms-version
2009-09-19
Content-Length
23180
2afa9e7d-0a2d-4165-be5d-050f2401c83c.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2afa9e7d-0a2d-4165-be5d-050f2401c83c.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:52 GMT
Last-Modified
Tue, 04 Jan 2022 14:44:19 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF90B092AB10
Content-Type
image/png
x-ms-request-id
9b2e3ecd-301e-0016-2dc0-1600c5000000
x-ms-version
2009-09-19
Content-Length
22838
6cf69b09-8fcd-4044-bc1b-fddb7d61ae2a.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/6cf69b09-8fcd-4044-bc1b-fddb7d61ae2a.medium.PNG
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:51 GMT
Last-Modified
Tue, 04 Jan 2022 14:02:56 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZH+zRPEyHZ7TNtkZHp0Tkw==
ETag
0x8D9CF8AE86C6FE0
Content-Type
image/png
x-ms-request-id
f803dae6-c01e-002d-7fc0-164561000000
x-ms-version
2009-09-19
Content-Length
22838
tFSCc9yCfkipFOJNyZEXJg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 99B6 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/tFSCc9yCfkipFOJNyZEXJg.medium.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.197 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf0d37e848249a0ccda1d363a821f986d6ec0166edeac408117fb5f0c4987de1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 31 Jan 2022 16:33:52 GMT
Last-Modified
Sat, 13 Nov 2021 17:11:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
0pFSaiVZBYg8gVLY+3wBlg==
ETag
0x8D9A6C8A0895376
Content-Type
application/octet-stream
x-ms-request-id
d58cd2db-701e-0007-5fc0-169a71000000
x-ms-version
2009-09-19
Content-Length
31823
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame 99B6 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.213 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:52 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 6B6A
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&dcc=t
321 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b291343ec5c69808a3049c3483423a2f01e7c27b2643a3f9a7bcc5675b018d22
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

Server
Server
Date
Mon, 31 Jan 2022 16:33:52 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
321
Connection
keep-alive
x-amz-rid
Y0RSXP9JJG3CM4D6T5YE
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Mon, 31 Jan 2022 16:33:52 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
GF1AMSPFXDQM1DJ40GPZ
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
thirdpartycookie
api.viafoura.co/v2/www.kokomotribune.com/ 		45 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.kokomotribune.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.31.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-31-67.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0cf86c783817b8c38
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 31 Jan 2022 16:33:52 GMT
intl-messageformat.06c238bfc76d6e0e6833.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.06c238bfc76d6e0e6833.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
746ea217d97acf20cdc0b81fcbf171d21337861cb596446bfb9bba8582025507

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:02 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 17:45:52 GMT
server
AmazonS3
age
10851
etag
W/"a2c6f9dfc2f0ec66875f3af508ccdfe2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
8KMLGM8e7EI07Z4_YDPaiIg7QS9iA8LY
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
IF-BLDkv-mmd-kEpyC0zhKQ9z6cwz-4XHJR4m0N9vFxH6kTkQ11eMQ==
intl-messageformat.9c9b9e914db65728c80a.js
cdn.viafoura.net/chunks/languages/ 		134 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.9c9b9e914db65728c80a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2b56a0633deb0afff95a7242062134c704d6782a10f2345be43fb3fe65a3ab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:06 GMT
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 17:45:58 GMT
server
AmazonS3
age
10847
etag
"d2c88014fabe4c73fe643c7c7f6a2c88"
x-cache
Hit from cloudfront
x-amz-version-id
14eNgNLT1FW3aVFPTRhConYm6dd_MkgY
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
134
x-amz-cf-id
H801gdnmioNCr8bxT7DZSG5Om2G1yNQJ47M-haSo6hjNu94BltNXKQ==
en-us-base-json.ab77cc21f7b8a678aae6.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.ab77cc21f7b8a678aae6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0a142521c963aa85dcb971035ff05ddff5cc56cbce2b56dac1ee5d43e219b24

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:02 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 17:45:57 GMT
server
AmazonS3
age
10851
etag
W/"2e6f182c744800c438e7f8edd947c846"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
U3LZ6roRezpajTwm9wDbQCVL675RWAZt
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
qF7paKOfvA5-tuy5X2Z4ydMgNqo7nC2OwYjRZjutIKXAU7tuHu2Mpg==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0D23
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
142.250.182.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa05s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 Jan 2022 16:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
856114496422413000
tpc.googlesyndication.com/simgad/ Frame 0D23 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/856114496422413000?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk_HHOql6urIoO0v4511fkWvJLnbw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
245fa809aa43b27d3fe006d71779fe9ddbb79e0d1a566345f3bc480cb59cbe50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 16:05:50 GMT
x-content-type-options
nosniff
age
433682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33806
x-xss-protection
0
last-modified
Thu, 03 Dec 2020 00:29:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 26 Jan 2023 16:05:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0D23 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 17:24:30 GMT
x-content-type-options
nosniff
server
cafe
age
83362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 31 Jan 2022 17:24:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0D23 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 00:17:40 GMT
x-content-type-options
nosniff
server
cafe
age
58572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 01 Feb 2022 00:17:40 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kokomotribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		428 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Cweatherhousead&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x60&fsbs=1&prev_scp=pos%3Datf%26adb_imp%3D1&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832490&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=350&adys=54&adks=2795089940&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=360x0&msz=360x0&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
c2a66ad54e44a9a5e77657406bceaf92a9563e0bdf4aca96033d569d75cdd73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Clargevideoplayer&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&fsbs=1&prev_scp=adb_imp%3D1&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832498&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=235&adys=8097&adks=3972302404&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=1170x589&msz=1x-1&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
3a8a6ddab517274d30f7b11bb6cf8496bdf8821033f31810d451f8ea6f5d765a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8585
x-xss-protection
0
google-lineitem-id
5360404039
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138310180235
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Creveal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&fsbs=1&ists=1&prev_scp=adb_imp%3D1&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832500&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=235&adys=8097&adks=1465317198&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=1170x589&msz=1130x0&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
34da1548a7fd8ece22234e8ae999b80b49dcfaa93c2979335ca5bd061e2f0355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3116
x-xss-protection
0
google-lineitem-id
5899933678
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138379114149
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&fsbs=1&prev_scp=pos%3Dbtf2%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832503&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=1040&adys=6640&adks=4041881951&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=360x10&msz=360x0&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
b0ba8579d179c6a2d5dd4d1363324226c9cf5378bc0b980890a01ff19117c78c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11833
x-xss-protection
0
google-lineitem-id
4546508615
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138260249438
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250&fsbs=1&prev_scp=pos%3Datf%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832506&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=113&adks=1535538250&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=1140x10&msz=1140x0&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
4673ca96eb293a1b563b32442763103faffa1aebbb21a129d4403c3e9c54c400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11163
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&fsbs=1&prev_scp=pos%3Dbtf1%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832516&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=325&adys=2209&adks=605703466&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=489x10&msz=489x0&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ba3aa391c0d6393747b1250f4a11a0c6d27baae084794058d6b0ca3b1055fdd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11882
x-xss-protection
0
google-lineitem-id
4546508615
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138260249435
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&fsbs=1&prev_scp=pos%3Datf%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832519&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=1040&adys=731&adks=1876219384&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=360x10&msz=360x0&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e7895114aa728b735f8f273d152a17cc554834eac54526dba5b8633213049933
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8628
x-xss-protection
0
google-lineitem-id
5351167597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138309000492
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		476 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250&fsbs=1&prev_scp=pos%3Dbtf2%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832522&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=6075&adks=3661980099&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=1140x20&msz=1140x0&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
9acb44dfb239f93eadbccb3479400814f8b55c65eee371f1cca85d8b4d21ffbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
274
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		478 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250&fsbs=1&prev_scp=pos%3Dbtf%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832525&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=7478&adks=4025391844&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=1140x20&msz=1140x0&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
6766d4008bca215dab0c1a7391a36aee2c5adc6a4100245171feb938ab430d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
273
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=2839265678586052&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=9869277%2Ccnhi%2Ckokomotribune%2Crichmedia&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90&fsbs=1&prev_scp=amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&dt=1643646832528&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=3881486894&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
82ef53af7ec7dddfddb14db5c2cb6b653316e1eb399672acc72fd8e8fb6c3717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10067
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A5D4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 16:33:52 GMT
expires
Tue, 31 Jan 2023 16:33:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ Frame 5A7A 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6773
date
Mon, 31 Jan 2022 14:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 31 Jan 2022 16:40:59 GMT
flipp-logo.png
f.wishabi.net/creative/Distribution/ Frame 5A7A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/creative/Distribution/flipp-logo.png
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
08f50c0aea90c1404e80f2281f96b66bb45c75b14feb9b0ec88ecdac73c25379

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
of_F6Gx.b0Hg8DA2xQF2NflN_t3dlY7v
via
1.1 google
etag
"36e475efff95b099dc8b59f0161bf06a"
age
1360558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11205
x-amz-id-2
VktCwI0COIDe9GO0cTLyfa9BvyAQa5GbvZF9O1mb+oSeobXl8l4IX5BR66055wqFSm1OE9JQG+M=
last-modified
Fri, 10 Aug 2018 15:11:58 GMT
server
AmazonS3
date
Sat, 15 Jan 2022 22:37:54 GMT
x-cache-hit
hit,LGA-991dec68
x-amz-request-id
VECR3CFC89HDJ5D4
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-type
image/png
1643636842.jpg
f.wishabi.net/flyers/4644610/xl_thumbnail/ Frame 5A7A 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/flyers/4644610/xl_thumbnail/1643636842.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
2e4ec4a00706d33bd457b2fd9226730ffd6b8eda6ca34b15e093f0ea46714752

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
A2q52qJ6BXH4E8E5Y8k9CJ6n7EPhmYt2
via
1.1 google
etag
"78353a5566ea1e525e89e3348d4b369b"
age
9639
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53037
x-amz-id-2
wq7j4Tv8TzfJgs0bBTyLpAIm62esyFrB6Ag38Ao5qiACIGei8ik6R9Uw5kZb/cqSNqqIhZP930c=
last-modified
Mon, 31 Jan 2022 13:47:39 GMT
server
AmazonS3
date
Mon, 31 Jan 2022 13:53:13 GMT
x-cache-hit
hit,LGA-991dec68
x-amz-request-id
TK8Z9194931MZCWT
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-type
xlarge
images.wishabi.net/merchants/2150/1509716319/ Frame 5A7A 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wishabi.net/merchants/2150/1509716319/xlarge
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.86.81 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.86.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
6eb4cf4c6d6b648863405c9b0ece8f08300639c4874d19841913b6b50dc12d03

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:31:11 GMT
via
1.1 google
last-modified
Fri, 03 Nov 2017 13:38:44 GMT
server
AmazonS3
cache-control
public,max-age=86400
age
161
etag
"e93e2b6d451bda8a4287447dfdae0c33"
content-type
access-control-allow-origin
*
x-cache-hit
hit,LGA-991dec68
x-amz-request-id
GDZ94PTX2Q0DAHZ9
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57072
x-amz-id-2
dq86LzKhGh7dVWA6LfRlB0DWcWZBKHrvnGktccHKxywxRAgb/yo+/Z3hOduWQVL58uq09Zn0qzA=
1643138256.jpg
f.wishabi.net/flyers/4646210/xl_thumbnail/ Frame 5A7A 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/flyers/4646210/xl_thumbnail/1643138256.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
a9b4cd2df07a37357e5673c5721c92f5e4e02388af416006d793c056febb7272

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
3FwZfsUjDmgCKwVmiRnr45jBh_5riaHA
via
1.1 google
etag
"db58ed9a163e271de9fc3cc2076e01d8"
age
386492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70136
x-amz-id-2
KpLPeau3dsxwss6ZLTAkDxMFBbazpqsEPMva0XlQCTFZOy2+LtzXNVYsaJJR6GT1JujonB9hf0c=
last-modified
Tue, 25 Jan 2022 19:17:52 GMT
server
AmazonS3
date
Thu, 27 Jan 2022 05:12:20 GMT
x-cache-hit
hit,LGA-991dec68
x-amz-request-id
FBDMNW1WSDJ893RR
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-type
xlarge
images.wishabi.net/merchants/2383/1400688768/ Frame 5A7A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wishabi.net/merchants/2383/1400688768/xlarge
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.86.81 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.86.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
4afd2c9d04c9aa1f10272ad36951f2e8fa743e0a7dde685cd481a04ab3cccce2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:50 GMT
via
1.1 google
last-modified
Wed, 21 May 2014 16:12:52 GMT
server
AmazonS3
cache-control
public,max-age=86400
age
2
etag
"6a4c0654d013a74ff0eef84252c11b2c"
content-type
access-control-allow-origin
*
x-cache-hit
hit,LGA-991dec68
x-amz-request-id
A7AP495B082YB0M4
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7268
x-amz-id-2
e+3ZhHI1vO2GX7KYdf77ceCqK2yHINl0HeOFf3WdEjL0Lw/vPIkll3iMeVK2GKB7epL7/Dye7/8=
1643298321.jpg
f.wishabi.net/flyers/4654082/xl_thumbnail/ Frame 5A7A 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/flyers/4654082/xl_thumbnail/1643298321.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
ee0bcd415200ddbcd72eed2a0d73378c164d74ff8c85c396bca00210aaf6c199

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
XsDIAsU6KNCPHiY7THGQlu2bmVSID6Of
via
1.1 google
etag
"e7358035b173fe324b9f357f9c5f770b"
age
127364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53885
x-amz-id-2
711/fgnTqgJ77+LYMNTPyLhQ9Pqw2G4s/UEBVzn4ltV0j/cJ8FCNEg/if5fF4z2h1Os/sS7jgHw=
last-modified
Thu, 27 Jan 2022 15:45:38 GMT
server
AmazonS3
date
Sun, 30 Jan 2022 05:11:08 GMT
x-cache-hit
hit,LGA-991dec68
x-amz-request-id
5HTXMWKXTA5MR90Y
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-type
xlarge
images.wishabi.net/merchants/2503/1433785731/ Frame 5A7A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wishabi.net/merchants/2503/1433785731/xlarge
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.86.81 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.86.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
84bf320b601516d189de410b529a86d05a7a0993751968b46edc9ceee192a454

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:06:02 GMT
via
1.1 google
last-modified
Mon, 08 Jun 2015 17:48:53 GMT
server
AmazonS3
cache-control
public,max-age=86400
age
2338070
etag
"8e9c38726130cde155dab3117c33da3c"
content-type
access-control-allow-origin
*
x-cache-hit
hit,LGA-991dec68
content-length
11867
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-amz-request-id
MN5HR0XYVN7T6MKH
x-amz-id-2
jryMI68/Nf6Wka7yDdFY1ZA45FbzAulYSd1XQrR8jDPV54+IV5wa1808tywx5cxbgtO9p+XL4cI=
1642968876.jpg
f.wishabi.net/flyers/4630184/xl_thumbnail/ Frame 5A7A 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/flyers/4630184/xl_thumbnail/1642968876.jpg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
607ef34b880b6e52c03587ce7265f3633a45666b320ba1ff90b5128844799d3a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
fwXEFl5j4F3z8yBTvyqTHKRcAX8GC.wQ
via
1.1 google
etag
"857adf627e639ce810979de3ef99e3dc"
age
386438
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50085
x-amz-id-2
pzRCaY7GXbPccND57i2RGu3mvtJOPnIfN/E56nB65vjDioUZm/RaBJTjTxHDEh9XdLfs9uHVc6I=
last-modified
Sun, 23 Jan 2022 20:14:44 GMT
server
AmazonS3
date
Thu, 27 Jan 2022 05:13:14 GMT
x-cache-hit
hit,LGA-991dec68
x-amz-request-id
R9NRAAKEFYRS575D
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-type
xlarge
images.wishabi.net/merchants/2914/1421444648/ Frame 5A7A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wishabi.net/merchants/2914/1421444648/xlarge
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.86.81 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.86.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
4206c7ad97918376f10ea2887d6f73aba203c55f69099b790be043ee5f91f40c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:31:20 GMT
via
1.1 google
last-modified
Fri, 16 Jan 2015 21:44:13 GMT
server
AmazonS3
cache-control
public,max-age=86400
age
152
etag
"0dd4a4f1ec6dcc3f732158ae2254cbd4"
content-type
access-control-allow-origin
*
x-cache-hit
hit,LGA-991dec68
x-amz-request-id
S8T292W2TXY0C9NC
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11084
x-amz-id-2
1/50vZ9gvoZWiH8HTTv0OtyZ9KzQB5mM09dpEFCcho69J1Qh/o3ppI2fpBkcfQGqYmqz7YAJZDE=
track.gif
a.wishabi.com/ Frame 5A7A 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=module&t=1643646832572&sid=d5f819bf6798ac27e002d95e6c993422&rnd=cdf050e1054a51edd6c34985fb1829bc&fsa=10013&module_id=27176&channel_id=615&client_type=1&publisher_id=623&profile_available=false&targetable=false&targeting_type=none&targeted=false
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-110.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
via
1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
o2gYkIFcu9njMQeIicAKOKSECrBL3mJxBHZ14OBL8xgjUtqoTb0_Yg==
x-cache
Miss from cloudfront
track.gif
a.wishabi.com/ Frame 5A7A 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=flyer&t=1643646832573&sid=d5f819bf6798ac27e002d95e6c993422&rnd=cdf050e1054a51edd6c34985fb1829bc&fsa=10013&module_id=27176&channel_id=615&client_type=1&publisher_id=623&profile_available=false&targetable=false&targeting_type=none&targeted=false&flyer_type_id=269&flyer_run_id=771692&flyer_id=4644610&merchant_id=2150&premium_merchant=true&in_targeting_profile=false&budget_id=51648
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-110.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
via
1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
FHG3aOhEOJxi9omn7Vhl-fcPGKYSCUAQXwvVxuLJNtOmadDP2cWNKQ==
x-cache
Miss from cloudfront
track.gif
a.wishabi.com/ Frame 5A7A 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=flyer&t=1643646832574&sid=d5f819bf6798ac27e002d95e6c993422&rnd=cdf050e1054a51edd6c34985fb1829bc&fsa=10013&module_id=27176&channel_id=615&client_type=1&publisher_id=623&profile_available=false&targetable=false&targeting_type=none&targeted=false&flyer_type_id=5825&flyer_run_id=645350&flyer_id=4646210&merchant_id=2383&premium_merchant=false&in_targeting_profile=false&budget_id=49439
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-110.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
via
1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
luatr8cro9r2zRR9uiwUII4psEJLJllZx2VnrXIJYH10KgKKh_ECYQ==
x-cache
Miss from cloudfront
track.gif
a.wishabi.com/ Frame 5A7A 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=flyer&t=1643646832574&sid=d5f819bf6798ac27e002d95e6c993422&rnd=cdf050e1054a51edd6c34985fb1829bc&fsa=10013&module_id=27176&channel_id=615&client_type=1&publisher_id=623&profile_available=false&targetable=false&targeting_type=none&targeted=false&flyer_type_id=1558&flyer_run_id=776085&flyer_id=4654082&merchant_id=2503&premium_merchant=true&in_targeting_profile=false&budget_id=51425
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-110.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
via
1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
Z15srovwKvoCF2fcDGS2knWWauZkDgtqLppnYwpEHhMfTLhy2Q5bmQ==
x-cache
Miss from cloudfront
track.gif
a.wishabi.com/ Frame 5A7A 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=flyer&t=1643646832575&sid=d5f819bf6798ac27e002d95e6c993422&rnd=cdf050e1054a51edd6c34985fb1829bc&fsa=10013&module_id=27176&channel_id=615&client_type=1&publisher_id=623&profile_available=false&targetable=false&targeting_type=none&targeted=false&flyer_type_id=9342&flyer_run_id=773554&flyer_id=4630184&merchant_id=2914&premium_merchant=false&in_targeting_profile=false&budget_id=48949
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-110.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:52 GMT
via
1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
D2G2zbd_rIEow2pttgaSODT-d_IGurqt9cJTkHGyPM9XU4QX5Qj4pw==
x-cache
Miss from cloudfront
/
adspsp.com/pt/1710310/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/11/3/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=0,1,2,3,4,5:6,7,,6i:8,9,,6t:a,b,,8u:c,d,,6y:e,f,,2j:g,h,,7Z:i,j,,2W:k,l,,6G&b=0,1,m,n,o,5:6,p,,6j:8,q,,6t:2,r,,6r:a,s,,8u:c,t,,6z:e,u,,2k:g,v,,7Z:g,w,,7Z:i,x,,2W:k,y,,6G&b=0,1,8,z,A,5:6,B,,6j:8,C,,6t:a,D,,8u:c,E,,6z:e,F,,2k:g,G,,7Z:i,H,,2W:k,I,,6G&b=0,1,6,J,K,5:6,L,,6j:8,M,,6t:2,r,,6s:a,N,,8u:a,O,,8u:c,P,,6z:c,P,,6z:e,Q,,2k:g,R,,7Z:g,S,,7Z:i,T,,2W:k,U,,6G&b=0,1,V,W,X,5:6,Y,,6j:8,Z,,6t:2,r,,6s:2,r,,6s:c,10,,6z:c,10,,6z:e,11,,2k:g,12,,7Z:g,13,,7Z:k,14,,6G:15,16,,6A&b=0,1,17,18,19,5:6,1a,,6j:8,1b,,6t:2,r,,6s:2,r,,6s:a,1c,,8u:c,1d,,6z:c,1d,,6z:e,1e,,2k:g,1f,,7Z:i,1g,,2W:k,14,,6G:15,16,,6A&b=0,1,1h,1i,1j,1k:6,1l,,6j:8,1m,,6t:2,r,,6s:2,r,,6s:a,1n,,8u:a,1o,,8u:c,1p,,6z:c,1q,,6z:e,1r,,2k:g,1s,,7Z:g,1t,,7Z:i,1u,,2W:k,1v,,6G&bi=1,A258f4592d6e8a08,6,U1d4414755984b6,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience,4,540161677,5,11747857,8,4627232,10,206474,20,31660670,33,RdDNDHspumwjeZ0rUNnd0pI3,35,705289,115,8a969412017373b5acfab636c1720056,2,U390505f4d876e1,adb_leaderboard_atf,540161672,11747827,6708,4627228,206470,11988240,kweVjHUGArBG6hf26MQludWF,Wzw8PTIjiCweyzaXnMKNHN27,173355,8a969412017373b5acfab636b9130052,U43305148b18c11,adb_mediumRectangle_btf1,540161676,11747850,4627233,206473,31660668,QelwClNwBTEkTmmySB7CPYkI,705287,8a969412017373b5acfab636c35f0057,U5cf19a0aa9a3a3,adb_mediumRectangle_atf,540161675,11747838,4627231,4627234,206472,11988242,0rzKSepXgqC5dUuQI3ZJy4I0,6dS25Ty7ddFE8mVv0Zcann5W,173357,8a969412017373b5acfab636bf190055,14,U6a5d358bcc334d,adb_leaderboard_mid,540161674,12812950,213819,12812850,ccVECva4DSFcmufUCsC4hRze,RhAhHL3X0jLoZaEznwQUyb71,8a969412017373b5acfab636bb140053,172,CNHI,3,U8f2d540e6f8fd4,adb_leaderboard_btf,540161673,11747832,4627229,206471,31660665,PDDWminnzbApknGlqgkxpZCm,705284,11,U94f9a409f61a93,adb_floorboard,%2F9869277%2Fcnhi%2Fkokomotribune%2Frichmedia,540327076,11908123,4955987,4955988,302372,302373,19672429,4toHxb5i3eKGPsfolJ10gLL8,ZKnbpUBWqDmzqbvOMugL6P14,531933,8a969412017373b5acfab636ad1b004e&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2T33r&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6cz&m=z&rnd=1643646832581
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
/
www.kokomotribune.com/tncms/tracking/tncms-dmp/audience-extraction/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.kokomotribune.com/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A6880%7D&i=1643646831545,
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/shared-content/art/tncms/tracking.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

real-hostname
kokomotribune.com
x-vcache
MISS
age
0
date
Mon, 31 Jan 2022 16:33:52 GMT
content-type
application/octet-stream
cache-control
s-maxage=0, private, no-cache
accept-ranges
bytes
content-length
0
pr
s.amazon-adsystem.com/v3/ Frame 0EAC 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
fff904c8a9728a12e497be2f9971c8e43c1c301578dadfa44ba0f926f681b7b6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&dcc=t

Response headers

Server
Server
Date
Mon, 31 Jan 2022 16:33:52 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2676
Connection
keep-alive
x-amz-rid
B11B2MZYCTK0KYEJ8PPH
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
vf-css.a8f768d66798d43605eb.js
cdn.viafoura.net/chunks/ 		119 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.a8f768d66798d43605eb.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4253eeffa7e2615ed928c93b3a121f78f5204a9d309b0f337a99df4e075c7f0c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:02 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 17:46:12 GMT
server
AmazonS3
age
10851
etag
W/"54839dd8565ca6a510830e450ea486ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
d8DGz.Z7ttOdAX0dfvq.JPM3aM2LTQAJ
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
0JKcg2SNRHWvY4BFMJHLAmCMB76jymkw20xm118STBMHfeRlrx_fOg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B64D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 04:30:58 GMT
expires
Mon, 30 Jan 2023 04:30:58 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
129775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6C58 		783 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
GSE /
Resource Hash
aec3194251c4426ec775266dece7f2f7cbabc62a57b8e8d1486df199ce8ede46
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H0uCZpl5b3lYHFtCnXTDuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 16:33:53 GMT
date
Mon, 31 Jan 2022 16:33:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-H0uCZpl5b3lYHFtCnXTDuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame FAC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE9N5qr-GJx-wtfpcKPGCqAfbgfwgvwEPW324xHFwX5fGtN_GuVmGQJlDJAqGFWGMHXQHa2OVNyrgD3b-lwuV6d5GwFC34sygBpHOFLMvQecmXbmTVt_7NjCuF0ihX64I-cmg67ywOnK3ZT7trM6LNsAEQMB0UO-6FuQjq36gIqZlc2ZTKafLh_wV8kU6pR1cPnJfZyzBwEIcl3CfdplVFPEGYzygkwmmFo-pLTuwH3MlKmJ_akGphE5tLN0x87JUEbdH7TtHFguxOOQaUsTSSpgTre_5zyZw_iMRCSI19g_9AFGaZvwccfMeE6Eh57igtx0-pfg4EEvkGiiLtBfkRlrk-62XFD5jG4aWcMZEdxQJqqw&sig=Cg0ArKJSzAOVSKcV-u7ZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
www.googletagservices.com/tag/js/ Frame FAC6 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
86e8f74591cf79370f256d5fe6c85c2e8be27df5f2790b218b7e241a3c83f7c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27243
x-xss-protection
0
server
sffe
etag
"1118 / 795 of 1000 / last-modified: 1643639060"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 16:33:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAC6 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:53 GMT
jquery-3.4.1.min.js
code.jquery.com/ Frame A5BD 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://www.kokomotribune.com/
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15851"
vary
Accept-Encoding
x-hw
1643646833.dop204.ny3.t,1643646833.cds230.ny3.hn,1643646833.cds014.ny3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
container.html
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B68 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 16:33:52 GMT
expires
Tue, 31 Jan 2023 16:33:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F8FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 16:33:52 GMT
expires
Tue, 31 Jan 2023 16:33:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 01 Feb 2022 16:33:53 GMT
9980687455272680003
tpc.googlesyndication.com/simgad/ Frame A5BD 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9980687455272680003?
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
e338b0b79b03854702967c55919a317044f9d99466ae80cfea24ce755eb482ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:09:44 GMT
x-content-type-options
nosniff
age
347049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
212792
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 16:00:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 27 Jan 2023 16:09:44 GMT
9980687455272680003
tpc.googlesyndication.com/simgad/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEBvetbCl0YJVgp0CmL1qOLJ6DKcjpNAGap7MHCmWZldWrKCkV2EICTZCJmORBb15s1bwhGv-m8IQG0SFf0VHCrd5rezVnbv-P2YReh0AEJei72cUqwQhst9fo4E6XS6qvKKafhddqE...
  • https://tpc.googlesyndication.com/simgad/9980687455272680003?
208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9980687455272680003?
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
e338b0b79b03854702967c55919a317044f9d99466ae80cfea24ce755eb482ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:09:44 GMT
x-content-type-options
nosniff
age
347050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
212792
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 16:00:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 27 Jan 2023 16:09:44 GMT

Redirect headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tpc.googlesyndication.com/simgad/9980687455272680003?
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame A5BD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01a5a90b9e567bef3e1bd1a7defbbdd5d3b135b21dce554783778ee825f9541f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 0EAC
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=0d5a1267
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=0d5a1267
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HX6FFA58T397K8HYKWJA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 e6d15137ec23376f4c8a22e6edb289bc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=0d5a1267
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
AerVDjE6HNTTrL67jdwdvTAOmLKMwlAG-tUrBVVzOfbqqQodzhjM-Q==
ecm3
s.amazon-adsystem.com/ Frame 0EAC
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=72F68BF5CAC442F6A9C7DDC6AF708C4C&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=72F68BF5CAC442F6A9C7DDC6AF708C4C&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Y57STS6BF9EB4TP7R7Q3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:53 GMT
x-content-type-options
nosniff
server
nginx
location
https://s.amazon-adsystem.com/ecm3?id=72F68BF5CAC442F6A9C7DDC6AF708C4C&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:53 GMT
amzns2s
rtb.gumgum.com/usync/ Frame CBB3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dd72d3c7c8b7ab50347cdbbc88bf2b7976f73c091f647a15b66b055e9566614b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"01cf3ab48f454e8a88c64c1ead9849983"
timing-allow-origin
*
content-encoding
gzip
usermatch
ssum-sec.casalemedia.com/ Frame CFAC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ffcf8ff348caa8dbbb2f24d2d9471a8f1b5a9b331a735bcf5b1de3fc0c8de8a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|45|230|26|195|8|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 31 Jan 2022 16:33:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
Content-Length
1659
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
324
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 31 Jan 2022 16:33:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
Connection
keep-alive
cm
u.openx.net/w/1.0/ Frame 4855 		722 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
0fd9714b9566c94b342426ea03fcf07265fd815e091caba812101d47adcca294

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 31 Jan 2022 16:33:53 GMT
content-type
text/html
content-length
459
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame DBD0
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=3c2e3a05c0b5121b&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbw-JjEsFmQMWhb1BAAAAAAA&expiration=1643733233&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbw-JjEsFmQMWhb1BAAAAAAA&expiration=1643733233&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Mon, 31 Jan 2022 16:33:53 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
E117RJEKEWY0CPWDZ6F3
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

server
nginx
date
Mon, 31 Jan 2022 16:33:53 GMT
content-length
0
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbw-JjEsFmQMWhb1BAAAAAAA&expiration=1643733233&is_secure=true
ecm3
s.amazon-adsystem.com/ Frame 280F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3949519880991651774
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3949519880991651774
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Mon, 31 Jan 2022 16:33:54 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
XGF4EWWMFEQTQA2NKKVF
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
location
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3949519880991651774
content-length
0
date
Mon, 31 Jan 2022 16:33:53 GMT
index.html
cdn.districtm.io/ids/ Frame B665
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-type
text/html
cf-ray
6d6458261bc315a7-EWR
age
9755
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 4d95e17a6f22c6bea5ad0f9769f73450.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
mE6INTYlF9YrljAXF6mBsg9DLv9My9d3nsD4Gn2Wnn-B8B_04YJa_w==
x-amz-cf-pop
EWR52-C4
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Mon, 31 Jan 2022 16:33:53 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6d645825eb5715a7-EWR
cache-control
max-age=3600
expires
Mon, 31 Jan 2022 17:33:53 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
match.sharethrough.com/jwumXNuB/v1/ Frame F016 		427 B
614 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
184a1b47ae9d07025bc17e6b05a1989808d1c6fd3db77e083957e4108c24b55c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A7F4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=27972
expires
Tue, 01 Feb 2022 00:20:05 GMT
date
Mon, 31 Jan 2022 16:33:53 GMT
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 3BB9 		886 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.20.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-20-32.compute-1.amazonaws.com
Software
/
Resource Hash
1e510c465c34d4783b2b547bd65e54a69ae7f17c44f0d29593de1471b19c85e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
usync.html
eus.rubiconproject.com/ Frame 6B7A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 16:33:53 GMT
Connection
keep-alive
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f10.1e100.net
Software
ESF /
Resource Hash
9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 16:33:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 16:33:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 16:33:53 GMT
0.14315e14057ef1169f50.css
cdn.viafoura.net/ 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.14315e14057ef1169f50.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ec855206935e32d9ad48b5919e4c66b5f4366e04ab07fdade79bab9ff58033c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:01 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 17:46:18 GMT
server
AmazonS3
age
10853
etag
W/"e49f659039883c906a18c5cf42510824"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
y6G4WG6n4uZArKFW200rIJ8dz1RYBgKt
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
content-type
text/css; charset=utf-8
x-amz-cf-id
vlIF3FBicHNIpual5v-OByFKUKzd57ipA2YsfpfBoRpwL65ZhxpS2g==
da.bbe004bec7aeb1943f27.js
cdn.viafoura.net/chunks/ 		143 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.bbe004bec7aeb1943f27.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aea93cd57674c1df4ebbfe01b3de8f6b03ea7c793d520e4b504c73b22ea6cd64

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:01 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 17:46:04 GMT
server
AmazonS3
age
10853
etag
W/"4cb5f625c6666bd7b87efd83be5a6faa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
kP0znMrlevKaCPMZnvr1gkayXEdAUlYR
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
RBhgaAUZVBeQYtaPMbfO4ue4xDjgfG_AJj1zbt3EtZzU0j7hdntDlg==
134.0ad8e18897abff22b7ee.css
cdn.viafoura.net/ 		1 KB
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/134.0ad8e18897abff22b7ee.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64754f168a3b1f3fe4366208ef01c05a57681dc8e0be47377c8917b5fa1d415f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:01 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 17:46:18 GMT
server
AmazonS3
age
10853
etag
W/"e52c5e71fc5dc7fb2c9069bea4045f14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
JfAQVGmUL2yWOmITmvJJtcFQiJ0.XSQ6
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
content-type
text/css; charset=utf-8
x-amz-cf-id
Hsqx5aCljvFfJpfl51fkh1h9EYjKCQRZgTuVyLntk1bQIWH8MXJwag==
tray-trigger.faf47c88ffa53ed59244.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.faf47c88ffa53ed59244.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
661294bbaa1c90b3f755990ac024975d8553b8027eef08c0aed1dff19ac2ddf0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:01 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 17:46:11 GMT
server
AmazonS3
age
10853
etag
W/"7953c767a1e64ce844861bdde762942a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
KQynWv_OSJQEzIt64NK.WeP7qdnnvv.Q
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
OTO9HpIa90y9DIFTDE_mqZhiXoWd6IqQBQR7kc2EHErzwaE3OH0uOQ==
ingest
i.viafoura.co/v3/www.kokomotribune.com/ 		67 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.kokomotribune.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.kokomotribune.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-e01999b3c6ff%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1643646834%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1643646834%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%22f74e4c06-e9b7-49f9-8bf1-1d980f9b0f25%22%2C%22firstVisit%22%3A1643646834%2C%22previousVisit%22%3A1643646834%2C%22currentVisit%22%3A1643646834%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.kokomotribune.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-e01999b3c6ff%22%2C%22section%22%3A%2200000000-0000-4000-8000-e01999b3c6ff%22%2C%22pageImage%22%3A%22https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fkokomotribune.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F8a160924-fb3c-11e4-b4bc-d3905538449f.jpg%3Fcrop%3D630%252C630%252C285%252C0%26resize%3D200%252C200%26order%3Dcrop%252Cresize%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.kokomotribune.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22title%22%3A%22kokomotribune.com%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22Read%20the%20latest%20news%2C%20sports%2C%20features%2C%20weather%20and%20breaking%20stories%20from%20Kokomo%2C%20Howard%20County%2C%20Tipton%20County%20and%20Miami%20County%20right%20here.%22%2C%22topics%22%3A%5B%22local%20news%22%2C%22crime%22%2C%22weather%22%2C%22breaking%22%2C%22sports%22%2C%22weather%22%2C%22traffic%22%2C%22breaking%20news%22%2C%22kokomo%22%2C%22howard%20county%22%2C%22miami%20county%22%2C%22tipton%22%5D%2C%22git%22%3A%223cac04b1c6f1e90783e79de957e5daaab5a1ec21%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22kokomotribune.com%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22a03f6a70-6d2c-483a-9f02-e00c8f5759e3%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-102-122.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022012701.js
securepubads.g.doubleclick.net/gpt/ Frame FAC6 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 11:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122333
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 09:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Jan 2023 11:43:20 GMT
truncated
/ Frame FAC6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
373508ee6c05232068e322f2801b3b98c8ae642c437de11df9ac055686e812cc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=2:1,11,8601h,1w5b85,0,,0,qy`2i,1ri8s6od,26mt793,U94f9a409f61a93,adb_floorboard,%2F9869277%2Fcnhi%2Fkokomotribune%2Frichmedia&b=2:1,2,8601h,1w5b85,0,,0,qy`6y,1rhsjq7g,21k0xad,U390505f4d876e1,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&b=2:1,3,0,0,0,true,0,,0,0,U8f2d540e6f8fd4,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2T41u&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6kh&m=z&zi=adb_weather_atf,weatherhousead,0,adb_large-video,largevideoplayer,adb_reveal,reveal,adb_floorboard,richmedia,11,U94f9a409f61a93,adb_leaderboard_atf,totalaudience,2,U390505f4d876e1,adb_leaderboard_btf,3,U8f2d540e6f8fd4&z=0,1,2,2:.,1,360x0,bm,41i.0,0,008s&z=3,4,2,2:.,1,1x1,bq,268x.0,5bl,008w&z=5,6,2,2:.,1,1130x20,br,268x.0,5bl,008x&z=7,8,9,a:.,1,1600x90,dm,4uu.0,k,00at&z=b,c,d,e:.,1,1140x250,do,435.0,k,00au&z=f,c,g,h:.,1,1140x0,do,25yo.0,51c,00au&rnd=1643646833807
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A020 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYNrDlStIj7uUa-yPrujtGGHcA1LK1z2F6QctxvGu59BQJ6wNP86YtJNOVJq8rQwTx2Wnf3SE9RpwMD-tSJlyKAyXWYb4RBRKrcVLCXHGgR5wd-US2laY-vglp3mQj6pRcG9eXjljpWSoF1hBeHJNtU_2wg3kmGlR_MHylcSQ8fGYtn9ppau2tCKeXb107MhY9Db0LLxQKWi4y9wpYxp9Llf4zkjcwEHH-xT4TCTu8LhPm6fTWDMpZhqnczhE_jmXInC0ZpDFHiuIukxya-54I_z9Re4Cl44MQHUnEWTrI5R0UASky_H_-5r7lXjz3jtmklYILCMWcAe1C3idRXzGvkgE1iNeWYeHtZtZcnlZ46Q&sig=Cg0ArKJSzOCNY7aALdlkEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A020 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:32:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A020 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
6515262723969441314
tpc.googlesyndication.com/simgad/ Frame A020 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6515262723969441314
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
a41bd7159c8860f14829ed9beb02a24e7946983e5ab1ab81bf8924e87b341561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 00:47:44 GMT
x-content-type-options
nosniff
age
143170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110929
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:37:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 30 Jan 2023 00:47:44 GMT
l
www.google.com/ads/measurement/ Frame A020 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR32VPxw0Kc8LnS1TEsGot9AVUj5TJUb3W5IA6eNIIBc4vapQXBDmLOxgDKZa7tLLleIkmGFDpOvQ1Gfg_Iz-tAeSmMaA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
truncated
/ Frame A020 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4df97bc7f23984214192023edaa2fe2c6868a0b58447c9f1a79ee5c96a0edfea

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 4855 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=b1bca31d-0d07-c01b-2ce6-cc2cb31cfa2b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q0E89Y3RSE78HRWAZCMC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4855
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YfgPgQACsmpXoAAy
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfgPgQACsmpXoAAy&_test=YfgPgQACsmpXoAAy
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfgPgQACsmpXoAAy&_test=YfgPgQACsmpXoAAy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643646849.125567,VS0,VE0
x-served-by
cache-lga21923-LGA
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfgPgQACsmpXoAAy&_test=YfgPgQACsmpXoAAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
7dadb924-8101-e9a8-dd3f-584e2478fc82
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4855 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/7dadb924-8101-e9a8-dd3f-584e2478fc82?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.85.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-85-233.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 4855
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e96adf60-11ad-7be1-ece8-4ebbdb2f31cb&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=e96adf60-11ad-7be1-ece8-4ebbdb2f31cb&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7b60080-53d0-4379-88f3-81d8f68637b7&ttd_puid=e96adf60-11ad-7be1-ece8-4ebbdb2f31cb
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7b60080-53d0-4379-88f3-81d8f68637b7&ttd_puid=e96adf60-11ad-7be1-ece8-4ebbdb2f31cb
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7b60080-53d0-4379-88f3-81d8f68637b7&ttd_puid=e96adf60-11ad-7be1-ece8-4ebbdb2f31cb
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame 4855 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzUwNTBjYWEtZDhkYS0yNTQ1LWY5MDgtMTQwMjExY2RmZmFi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4855
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNMg0AJHXETp3T091ZSQmM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNMg0AJHXETp3T091ZSQmM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNMg0AJHXETp3T091ZSQmM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6B7A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60a4b7df11899f4c2beadd6c42358b829739aef12cedd672a26839b1273a433f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16147
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 31 Jan 2022 21:03:00 GMT
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=4909702476009743137
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=4909702476009743137
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
67105c37-4b63-4f5c-8494-decac2f04641
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=4909702476009743137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2&gdpr=&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=eefa9ad8-4158-46bb-92a1-aaef01e03c3c&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Date
Mon, 31 Jan 2022 16:33:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
outbrain
sync.hgrtb.com/ Frame CBB3
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Zo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2&obuid=ENC(Zo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DZo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb%26uid%3D%7BUSER_I...
0
0
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=1e577b10-39b8-43b7-8b93-5e56137f308d
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=1e577b10-39b8-43b7-8b93-5e56137f308d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=1e577b10-39b8-43b7-8b93-5e56137f308d
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-47f2504f-6bfb-4f0b-4dd8-9cfb7e168953$ip$37.120.138.195
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-47f2504f-6bfb-4f0b-4dd8-9cfb7e168953$ip$37.120.138.195
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-47f2504f-6bfb-4f0b-4dd8-9cfb7e168953$ip$37.120.138.195
Date
Mon, 31 Jan 2022 16:33:54 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-KEDMcAhE2pfN_ZJvABJVd8oZ9EpxE3mqvMIE~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-KEDMcAhE2pfN_ZJvABJVd8oZ9EpxE3mqvMIE~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 31 Jan 2022 16:33:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-KEDMcAhE2pfN_ZJvABJVd8oZ9EpxE3mqvMIE~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=946cd5fe-82b3-11ec-a9bf-a10e15a78249
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=946cd5fe-82b3-11ec-a9bf-a10e15a78249
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=946cd5fe-82b3-11ec-a9bf-a10e15a78249
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
946cd5ff-82b3-11ec-a9bf-a10e15a78249
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://rtb.gumgum.com/usersync?b=snc&i=23648134860141EF92D2E2886F7673DB
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=snc&i=23648134860141EF92D2E2886F7673DB
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 varnish
server
nginx
age
0
location
https://rtb.gumgum.com/usersync?b=snc&i=23648134860141EF92D2E2886F7673DB
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
x-varnish
869794898
content-length
0
142
match.deepintent.com/usersync/ Frame CBB3 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
server
c
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2&gdpr=&gdpr_consent=&us_privacy=
  • https://stags.bluekai.com/site/23178?id=bE3P6EoNpRikArLZ6rOk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVREKM2QGZCW6TTQKJUWWQLSJRNDM4SPNM
  • https://rtb.gumgum.com/usersync?b=zem&i=bE3P6EoNpRikArLZ6rOk
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=bE3P6EoNpRikArLZ6rOk
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&i=bE3P6EoNpRikArLZ6rOk
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
87
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=7551d5a1-6701-484c-855b-a0261d33ce27
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=7551d5a1-6701-484c-855b-a0261d33ce27
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=7551d5a1-6701-484c-855b-a0261d33ce27
date
Mon, 31 Jan 2022 16:33:54 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1643646834127
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5467241966
  • https://sync.1rx.io/usersync/tradedesk/f7b60080-53d0-4379-88f3-81d8f68637b7
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
Tengine
ETag
RX8beedfc7374e480eb3313f80ef61d4f1005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=voXcyPVxQiGh&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=voXcyPVxQiGh&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=voXcyPVxQiGh&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-c97897cf6-4bnvn
expires
-1
usersync
rtb.gumgum.com/ Frame CBB3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=3721647956072104407&gdpr=0&gdpr_consent=
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=3721647956072104407&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=3721647956072104407&gdpr=0&gdpr_consent=
date
Mon, 31 Jan 2022 16:33:53 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame CBB3 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
76PGR9K1Z1RTM0FX02NH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F016 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=51a2fb5d-978b-4d69-bc71-425e97e37d16
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YK7BWGJ58V3TDWXD9C9T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F016
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame F016
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame F016
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=003a4b88-32d8-4c14-bcd1-5c5358de9a09
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=003a4b88-32d8-4c14-bcd1-5c5358de9a09
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-length
68
content-type
image/png

Redirect headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=003a4b88-32d8-4c14-bcd1-5c5358de9a09
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
246
Expires
-1
v1
match.sharethrough.com/sync/ Frame F016
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KZ2WVVLY-V-AYRH
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KZ2WVVLY-V-AYRH
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KZ2WVVLY-V-AYRH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
Expires
0
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame B665 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
via
1.1 697118bcd171d3b8a0299bf4ce5a8604.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
152563
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6d645828180a15a7-EWR
x-amz-cf-id
lwQ1lEw9tGsIlt1UY6HrsjBk2yAp9q3IbjALvHkHmH0V-8_svMWTYw==
expires
Wed, 02 Feb 2022 16:33:53 GMT
ecm3
s.amazon-adsystem.com/ Frame 3BB9 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g9f162d0eb07679cbfe0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NYX2EAFCGZXV9ZB415TY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame 3BB9
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=4909702476009743137&pn_id=an
0
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=4909702476009743137&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
dc87cf27-e8f1-4eff-904a-e3d1ee3ee6d9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
559d7975-e702-45be-be82-b9b05d6d3ea2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=4909702476009743137&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 3BB9
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=nQHGQJtWlh6GAcUcz1ONHpsCk06GCZkbkgkuksyk
  • https://ads.yieldmo.com/sync?userid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&pn_id=bsw&extinit=0&gdpr=0&gdpr_consent=
43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&pn_id=bsw&extinit=0&gdpr=0&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.161.185.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-185-0.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&pn_id=bsw&extinit=0&gdpr=0&gdpr_consent=
Date
Mon, 31 Jan 2022 16:33:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame 3BB9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://match.adsrvr.org/track/cmb/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=f7b60080-53d0-4379-88f3-81d8f68637b7
43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.161.185.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-185-0.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame 3BB9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=CSunf-cDTytmJwFi_KJ-CCV4isM
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=CSunf-cDTytmJwFi_KJ-CCV4isM
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.161.185.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-185-0.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=CSunf-cDTytmJwFi_KJ-CCV4isM
Date
Mon, 31 Jan 2022 16:33:54 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame 3BB9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=voXcyPVxQiGh&ev=1&pn_id=pp&pid=561118
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=voXcyPVxQiGh&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.236.20.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-20-32.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync-pp.ads.yieldmo.com/sync?userid=voXcyPVxQiGh&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-c97897cf6-4bnvn
expires
-1
integrator.js
adservice.google.com/adsid/ Frame FAC6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kokomotribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FAC6 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1526293325578209&correlator=3634887887935141&output=ldjh&impl=fif&eid=31064601&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=5284%2Csyn.cnhi%2Ccnhi_engage_shell_ron&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D48770541a2f9d8ff%3AT%3D1643646832%3AS%3DALNI_MYqvGJQ0065O9w-o36rwdAZDZKlbg&cdm=www.kokomotribune.com&bc=31&abxe=1&dt=1643646833961&lmt=1643646833&dlt=1643646832760&idt=1178&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=2&adxs=235&adys=8726&adks=2329832947&ucis=hdctm4beqj3m&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwww.kokomotribune.com%2F&top=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=1x0&ga_vid=368398424.1643646830&ga_sid=1643646834&ga_hid=1746429596&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
66b93bcaadc33e7072b3fab6673a3771816936ede5145c2e0c5e8c15cb26f972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8679
x-xss-protection
0
google-lineitem-id
5650442623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138343887605
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6868765e4117553c807c0d618fa43454.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0F3D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6868765e4117553c807c0d618fa43454.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 16:33:54 GMT
expires
Tue, 31 Jan 2023 16:33:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dcm
s.amazon-adsystem.com/ Frame CFAC 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZE9JSVSVPS0HSY01QMYG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CFAC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&expiration=1646238834&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&expiration=1646238834&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7&expiration=1646238834&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame CFAC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfgPcVN.dLfCtiUyYqeTcwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CFAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CFAC
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YfgPcVN.dLfCtiUyYqeTcwAA%26989
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=26a94e58-3000-46ba-b05a-3d16faf5595f-tuct8f194f2
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=26a94e58-3000-46ba-b05a-3d16faf5595f-tuct8f194f2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=26a94e58-3000-46ba-b05a-3d16faf5595f-tuct8f194f2
date
Mon, 31 Jan 2022 16:33:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1967
crum
dsum-sec.casalemedia.com/ Frame CFAC
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c0ae7855-9d0d-4698-897b-bfc60eb0fab4
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c0ae7855-9d0d-4698-897b-bfc60eb0fab4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c0ae7855-9d0d-4698-897b-bfc60eb0fab4
date
Mon, 31 Jan 2022 16:33:54 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CFAC
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9b7ad47b-f4ea-409e-afbe-43e4bdfc9bce&expiration=1675182834
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9b7ad47b-f4ea-409e-afbe-43e4bdfc9bce&expiration=1675182834
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9b7ad47b-f4ea-409e-afbe-43e4bdfc9bce&expiration=1675182834
date
Mon, 31 Jan 2022 16:33:54 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CFAC
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420248101649
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420248101649
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420248101649
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame CFAC 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F3V1PRAXSB9ZEJPWFZ7R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A7F4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60265972&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
687cd802179b4c19188239ae01422a277ac6cf5d80ce296f1b0ca7b109e5ae41

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1654
content-type
text/html; charset=UTF-8
usersync
rtb.gumgum.com/ Frame 56CD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 31 Jan 2022 16:33:54 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master iad-pixel-x23 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=&gdpr_consent=
Expires
Mon, 31 Jan 2022 16:33:53 GMT
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 2611 		0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

server
Varnish
retry-after
0
accept-ranges
bytes
date
Mon, 31 Jan 2022 16:34:09 GMT
via
1.1 varnish
x-served-by
cache-lga21923-LGA
x-cache
MISS
x-cache-hits
0
x-timer
S1643646834.030051,VS0,VE15082
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame F5ED 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9hN2VlNzE0Ny0xZDQ1LTQwYTctYTQwNC1lNTY4MmNhMWQzYjI=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 31 Jan 2022 16:33:54 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A461 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=27971
expires
Tue, 01 Feb 2022 00:20:05 GMT
date
Mon, 31 Jan 2022 16:33:54 GMT
vary
Accept-Encoding
/
hde.tynt.com/deb/ Frame 8453
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4b6274060eef1a89eca9814cd04b5f148a34f9cab47059edb703588f339717e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1802
date
Mon, 31 Jan 2022 16:33:54 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Mon, 31 Jan 2022 16:33:54 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usersync
rtb.gumgum.com/ Frame 1C25
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=f7b60080-53d0-4379-88f3-81d8f68637b7&t=1646238834
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=f7b60080-53d0-4379-88f3-81d8f68637b7&t=1646238834
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=f7b60080-53d0-4379-88f3-81d8f68637b7&t=1646238834
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 8ADE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 16:33:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Mon, 31 Jan 2022 16:33:54 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usersync
rtb.gumgum.com/ Frame 4D12
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9ydGIuZ3VtZ3VtLmNvbS91c2Vyc3l...
  • https://cs.emxdgt.com/umcheck?apnxid=4909702476009743137&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly9ydGIuZ3VtZ3VtLmNvbS91c2Vyc3luYz9iPWVteCZpPSRFTVhVSUQ=
  • https://rtb.gumgum.com/usersync?b=emx&i=4909702476009743137brt64401643646834070633ad
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=emx&i=4909702476009743137brt64401643646834070633ad
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

content-type
text/html
date
Mon, 31 Jan 2022 16:33:53 GMT
location
https://rtb.gumgum.com/usersync?b=emx&i=4909702476009743137brt64401643646834070633ad
content-length
0
usersync
rtb.gumgum.com/ Frame 1339
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YfgPcsCo8XoAAFYfHGMAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YfgPcsCo8XoAAFYfHGMAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 31 Jan 2022 16:33:54 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YfgPcsCo8XoAAFYfHGMAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
6
X-SO-HostName
a-ad40283.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":22,"gdpr":false,"ipv4":"37.120.138.195","key":"YfgPcsCo8XoAAFYfHGMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40283"}
X-SO-Key
YfgPcsCo8XoAAFYfHGMAAAAA
X-SO-IP
37.120.138.195
X-SO-Cluster-ID
22
X-SO-Upstream-ID
a-ad40283
usersync
rtb.gumgum.com/ Frame A47D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=bcnkGZITNXiKo3lkzC0B&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=bcnkGZITNXiKo3lkzC0B&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 31 Jan 2022 16:33:54 GMT Mon, 31 Jan 2022 16:33:54 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=bcnkGZITNXiKo3lkzC0B&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 16:23:56 GMT
x-content-type-options
nosniff
age
518998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 16:23:56 GMT
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=2:1,14,0,0,0,true,0,,0,0,U6a5d358bcc334d,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&b=2:1,6,22h8pxy,10rpxnh,1rikkz8e,,236vghz,8c`6y,1rikkz8e,236vghz,U1d4414755984b6,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2T48q&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6ko&m=z&zi=adb_leaderboard_mid,totalaudience,14,U6a5d358bcc334d,adb_mediumRectangle_btf2_flex,6,U1d4414755984b6&z=0,1,2,3:.,1,1140x0,ec,254y.0,47m,00bi&z=4,1,5,6:.,1,360x250,eu,25kn.0,4nb,00c0&rnd=1643646834056
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 04:27:55 GMT
server
nginx
etag
W/"61ee2acb-16429"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 01 Feb 2022 16:33:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BC64 		624 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COrblOMCEPbe7egCGPitqrgBMAE&v=APEucNWMM7MNfJRgrUGr4zfai2nrthtpssHL3MMcuKum7LGFTi6bapV1z0IgzfrXgynUHpZkCOsq6bpv2Gfnv5qKB6vgdu9wZw
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.182.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa05s22-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 31 Jan 2022 16:33:54 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3A4E 		72 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3wKAgdOUqaIPSFVGbasJhtzaBVqFcvA_hJTvv-eKp4hdNEreIJL0dC8v3OqFZQMymmNyZlwv6_iD3mkoozoNfIRS3N7CJBHO8XSAueO3FqmzcJHi976YgVVhUQgN2LStPRkJbbNNOYw3DjP9Lm_bW7ct2iw&dbm_d=AKAmf-D8oFhcCykmBS3nDn-9q_VHqlHbTWBFB2uVml53-sk8sYwheXWpt2sWQMBYxRbkgYO4ULHGmS9j5ma24M-kVX11qcDt3lR8r8el__bXIVbYHZ5DmCaVbLPiyldiqhXtbEr7KyKNpze2oj7Uai9C-tbmJh7_eVBCAsce_1_tXoJrRXEQYnfgEFoZbG6nIreBRpbo5WQnEhdk0o20r0llPOjFiGe4b8goAAleDihdICF9HI3FXD8PmahAQFAisJutoC2895cQlhOyELjlSp8ZA4LMDAGOALj5R6Bv5cfarbxPqvKw2CaO1kjdPNT78e5K0Ze8sLUhoZxHDmtmhf_w2GjiD1hUNclyv9EXO55AK8pb0cmp7Zr--8IBeuSgMN9mn3PcVXUqqBZHMLwJTb5ToGrJRtR9WYljawQib5MtaJ4tZR4Wax6Cx2DW1TZ5zVkZ_VB6kZGgGpzN1lbz5JeRAfA9YGC9p0jY8dW6LIWJUK7J1tNlAX_uksAQOcodW9F5PXsmnvnZPVZUGXVmYvdo463RsvIKoYWpp9xAD4bJtqh8vioQqE4T5Jh_FngkITKh9VvH6tyJ0JDqRkDTrxyfCS8WEvKUuoDEpjnqHsiYalGp7P3u_-20GtImEOY0dfMJA48J3QKGKVVFoJ7-lfyURqmVuwirV8AwcVhdgxENb9rJLoklNIfeeBBarCD0G-EcNtKRvXSxNcztCEfTTsx3sPNB5dIT7WeTLDUoa3F4fefsNIHLn0u3otYjtDWbH_4vWYIzIQKxmqmeT4mClb2IJZsRDH11pUkzMGizgIgjqRHcAhxgadJVLCChFj97TtBL3T_WQezsF1CpUY6OeY1xf98IoBzQyH30hD05Pv3mU4rFgdyuI9HF9cfDZlZORXR68KW8_QJapfjWWY8cgBKkF0bRwjJvkU13vcC4FRkLbOT4OWtSQr0K8FVmCeVOPex8vS8fBbZNRPf8d8-La7A6Cq1PcAWR77Cqxg0h-PlLhm1VNA2BgnHuQzstzHyf98YyPv9HV-61IPrDg6pEA9iywF0nE0Pgg-6FtwZLIUP4UTFTzWSUgmJRNVj9VRqF6ODawrCJEQ91LRhMjqIC53Fle77jzj6lO6EmhE0hXkyJPz6clCnXNjEQ3klCFbgN9STuwRndwVkhd5yv-KSHxenD7AhzXXDcqqR-JGfbTFs0gf_JNra-IyCL-BSbH3qQw1NISfIlB1TEnDuU0Q3-wXEQmLFKF4kQqd4HinREx9oQCdOfy3BUu2EumTmbtyTY7739BgioCafhsScRtJUE_ZNUlzpt2s0VgmPahpjiXAsMcdZdj9PXRhZ5nAsJZ1qvi9bWhUZn5cNxJmL05aXjk93pcLdb2zfSszmlxteTqPlpD5l7ta8Ddh-hjghzX80WBwJeC5fkJx_YMOI_VGIuUHmG-zklAOzCYlgketCW9l9DvPCgXyVrm_rFNR2LW0-ItGFu3R9fI-7rWnmNcCfytLPJADD9J8YbWFZtPiryDETVJKQc7YMk-tULVp8m47bdO1UExmCuznycX3M5lcbOIQkjpf1qWMXOnWgbkLOx9j4ji86dYz_U0wgdKYY9ImgXNJydqIEs42dmoGa2817ojQ2Hu-6ZJmpxCifw9tN6BU4i03eLt0dugxovcFdEKGjXD5hxWZyAfC0dpOPhPNWaFYAH-a6KPg6irOq7FIKXfO5GPfdc10jjvKyn4v2eItZ4S0BQShaizd437OFLbDEZv8fxON_m1Y4DAM_yVXsPGO3PBFZYallDEEYX2aO_cieldAo3nSkKIb33NkZOoNW_fMZzz-SG625Vwtmg1qEAz14cmWG7LYclTUvkoj8bX4XNTsdjmtW46MdlI4L4FKOxlFvK62fG3LuDIGxtswAji3bRGUxGEiiCI5Cba3cO2KgIKPBIEXw8v4c-Tp_l2C_7ImQAkB0mDNJA8eujyM4YbJ9NClqUauhIvyb95MLiE9QO7HQFxRRBc4gIxgWkl4Zg2E1HxcIK81WoZ0YWoGLzrjBfv41oeCmqfx6qN0_LGyp3TNjTfIwgLfl-kleD7lCCy5KI7ekQawjSYq7a_cbuTgZfuI4NihJHsoam9dnk6N_f-sy7b-_sGHFTfH7rj7i3yaiIZPsfVpnMOqUKm54syXnCV-QqtRxnpGIF6wtPCorx8yM1B12yPBa7a2yo9xzEiiX8SVgONWYrE6963qJxgnSxq2VcTjXtaO3O5ZCSMgYHg8UCP_QnDwFh80fV8UHhevShEufvGgSmYoEbKtAURLWZ49Hk6AAAmtPI3N8-mB8Oshmzj0uuNBTxRlmCyH3SuXjEMEOz-1LJZk9UH9ToQzMo7bu4WsUxLR0OtGcnEIroLsuzGDKerEBMP1KVI9ejr1PvQr24DEsv4V81KlRfH5OLaN2UdzHRUeQFiKO4yfLgiLlJmmapUYmX4PIMS8BjWbwdfdkvtB0fDialOtLUZozNaWbqu4mT30FsYIhlbUBLNWPVVWjpaMAUC-28slV5oDQsYmjN4YGcIEa1WnRPqnwPJVE0DYyC7L1sEJFI75JnqITGNJabqY41FOIZ8ggfflnKkspHGkl0pxMHnoVLi2ENDgBHQmeLikoxXrmOuwbllmHJBckynVst61XynZQIXr_PAcFBMmODLG0-bjBISPMo2-ONXvPmJ8oHaFauMsB8fFze26N1Os3GsJKisdrDIJJL_Q34_mMYi0dg5NHJcDpu_pamjT9a2eAhFyb1Tryg1_5xYRRDaGrn9tYKqDreiekqqYxWIkIKP36AQRY6oJoG2Tr4Wjr3sovFMaPsfDXqHqr0e0F0ngd6Fh3rYKloM8GCNtJysZQ6q-Mxwo6Bs7g-yf--VHyY7JuelfkoRdtEgHbs6nmAVV2zfp0aqFJ_iPo1cPdUAZ3dV3cGD1w1Rc1EQicwxHTkZ3VShU435kthOMW5zbRXvv1d2Rx1Wp2Z6I-Tjcuwe4WFGd7ltNEyGMj9aqMFHyojvfJGOkmu0gCiAVHJDN097-CFDbDod-QaPB4sCO0GfKtr2iyckRcXpQETjY79Y3fDlSPdsq5uJtonciTE3IhG1oNawmdAIssrtax-ywt68lpWPIrCqpR88aDBsZDTCkXkdxe8dh6HbzWc7oGhoH7EBbzJDOj99wTMMLq6jgpQkdcaKQr5sdxK2x_jTOD_iKU27toB_sJv2KnaXGcsAyJBeO6l&cid=CAASEuRo97_5wT3OTefaP3zQlOGgkQ&rfl=2%2Chttps%253A%252F%252Fwww.kokomotribune.com%252F%240
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.182.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa05s22-in-f2.1e100.net
Software
cafe /
Resource Hash
878e9c2b5145f22b737e83c3fe667b721d48cf7004563834c901db9c71137db5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30570
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3A4E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:32:01 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3A4E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:33:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A4E 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A4E 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AaS_ttXVR7OMA7UF0mD7Fm1WTr2SfU5I-bbt8hc2hGrVfY_8eHF727nyuWD9A0T2BF-IT03bQugGjjYbQFMCQbPnIqHBfOUkH86BdmCJTzIIJu2H4
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-module-js.9f4d666c13ecef7bc318.js
cdn.viafoura.net/chunks/vuex_store/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.9f4d666c13ecef7bc318.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
677789b21eb1543f27cf7220da0b6f7c21a2fd207dcd1068c1b5e15a8d06ec62

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:33:02 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 17:46:01 GMT
server
AmazonS3
age
10853
etag
W/"045a90e36f4fa012c255cd65f3941202"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
oUxW4f9Z56.UWu.tjUuav_CNkyYvr3ry
via
1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR52-C4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
5fo2bi0D9MZ0onL5nOh1dj_o6tmnPj5oNPYlmuVbAT65wbsNa7z8MA==
ecm3
s.amazon-adsystem.com/ Frame 6B7A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZ2WVVLY-V-AYRH
  • https://s.amazon-adsystem.com/ecm3?id=KZ2WVVLY-V-AYRH&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KZ2WVVLY-V-AYRH&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FVT3KHW1GP5PYWSHPXG0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KZ2WVVLY-V-AYRH&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
container.html
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5376 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 16:33:52 GMT
expires
Tue, 31 Jan 2023 16:33:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame F8FC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbfFJcA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoElQJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1fF7_l9aBqfEtR8yco0pMHLKHqs4o3r24DM8G4p47EFWGSdhd-u4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzMyNzY2MjQwODMwMzE1NhjlixE&sigh=kz3PDTYSd5k&uach_m=[UACH]&cid=CAQSPACNIrLMiczyI8Rq2CWXiAE13cUpio-SQO_01SjCoqq5bxF3yfTSAzR88fJtbjB0qbjhT9S7UgBQBAOuAhgB
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame F8FC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=U-e3EbabQcoH-gHiIp0XAgAAAJJh0LfaacJURdl0bLO6IEoQcQ_4YbyTwIxazVZXFRwKABI&wp=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.130 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
server
Kestrel
server-processing-duration-in-ticks
459089
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame EC24 		108 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.145 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2b0933d61dc2af9edae739c00779506763d9f23011d2cbe1a6e410a5710d5004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=mo4Gg6_glbHJPEq5Hox9L-7kNMHBB6woMmNjz5Ng1Cend3ntOhydeoBsqoCUNgCJflEtXl1oQtSHCuo2PiUWJ_520l8OM5Mz1ACvbC0jTMF86-EeA6QOd-Wh6aDYvbYuiAUryPLDfvG9u5qfDkv1ecdK2erDDonT_CUU4UCZbuRM8Dvkv8CYyf-R1zwDrjm2cwqGs-KY8cnSQNGDiafhJetnHAinQQ7B08Pn30Z8yhltnBPex2pFoFbboD7GrtjgIGjB7Q"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
44414825
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F8FC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:32:01 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DE2A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 30 Jan 2022 19:21:13 GMT
expires
Mon, 31 Jan 2022 19:21:13 GMT
cache-control
public, max-age=86400
age
76361
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F8FC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:33:24 GMT
l
www.google.com/ads/measurement/ Frame F8FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCuT1BsG9iNYcA8vht7AcIoUTCNdFtS_L1P3gCKvhucYl0NNMPsb6PuOPRx_v65oBUUCL-EtHTRKEx0sKcNrtP_mvf3Q
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F8FC 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 23:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F8FC 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
buyers
dmx.districtm.io/s/v1/ Frame B665 		573 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6a1cca626a1192f8480f43e4ba7425e8f5c5c3744bd30ecab5cea0e274b668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d64582afdda15a7-EWR
access-control-allow-headers
Origin, Content-Type
view
securepubads.g.doubleclick.net/pcs/ Frame 57BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1h4sjRxrx_1gikn6wyo0m5ntrs2mrlO6i5LReb_VHPKeemH0Koy_32zndsPeSQfRjLrgJRYafbt_7zx9e9xMS4oY8dy0gzk49JCyz1lhPqL9noNXqpQ6OwTE-hk4wqNHtVTWEN7hO6vY7JiKaJwisFnP5_RX972pbF6f65i5s_RapWyZqQyukBWSSZjAhLtt0V_yGAfPQMrtc5f9nrq1DNijLCBJ4lixoHRBJQBU1jubCX8xHnN6iCmYpbQSAwJcAtjsAN8-0HEQcJAF-HSWhTRrqvGW6jkVEWWUVP1t0826Nu-3d4OY49o9H1TDGwACdgyB5Sc3asmnO&sig=Cg0ArKJSzCqWlyzwrCYVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
synacor-syndication.js
synadproducts.synacormedia.com/ Frame 57BD 		380 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synadproducts.synacormedia.com/synacor-syndication.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79EE) /
Resource Hash
99b497da7b2a964997bd2ef1a7dc3ce14f962e6f11dfa21d7df25021beb3a879

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
age
73
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
98901
access-control-allow-origin
*
last-modified
Tue, 03 Nov 2020 20:24:53 GMT
server
ECAcc (nya/79EE)
etag
"5f1d5-5b339a7c88f40"
vary
Accept-Encoding
x-varnish
424225538 424040544
via
1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 31 Jan 2022 16:38:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 57BD 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6C58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012601&jk=4113451364258125&rc=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame BE8A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYivsOYXwqh063jTbm_mEsXrETqjGoBG_tkob-y5RRMZX18FVCbJc9HkTQ6MrBrQhF4DzJrFVJ_54wGW2hoURFnlpkhbqcpaKkqoJP1CNYeppG7oTbEQU1Z5FHWwjcdN3Binwj8pc5ccKXhzCBN0dpW41s-PmUhfDSmw4NpF6IhRmxn3FMhgTDOtNgxY-VOoZywIq287xqNp4gYVmhrjABHHG7ZdbCrvrbhweBqmKRrMBvUCKRbZmL8ZHjwra4WjqRJ0kUbOtnWaeYgChWuRh2eu1rhZTBeZqP3C6vYxueAXp6qJmuT-UlvXVHGLnoarUr4tiylfmOskZPIQcNMPZkBxSRdg3Js8g1CpFiJs46Dg&sig=Cg0ArKJSzI9MikHdNZiTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame BE8A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:32:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE8A 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
5162135182230173113
tpc.googlesyndication.com/simgad/ Frame BE8A 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5162135182230173113
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
be210deb440885f06dafbb7ea741e0eb7f15a8d3a8b1b8ad3c778709fbac2aa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 01:49:44 GMT
x-content-type-options
nosniff
age
312250
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88298
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:37:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 28 Jan 2023 01:49:44 GMT
l
www.google.com/ads/measurement/ Frame BE8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyDlpkrQtzXtqHlzaAgCFSPlXhviT-8asTpiAbroQ95xmiFqK0zyG-kLkLkQXsbeh7okLKgbHCM1Dlpx0rJtwhlqSSbg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 6B7A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a6661f8-0f72-4100-92ed-e1893d6cb49c&expires=28
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a6661f8-0f72-4100-92ed-e1893d6cb49c&expires=28
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
MT3 4133 baa842e master iad-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a6661f8-0f72-4100-92ed-e1893d6cb49c&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 16:33:53 GMT
pixel
cm.g.doubleclick.net/ Frame 6B7A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyV1ZWTFktVi1BWVJI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyV1ZWTFktVi1BWVJI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyV1ZWTFktVi1BWVJI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 6B7A 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
v1
ads.yahoo.com/cms/ Frame 6B7A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ2WVVLY-V-AYRH&sigv=1&esig=2~9bd385c4509decc6785afcac9af2c4499518baca
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ2WVVLY-V-AYRH&sigv=1&esig=2~9bd385c4509decc6785afcac9af2c4499518baca
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
69.147.92.11 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
e1.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ2WVVLY-V-AYRH&sigv=1&esig=2~9bd385c4509decc6785afcac9af2c4499518baca
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6B7A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=&expires=30
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7b60080-53d0-4379-88f3-81d8f68637b7&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 6B7A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfgPcgACvaPt5gBH
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfgPcgACvaPt5gBH&_test=YfgPcgACvaPt5gBH
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfgPcgACvaPt5gBH&_test=YfgPcgACvaPt5gBH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643646835.563987,VS0,VE0
x-served-by
cache-lga21923-LGA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfgPcgACvaPt5gBH&_test=YfgPcgACvaPt5gBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 6B7A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTNmMjBlZGY2ZTc3NTM4ZTE1OWQ5ZmRmZGM4NWNhZGM1NmYyYWFjNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTNmMjBlZGY2ZTc3NTM4ZTE1OWQ5ZmRmZGM4NWNhZGM1NmYyYWFjNw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTNmMjBlZGY2ZTc3NTM4ZTE1OWQ5ZmRmZGM4NWNhZGM1NmYyYWFjNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6B7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELPfKrfM-TchNcCPs5we63Q&google_cver=1
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELPfKrfM-TchNcCPs5we63Q&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELPfKrfM-TchNcCPs5we63Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame BE8A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c6e9e95c1b611e5213a25808ffc0c16b7872830e6fc2aef92fe751af18a248

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
match
c1.adform.net/serving/cookie/ Frame 3B96
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=97A641CF-0105-4E75-A3D1-DE931CED0425
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=97A641CF-0105-4E75-A3D1-DE931CED0425
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=97A641CF-0105-4E75-A3D1-DE931CED0425
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 31 Jan 2022 16:33:54 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=97A641CF-0105-4E75-A3D1-DE931CED0425
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8F20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfgPcgACvaPt5gBH&gdpr=0&gdpr_consent=
1 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfgPcgACvaPt5gBH&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va1pug013:0:925
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfgPcgACvaPt5gBH&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 varnish
x-served-by
cache-lga21923-LGA
x-cache
HIT
x-cache-hits
0
x-timer
S1643646835.523944,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1D38
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=0&gdpr_consent=
42 B
354 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 16:33:54 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:1241
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 31 Jan 2022 16:33:54 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master iad-pixel-x14 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=0&gdpr_consent=
Expires
Mon, 31 Jan 2022 16:33:53 GMT
ecm3
s.amazon-adsystem.com/ Frame 7133 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=97A641CF-0105-4E75-A3D1-DE931CED0425&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 31 Jan 2022 16:33:54 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
NM3C68PMRHZJWMF302DN
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A7F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l6ZBzwEFTnWj0d6THO0EJQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=27971
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 01 Feb 2022 00:20:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame A7F4
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=97A641CF-0105-4E75-A3D1-DE931CED0425
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAbrQ6EYFZ7DdjVvIzWhAPA&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAbrQ6EYFZ7DdjVvIzWhAPA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAbrQ6EYFZ7DdjVvIzWhAPA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A7F4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6a6661f8-0f72-4100-92ed-e1893d6cb49c
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
MT3 4133 baa842e master iad-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 16:33:53 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A7F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOl3p0bIGsdj7r51MyLlb58&google_cver=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOl3p0bIGsdj7r51MyLlb58&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug008:0:623
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOl3p0bIGsdj7r51MyLlb58&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A7F4
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
42 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:43:01 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug022:0:663
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 31 Jan 2022 16:33:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A7F4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3949519880991651774&gdpr=0&gdpr_consent=&us_privacy=
1 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3949519880991651774&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:10:15 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug004:0:478
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3949519880991651774&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A7F4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f7b60080-53d0-4379-88f3-81d8f68637b7
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug011:0:897
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usync.js
eus.rubiconproject.com/ Frame 8ADE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60a4b7df11899f4c2beadd6c42358b829739aef12cedd672a26839b1273a433f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16146
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 31 Jan 2022 21:03:00 GMT
AAAGbf6wWgd_zwNvyrF1AAAAAAA&expiration=1643733234&nuid=24TFnElmDWTMk19Moy7cilFWRxE&is_secure=true
dmx.us-east-31.districtm.io/s/10007/ Frame B665
Redirect Chain
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=24TFnElmDWTMk19Moy7cilFWRxE&rurl=//dmx.us-east-31.districtm.io/s/10007/
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=31daf846e302121c&is_secure=true&version=1&networkId=33921&nuid=24TFnElmDWTMk19Moy7cilFWRxE&rurl=%2F%2Fdmx.us-east-31.districtm.io%...
  • https://dmx.us-east-31.districtm.io/s/10007/AAAGbf6wWgd_zwNvyrF1AAAAAAA&expiration=1643733234&nuid=24TFnElmDWTMk19Moy7cilFWRxE&is_secure=true
153 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-31.districtm.io/s/10007/AAAGbf6wWgd_zwNvyrF1AAAAAAA&expiration=1643733234&nuid=24TFnElmDWTMk19Moy7cilFWRxE&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
34.75.117.5 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
5.117.75.34.bc.googleusercontent.com
Software
/
Resource Hash
4cc6003cc098fd5b2bb57de84be137724be3cd84e588df5d06f4b143399272de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-length
153
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
//dmx.us-east-31.districtm.io/s/10007/AAAGbf6wWgd_zwNvyrF1AAAAAAA&expiration=1643733234&nuid=24TFnElmDWTMk19Moy7cilFWRxE&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
bcnkGZITNXiKo3lkzC0B
dmx.districtm.io/s/10027/ Frame B665
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=districtm
  • https://dmx.districtm.io/s/10027/bcnkGZITNXiKo3lkzC0B?pi=districtm
76 B
162 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10027/bcnkGZITNXiKo3lkzC0B?pi=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a881e8223e3183e51e0a116d08c2f519f3ba1422d154d50c1f11043e6f2387f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 31 Jan 2022 16:33:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d64582cb9dd15a7-EWR

Redirect headers

location
https://dmx.districtm.io/s/10027/bcnkGZITNXiKo3lkzC0B?pi=districtm
pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT, Mon, 31 Jan 2022 16:33:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
YfgPcgACvaPt5gBH
dmx.us-east-31.districtm.io/s/10016/ Frame B665
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D
  • https://dmx.us-east-31.districtm.io/s/10016/YfgPcgACvaPt5gBH
72 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-31.districtm.io/s/10016/YfgPcgACvaPt5gBH
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
34.75.117.5 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
5.117.75.34.bc.googleusercontent.com
Software
/
Resource Hash
cdff629c56e20c89535f897b3bc13ead99e858fee93cefc0fe899d4f1009709a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-length
72
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643646835.547386,VS0,VE0
x-served-by
cache-lga21923-LGA
x-cache
HIT
location
https://dmx.us-east-31.districtm.io/s/10016/YfgPcgACvaPt5gBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
CSunf-cDTytmJwFi_KJ-CCV4isM
dmx.districtm.io/s/10026/ Frame B665
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/CSunf-cDTytmJwFi_KJ-CCV4isM
83 B
139 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/CSunf-cDTytmJwFi_KJ-CCV4isM
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9c0a5060a57f27056c3c91233b6171a086fbedfdd16630da8a34a96612fcdba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 31 Jan 2022 16:33:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d64582d2ab815a7-EWR

Redirect headers

Location
https://dmx.districtm.io/s/10026/CSunf-cDTytmJwFi_KJ-CCV4isM
Date
Mon, 31 Jan 2022 16:33:54 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
dmx.districtm.io/s/10001/ Frame B665
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
  • https://dmx.districtm.io/s/10001/70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
106 B
151 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92678d0bac988e1eab55bf8261584fde04f55a04d920ac4567a367642f353ae9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 31 Jan 2022 16:33:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d64582d7b7c15a7-EWR

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:53 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=2:1,4,28cdleq,18d0a69,1rjdlvsc,,2ghy3cd,8c`6y,1rjdlvsc,2ghy3cd,U5cf19a0aa9a3a3,adb_mediumRectangle_atf,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&b=2:1,5,22h8pxy,10rpxnh,1rikkz8b,,236vghz,8c`6y,1rikkz8b,236vghz,U43305148b18c11,adb_mediumRectangle_btf1,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2T4n4&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6rq&m=z&zi=adb_mediumRectangle_atf,totalaudience,4,U5cf19a0aa9a3a3,adb_mediumRectangle_btf1,5,U43305148b18c11&z=0,1,2,3:.,1,360x250,fi,210m.0,3a,00co&z=4,1,5,6:.,1,490x250,gf,225o.0,18c,00dl&rnd=1643646834573
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame B64D 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
521342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:44:52 GMT
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-e01999b3c6ff/ 		36 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-e01999b3c6ff/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-102-122.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.kokomotribune.com
date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
usersync
rtb.gumgum.com/ Frame 8ADE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=KZ2WVVLY-V-AYRH
  • https://rtb.gumgum.com/usersync?b=mag&i=KZ2WVVLY-V-AYRH
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=mag&i=KZ2WVVLY-V-AYRH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=mag&i=KZ2WVVLY-V-AYRH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
usync.html
eus.rubiconproject.com/ Frame ADFA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 16:33:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
date
Mon, 31 Jan 2022 16:33:54 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7275
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646834529.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=27971
expires
Tue, 01 Feb 2022 00:20:05 GMT
date
Mon, 31 Jan 2022 16:33:54 GMT
vary
Accept-Encoding

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
40000000008200000A
server
33XP002
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
content-length
0
date
Mon, 31 Jan 2022 16:33:54 GMT
usersync
rtb.gumgum.com/ Frame 8453
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1643646834529.&ri=0013300001r0t9mAAA&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://rtb.gumgum.com/usersync?b=tta&i=117487727574175
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=tta&i=117487727574175
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.238.175.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-175-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:53 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://rtb.gumgum.com/usersync?b=tta&i=117487727574175
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 8453
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=the33across&gdpr=0&user_id=nQHGQJtWlh6GAcUcz1ONHpsCk06GCZkbkgkuksyk
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
date
Mon, 31 Jan 2022 16:33:55 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame 8453
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646834529.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=6a6661f8-0f72-4100-92ed-e1893d6cb49c
68 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
MT3 4133 baa842e master iad-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 16:33:53 GMT
match
cms-xch-chicago.33across.com/ Frame 8453
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-lnHlA3ZE2uGuWpSdjLURanbTLlmW9h7y~A
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-lnHlA3ZE2uGuWpSdjLURanbTLlmW9h7y%7EA&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-lnHlA3ZE2uGuWpSdjLURanbTLlmW9h7y%7EA&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:53 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-lnHlA3ZE2uGuWpSdjLURanbTLlmW9h7y%7EA&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 8453
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=3cd6aea7fa4a121b&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGblmjalQpHAN4929rAAAAAAA&expiration=1643733234&is_secure=true&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGblmjalQpHAN4929rAAAAAAA&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGblmjalQpHAN4929rAAAAAAA&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:53 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGblmjalQpHAN4929rAAAAAAA&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 460F 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: synadproducts.synacormedia.com
URL: https://synadproducts.synacormedia.com/synacor-syndication.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
19a60c448ec2c26af27244a41eb8da427133182653be71ece5fbbdc4936fdd4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27094
x-xss-protection
0
server
sffe
etag
"1118 / 502 of 1000 / last-modified: 1643638952"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 16:33:55 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5376 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 23:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5376 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
rum
dsum-sec.casalemedia.com/ Frame BC64
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COrblOMCEPbe7egCGPitqrgBMAE&v=APEucNWMM7MNfJRgrUGr4zfai2nrthtpssHL3MMcuKum7LGFTi6bapV1z0IgzfrXgynUHpZkCOsq6bpv2Gfnv5qKB6vgdu9wZw
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BC64
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfgPcVN.dLfCtiUyYqeTcwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COrblOMCEPbe7egCGPitqrgBMAE&v=APEucNWMM7MNfJRgrUGr4zfai2nrthtpssHL3MMcuKum7LGFTi6bapV1z0IgzfrXgynUHpZkCOsq6bpv2Gfnv5qKB6vgdu9wZw
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:54 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHB4bjdv9D3_eamXMdPy6pI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BC64
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMIBjexfOXSzlFz29J28i_U&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMIBjexfOXSzlFz29J28i_U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COrblOMCEPbe7egCGPitqrgBMAE&v=APEucNWMM7MNfJRgrUGr4zfai2nrthtpssHL3MMcuKum7LGFTi6bapV1z0IgzfrXgynUHpZkCOsq6bpv2Gfnv5qKB6vgdu9wZw
Protocol
HTTP/1.1
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
288d6e64-b0c6-421b-9853-caef228bd92c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMIBjexfOXSzlFz29J28i_U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC64
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwOTcwMjQ3NjAwOTc0MzEzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwOTcwMjQ3NjAwOTc0MzEzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COrblOMCEPbe7egCGPitqrgBMAE&v=APEucNWMM7MNfJRgrUGr4zfai2nrthtpssHL3MMcuKum7LGFTi6bapV1z0IgzfrXgynUHpZkCOsq6bpv2Gfnv5qKB6vgdu9wZw
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
859b3356-6e76-4939-9456-15c0999afce0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwOTcwMjQ3NjAwOTc0MzEzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame ADFA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60a4b7df11899f4c2beadd6c42358b829739aef12cedd672a26839b1273a433f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16146
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 31 Jan 2022 21:03:00 GMT
truncated
/ Frame F8FC 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44bfb8039bf3a9b0f48967c9b5bdbc135c59706529cf9bafb9f56a67379e8b1a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame EC24 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 26 Jan 2023 16:33:54 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame EC24 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 26 Jan 2023 16:33:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EC24 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 26 Jan 2023 16:33:54 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame EC24 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 26 Jan 2023 16:33:54 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame EC24 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=kMslsHszEIWWzEp7E3aQtyV9cuzH5kiLhIlUJv_k-0qGmXCcTdNtTZK25S-TUu1ZimzwgAmEwrBDm2IfPpGahqWn6NBEeOUqr6M00hvjJZAeDrvWHdeBTtf9rBPFsS2lwSVOQoMCJP9hubwqyMm62RlWESrS4tJuQJj0NmW-59ERCbh0TssKrxE9Q7SgfmjR47BEqHsSEPqBZu8lAwl7vwuYgBWgyTGfKyZZDmzbNPmHv6zx7jJITky2v8LSW8jMcFJm3j_sDWWgnILMJzn7Qga-nJuG37r8QkfYkXSahN003zr3oxbLgwWaQgyNyC0lPR1C0SE1L-2BQWO66IWWh9Ll9VQ-bptHgj8IUtAbDQs-ygXS3CIEazy3ft9oHPBLE8VOC448B99jmkIxN9tryxT0tMFCf2BzAGTJ9dW5BGAwwW9U004xoUHlG7fumqovRiSNpg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3493880
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DE2A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1&google_push=AYg5qPLpJnV9E9uc7kOa1Fe8i4yR-OfFck-w7hg9fS2UUNMuVGrwii1un-LNbI2ezjYy7u0a9VHP_h_ZbgchET2d5M8hb82UUEA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk0OTUxOTg4MDk5MTY1MTc3NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
presentation-atl1.turn.com
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DE2A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBQmqHPkrig6yZxh-VMeM7E&google_cver=1&google_push=AYg5qPJKuvAOiYbghyZyu2QhqKVoqdoF2Q1q6kAE7GGMYYF9KO_tZkThBn...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJKuvAOiYbghyZyu2QhqKVoqdoF2Q1q6kAE7GGMYYF9KO_tZkThBncySQA2pPFCmXp4nzYQFHSKeGq_iQqu_WkS7mc-Pvf8&google_hm=kSzMtC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJKuvAOiYbghyZyu2QhqKVoqdoF2Q1q6kAE7GGMYYF9KO_tZkThBncySQA2pPFCmXp4nzYQFHSKeGq_iQqu_WkS7mc-Pvf8&google_hm=kSzMtCbekLL0WtDb8V8XjQ
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJKuvAOiYbghyZyu2QhqKVoqdoF2Q1q6kAE7GGMYYF9KO_tZkThBncySQA2pPFCmXp4nzYQFHSKeGq_iQqu_WkS7mc-Pvf8&google_hm=kSzMtCbekLL0WtDb8V8XjQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame DE2A 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPycBHuwmX_G6l-B9YtVSsU&google_cver=1&google_push=AYg5qPK_LS4Jk_UooXh1zZZZ-z1Rzbq0CE4oQg8BI1tHM4v-hAzQV6cEpD1wnIzO7CewzzVF4753IyuiiSyK5dOjhGLRDLeysXDI
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame DE2A
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESED04DCgUXgNgOjMi-q8x9k8&google_cver=1&google_push=AYg5qPKbGITijmkuTrxwXdTxxQP1fNVfpH_PLogYs_bNeZllhQT85b3KsR3zBV_8NPlea_HETXa1m3THNaOy8fm3VOjqce2Y8H0
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKbGITijmkuTrxwXdTxxQP1fNVfpH_PLogYs_bNeZllhQT85b3KsR3zBV_8NPlea_HETXa1m3THNaOy8fm3VOjqce2Y8H0&google_hm=NjxVXLgrws8KnAIMCDYLcQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKbGITijmkuTrxwXdTxxQP1fNVfpH_PLogYs_bNeZllhQT85b3KsR3zBV_8NPlea_HETXa1m3THNaOy8fm3VOjqce2Y8H0&google_hm=NjxVXLgrws8KnAIMCDYLcQ==
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKbGITijmkuTrxwXdTxxQP1fNVfpH_PLogYs_bNeZllhQT85b3KsR3zBV_8NPlea_HETXa1m3THNaOy8fm3VOjqce2Y8H0&google_hm=NjxVXLgrws8KnAIMCDYLcQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
2ld8hnlspaaih7kl7rof257di2lgtpse
pixel
cm.g.doubleclick.net/ Frame DE2A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMXCkz2iiCOzXc0mNQzbafs&google_cver=1&google_push=AYg5qPJx2Syue7zNspUWPiwtf1z4GtlOZUpefcKDaC7MhXaYsbKaYZsz_D06cB0D8yrEiQaPshVwwMgD4l03w...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJx2Syue7zNspUWPiwtf1z4GtlOZUpefcKDaC7MhXaYsbKaYZsz_D06cB0D8yrEiQaPshVwwMgD4l03wrxQGtFFCkW9TN0&google_hm=YkUzUDZFb05wUmlrQXJMW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJx2Syue7zNspUWPiwtf1z4GtlOZUpefcKDaC7MhXaYsbKaYZsz_D06cB0D8yrEiQaPshVwwMgD4l03wrxQGtFFCkW9TN0&google_hm=YkUzUDZFb05wUmlrQXJMWjZyT2s=
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:54 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJx2Syue7zNspUWPiwtf1z4GtlOZUpefcKDaC7MhXaYsbKaYZsz_D06cB0D8yrEiQaPshVwwMgD4l03wrxQGtFFCkW9TN0&google_hm=YkUzUDZFb05wUmlrQXJMWjZyT2s=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DE2A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD...
0
0
pixel
cm.g.doubleclick.net/ Frame DE2A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEButtRPm7IHFpjHqABKmj_Y&google_cver=1&google_push=AYg5qPI8B8FLEpHbvH3yKkj4NlvCOhu9CbaTbzgj0RCcqbxUzLfX0UdGOW8nMKe8fLEhJ7SfBaqHzy6sJHVisJNKu...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI8B8FLEpHbvH3yKkj4NlvCOhu9CbaTbzgj0RCcqbxUzLfX0UdGOW8nMKe8fLEhJ7SfBaqHzy6sJHVisJNKu1oUFoAByvsK&google_hm=1da497eb4b4e340f36ac8aee
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI8B8FLEpHbvH3yKkj4NlvCOhu9CbaTbzgj0RCcqbxUzLfX0UdGOW8nMKe8fLEhJ7SfBaqHzy6sJHVisJNKu1oUFoAByvsK&google_hm=1da497eb4b4e340f36ac8aee
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 16:33:55 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI8B8FLEpHbvH3yKkj4NlvCOhu9CbaTbzgj0RCcqbxUzLfX0UdGOW8nMKe8fLEhJ7SfBaqHzy6sJHVisJNKu1oUFoAByvsK&google_hm=1da497eb4b4e340f36ac8aee
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame DE2A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ie3uJkW7ONu1rPuobJ2XGWvgiLbvKbiIJGnLmAVWNMO4rSvi1_1fCYtx2VcZIvh0u-geQF
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame ADFA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KZ2WVVLY-V-AYRH
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KZ2WVVLY-V-AYRH
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZ2WVVLY-V-AYRH&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZ2WVVLY-V-AYRH&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZ2WVVLY-V-AYRH&ts=1643646834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EC24 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
395520
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6PZlGpUYu1rnl06o3O%2BMoXYY3SVCleaJ7O9L4zKV6CxiVKnZLzvGN%2BzHe0PmYzLEBhE20rISMLLOpW4u3uqTUNg6ajxP%2F1NDqGWMOTaDcyUUs5iSGQzprgvp4P2dIBuFERx4LtV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d64582fe9198cb1-EWR
expires
Sat, 21 Jan 2023 16:33:55 GMT
animejs.js
static.criteo.net/animejs/ Frame EC24 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 26 Jan 2023 16:33:54 GMT
img
pix.us.criteo.net/img/ Frame EC24 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90645&q=80&r=0&u=https%3A%2F%2Fassets.investingoutlook.co%2Fuploads%2F2021%2F10%2FMarc3.png&v=3&w=800&s=wa_YUrGygoiDjetgHQPsj4BU&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b63dd180f0c0b259626b93a87ec7575d5f748d1fcb83acd728cbd0104110262f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8386
expires
Mon, 31 Jan 2022 16:33:55 GMT
all
csm.us.criteo.net/ Frame EC24 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=mo4Gg6_glbHJPEq5Hox9L-7kNMHBB6woMmNjz5Ng1Cend3ntOhydeoBsqoCUNgCJflEtXl1oQtSHCuo2PiUWJ_520l8OM5Mz1ACvbC0jTMF86-EeA6QOd-Wh6aDYvbYuiAUryPLDfvG9u5qfDkv1ecdK2erDDonT_CUU4UCZbuRM8Dvkv8CYyf-R1zwDrjm2cwqGs-KY8cnSQNGDiafhJetnHAinQQ7B08Pn30Z8yhltnBPex2pFoFbboD7GrtjgIGjB7Q&sds=2&rev=80217&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 16:33:54 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EC24 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 26 Jan 2023 16:33:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EC24 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 26 Jan 2023 16:33:54 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 3A4E 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 23:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 31 Jan 2022 23:00:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 3A4E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3wKAgdOUqaIPSFVGbasJhtzaBVqFcvA_hJTvv-eKp4hdNEreIJL0dC8v3OqFZQMymmNyZlwv6_iD3mkoozoNfIRS3N7CJBHO8XSAueO3FqmzcJHi976YgVVhUQgN2LStPRkJbbNNOYw3DjP9Lm_bW7ct2iw&dbm_d=AKAmf-D8oFhcCykmBS3nDn-9q_VHqlHbTWBFB2uVml53-sk8sYwheXWpt2sWQMBYxRbkgYO4ULHGmS9j5ma24M-kVX11qcDt3lR8r8el__bXIVbYHZ5DmCaVbLPiyldiqhXtbEr7KyKNpze2oj7Uai9C-tbmJh7_eVBCAsce_1_tXoJrRXEQYnfgEFoZbG6nIreBRpbo5WQnEhdk0o20r0llPOjFiGe4b8goAAleDihdICF9HI3FXD8PmahAQFAisJutoC2895cQlhOyELjlSp8ZA4LMDAGOALj5R6Bv5cfarbxPqvKw2CaO1kjdPNT78e5K0Ze8sLUhoZxHDmtmhf_w2GjiD1hUNclyv9EXO55AK8pb0cmp7Zr--8IBeuSgMN9mn3PcVXUqqBZHMLwJTb5ToGrJRtR9WYljawQib5MtaJ4tZR4Wax6Cx2DW1TZ5zVkZ_VB6kZGgGpzN1lbz5JeRAfA9YGC9p0jY8dW6LIWJUK7J1tNlAX_uksAQOcodW9F5PXsmnvnZPVZUGXVmYvdo463RsvIKoYWpp9xAD4bJtqh8vioQqE4T5Jh_FngkITKh9VvH6tyJ0JDqRkDTrxyfCS8WEvKUuoDEpjnqHsiYalGp7P3u_-20GtImEOY0dfMJA48J3QKGKVVFoJ7-lfyURqmVuwirV8AwcVhdgxENb9rJLoklNIfeeBBarCD0G-EcNtKRvXSxNcztCEfTTsx3sPNB5dIT7WeTLDUoa3F4fefsNIHLn0u3otYjtDWbH_4vWYIzIQKxmqmeT4mClb2IJZsRDH11pUkzMGizgIgjqRHcAhxgadJVLCChFj97TtBL3T_WQezsF1CpUY6OeY1xf98IoBzQyH30hD05Pv3mU4rFgdyuI9HF9cfDZlZORXR68KW8_QJapfjWWY8cgBKkF0bRwjJvkU13vcC4FRkLbOT4OWtSQr0K8FVmCeVOPex8vS8fBbZNRPf8d8-La7A6Cq1PcAWR77Cqxg0h-PlLhm1VNA2BgnHuQzstzHyf98YyPv9HV-61IPrDg6pEA9iywF0nE0Pgg-6FtwZLIUP4UTFTzWSUgmJRNVj9VRqF6ODawrCJEQ91LRhMjqIC53Fle77jzj6lO6EmhE0hXkyJPz6clCnXNjEQ3klCFbgN9STuwRndwVkhd5yv-KSHxenD7AhzXXDcqqR-JGfbTFs0gf_JNra-IyCL-BSbH3qQw1NISfIlB1TEnDuU0Q3-wXEQmLFKF4kQqd4HinREx9oQCdOfy3BUu2EumTmbtyTY7739BgioCafhsScRtJUE_ZNUlzpt2s0VgmPahpjiXAsMcdZdj9PXRhZ5nAsJZ1qvi9bWhUZn5cNxJmL05aXjk93pcLdb2zfSszmlxteTqPlpD5l7ta8Ddh-hjghzX80WBwJeC5fkJx_YMOI_VGIuUHmG-zklAOzCYlgketCW9l9DvPCgXyVrm_rFNR2LW0-ItGFu3R9fI-7rWnmNcCfytLPJADD9J8YbWFZtPiryDETVJKQc7YMk-tULVp8m47bdO1UExmCuznycX3M5lcbOIQkjpf1qWMXOnWgbkLOx9j4ji86dYz_U0wgdKYY9ImgXNJydqIEs42dmoGa2817ojQ2Hu-6ZJmpxCifw9tN6BU4i03eLt0dugxovcFdEKGjXD5hxWZyAfC0dpOPhPNWaFYAH-a6KPg6irOq7FIKXfO5GPfdc10jjvKyn4v2eItZ4S0BQShaizd437OFLbDEZv8fxON_m1Y4DAM_yVXsPGO3PBFZYallDEEYX2aO_cieldAo3nSkKIb33NkZOoNW_fMZzz-SG625Vwtmg1qEAz14cmWG7LYclTUvkoj8bX4XNTsdjmtW46MdlI4L4FKOxlFvK62fG3LuDIGxtswAji3bRGUxGEiiCI5Cba3cO2KgIKPBIEXw8v4c-Tp_l2C_7ImQAkB0mDNJA8eujyM4YbJ9NClqUauhIvyb95MLiE9QO7HQFxRRBc4gIxgWkl4Zg2E1HxcIK81WoZ0YWoGLzrjBfv41oeCmqfx6qN0_LGyp3TNjTfIwgLfl-kleD7lCCy5KI7ekQawjSYq7a_cbuTgZfuI4NihJHsoam9dnk6N_f-sy7b-_sGHFTfH7rj7i3yaiIZPsfVpnMOqUKm54syXnCV-QqtRxnpGIF6wtPCorx8yM1B12yPBa7a2yo9xzEiiX8SVgONWYrE6963qJxgnSxq2VcTjXtaO3O5ZCSMgYHg8UCP_QnDwFh80fV8UHhevShEufvGgSmYoEbKtAURLWZ49Hk6AAAmtPI3N8-mB8Oshmzj0uuNBTxRlmCyH3SuXjEMEOz-1LJZk9UH9ToQzMo7bu4WsUxLR0OtGcnEIroLsuzGDKerEBMP1KVI9ejr1PvQr24DEsv4V81KlRfH5OLaN2UdzHRUeQFiKO4yfLgiLlJmmapUYmX4PIMS8BjWbwdfdkvtB0fDialOtLUZozNaWbqu4mT30FsYIhlbUBLNWPVVWjpaMAUC-28slV5oDQsYmjN4YGcIEa1WnRPqnwPJVE0DYyC7L1sEJFI75JnqITGNJabqY41FOIZ8ggfflnKkspHGkl0pxMHnoVLi2ENDgBHQmeLikoxXrmOuwbllmHJBckynVst61XynZQIXr_PAcFBMmODLG0-bjBISPMo2-ONXvPmJ8oHaFauMsB8fFze26N1Os3GsJKisdrDIJJL_Q34_mMYi0dg5NHJcDpu_pamjT9a2eAhFyb1Tryg1_5xYRRDaGrn9tYKqDreiekqqYxWIkIKP36AQRY6oJoG2Tr4Wjr3sovFMaPsfDXqHqr0e0F0ngd6Fh3rYKloM8GCNtJysZQ6q-Mxwo6Bs7g-yf--VHyY7JuelfkoRdtEgHbs6nmAVV2zfp0aqFJ_iPo1cPdUAZ3dV3cGD1w1Rc1EQicwxHTkZ3VShU435kthOMW5zbRXvv1d2Rx1Wp2Z6I-Tjcuwe4WFGd7ltNEyGMj9aqMFHyojvfJGOkmu0gCiAVHJDN097-CFDbDod-QaPB4sCO0GfKtr2iyckRcXpQETjY79Y3fDlSPdsq5uJtonciTE3IhG1oNawmdAIssrtax-ywt68lpWPIrCqpR88aDBsZDTCkXkdxe8dh6HbzWc7oGhoH7EBbzJDOj99wTMMLq6jgpQkdcaKQr5sdxK2x_jTOD_iKU27toB_sJv2KnaXGcsAyJBeO6l&cid=CAASEuRo97_5wT3OTefaP3zQlOGgkQ&rfl=2%2Chttps%253A%252F%252Fwww.kokomotribune.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:28:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 3A4E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3wKAgdOUqaIPSFVGbasJhtzaBVqFcvA_hJTvv-eKp4hdNEreIJL0dC8v3OqFZQMymmNyZlwv6_iD3mkoozoNfIRS3N7CJBHO8XSAueO3FqmzcJHi976YgVVhUQgN2LStPRkJbbNNOYw3DjP9Lm_bW7ct2iw&dbm_d=AKAmf-D8oFhcCykmBS3nDn-9q_VHqlHbTWBFB2uVml53-sk8sYwheXWpt2sWQMBYxRbkgYO4ULHGmS9j5ma24M-kVX11qcDt3lR8r8el__bXIVbYHZ5DmCaVbLPiyldiqhXtbEr7KyKNpze2oj7Uai9C-tbmJh7_eVBCAsce_1_tXoJrRXEQYnfgEFoZbG6nIreBRpbo5WQnEhdk0o20r0llPOjFiGe4b8goAAleDihdICF9HI3FXD8PmahAQFAisJutoC2895cQlhOyELjlSp8ZA4LMDAGOALj5R6Bv5cfarbxPqvKw2CaO1kjdPNT78e5K0Ze8sLUhoZxHDmtmhf_w2GjiD1hUNclyv9EXO55AK8pb0cmp7Zr--8IBeuSgMN9mn3PcVXUqqBZHMLwJTb5ToGrJRtR9WYljawQib5MtaJ4tZR4Wax6Cx2DW1TZ5zVkZ_VB6kZGgGpzN1lbz5JeRAfA9YGC9p0jY8dW6LIWJUK7J1tNlAX_uksAQOcodW9F5PXsmnvnZPVZUGXVmYvdo463RsvIKoYWpp9xAD4bJtqh8vioQqE4T5Jh_FngkITKh9VvH6tyJ0JDqRkDTrxyfCS8WEvKUuoDEpjnqHsiYalGp7P3u_-20GtImEOY0dfMJA48J3QKGKVVFoJ7-lfyURqmVuwirV8AwcVhdgxENb9rJLoklNIfeeBBarCD0G-EcNtKRvXSxNcztCEfTTsx3sPNB5dIT7WeTLDUoa3F4fefsNIHLn0u3otYjtDWbH_4vWYIzIQKxmqmeT4mClb2IJZsRDH11pUkzMGizgIgjqRHcAhxgadJVLCChFj97TtBL3T_WQezsF1CpUY6OeY1xf98IoBzQyH30hD05Pv3mU4rFgdyuI9HF9cfDZlZORXR68KW8_QJapfjWWY8cgBKkF0bRwjJvkU13vcC4FRkLbOT4OWtSQr0K8FVmCeVOPex8vS8fBbZNRPf8d8-La7A6Cq1PcAWR77Cqxg0h-PlLhm1VNA2BgnHuQzstzHyf98YyPv9HV-61IPrDg6pEA9iywF0nE0Pgg-6FtwZLIUP4UTFTzWSUgmJRNVj9VRqF6ODawrCJEQ91LRhMjqIC53Fle77jzj6lO6EmhE0hXkyJPz6clCnXNjEQ3klCFbgN9STuwRndwVkhd5yv-KSHxenD7AhzXXDcqqR-JGfbTFs0gf_JNra-IyCL-BSbH3qQw1NISfIlB1TEnDuU0Q3-wXEQmLFKF4kQqd4HinREx9oQCdOfy3BUu2EumTmbtyTY7739BgioCafhsScRtJUE_ZNUlzpt2s0VgmPahpjiXAsMcdZdj9PXRhZ5nAsJZ1qvi9bWhUZn5cNxJmL05aXjk93pcLdb2zfSszmlxteTqPlpD5l7ta8Ddh-hjghzX80WBwJeC5fkJx_YMOI_VGIuUHmG-zklAOzCYlgketCW9l9DvPCgXyVrm_rFNR2LW0-ItGFu3R9fI-7rWnmNcCfytLPJADD9J8YbWFZtPiryDETVJKQc7YMk-tULVp8m47bdO1UExmCuznycX3M5lcbOIQkjpf1qWMXOnWgbkLOx9j4ji86dYz_U0wgdKYY9ImgXNJydqIEs42dmoGa2817ojQ2Hu-6ZJmpxCifw9tN6BU4i03eLt0dugxovcFdEKGjXD5hxWZyAfC0dpOPhPNWaFYAH-a6KPg6irOq7FIKXfO5GPfdc10jjvKyn4v2eItZ4S0BQShaizd437OFLbDEZv8fxON_m1Y4DAM_yVXsPGO3PBFZYallDEEYX2aO_cieldAo3nSkKIb33NkZOoNW_fMZzz-SG625Vwtmg1qEAz14cmWG7LYclTUvkoj8bX4XNTsdjmtW46MdlI4L4FKOxlFvK62fG3LuDIGxtswAji3bRGUxGEiiCI5Cba3cO2KgIKPBIEXw8v4c-Tp_l2C_7ImQAkB0mDNJA8eujyM4YbJ9NClqUauhIvyb95MLiE9QO7HQFxRRBc4gIxgWkl4Zg2E1HxcIK81WoZ0YWoGLzrjBfv41oeCmqfx6qN0_LGyp3TNjTfIwgLfl-kleD7lCCy5KI7ekQawjSYq7a_cbuTgZfuI4NihJHsoam9dnk6N_f-sy7b-_sGHFTfH7rj7i3yaiIZPsfVpnMOqUKm54syXnCV-QqtRxnpGIF6wtPCorx8yM1B12yPBa7a2yo9xzEiiX8SVgONWYrE6963qJxgnSxq2VcTjXtaO3O5ZCSMgYHg8UCP_QnDwFh80fV8UHhevShEufvGgSmYoEbKtAURLWZ49Hk6AAAmtPI3N8-mB8Oshmzj0uuNBTxRlmCyH3SuXjEMEOz-1LJZk9UH9ToQzMo7bu4WsUxLR0OtGcnEIroLsuzGDKerEBMP1KVI9ejr1PvQr24DEsv4V81KlRfH5OLaN2UdzHRUeQFiKO4yfLgiLlJmmapUYmX4PIMS8BjWbwdfdkvtB0fDialOtLUZozNaWbqu4mT30FsYIhlbUBLNWPVVWjpaMAUC-28slV5oDQsYmjN4YGcIEa1WnRPqnwPJVE0DYyC7L1sEJFI75JnqITGNJabqY41FOIZ8ggfflnKkspHGkl0pxMHnoVLi2ENDgBHQmeLikoxXrmOuwbllmHJBckynVst61XynZQIXr_PAcFBMmODLG0-bjBISPMo2-ONXvPmJ8oHaFauMsB8fFze26N1Os3GsJKisdrDIJJL_Q34_mMYi0dg5NHJcDpu_pamjT9a2eAhFyb1Tryg1_5xYRRDaGrn9tYKqDreiekqqYxWIkIKP36AQRY6oJoG2Tr4Wjr3sovFMaPsfDXqHqr0e0F0ngd6Fh3rYKloM8GCNtJysZQ6q-Mxwo6Bs7g-yf--VHyY7JuelfkoRdtEgHbs6nmAVV2zfp0aqFJ_iPo1cPdUAZ3dV3cGD1w1Rc1EQicwxHTkZ3VShU435kthOMW5zbRXvv1d2Rx1Wp2Z6I-Tjcuwe4WFGd7ltNEyGMj9aqMFHyojvfJGOkmu0gCiAVHJDN097-CFDbDod-QaPB4sCO0GfKtr2iyckRcXpQETjY79Y3fDlSPdsq5uJtonciTE3IhG1oNawmdAIssrtax-ywt68lpWPIrCqpR88aDBsZDTCkXkdxe8dh6HbzWc7oGhoH7EBbzJDOj99wTMMLq6jgpQkdcaKQr5sdxK2x_jTOD_iKU27toB_sJv2KnaXGcsAyJBeO6l&cid=CAASEuRo97_5wT3OTefaP3zQlOGgkQ&rfl=2%2Chttps%253A%252F%252Fwww.kokomotribune.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:21:24 GMT
users
dmx.districtm.io/s/v1/ Frame B665 		0
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d64582eae1615a7-EWR
access-control-allow-headers
Origin, Content-Type
async_usersync.html
acdn.adnxs.com/dmp/ Frame E8C5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 31 Jan 2022 02:33:15 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Mon, 31 Jan 2022 16:33:55 GMT
Via
1.1 varnish
Age
50439
X-Served-By
cache-lga21976-LGA
X-Cache
HIT
X-Cache-Hits
106651
X-Timer
S1643646835.145473,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 23DF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 31 Jan 2022 16:33:55 GMT
Connection
keep-alive
generate_204
tpc.googlesyndication.com/ Frame B64D 		0
0
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 31 Jan 2022 16:33:54 GMT
cf-ray
6d64582e4e828c53-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
sync.html
cdn.concert.io/lib/bids/ Frame 26D3 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.concert.io/lib/bids/sync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfcdc5bb514538c16b96948274609c06a933ee0f19dd90e3086f887a7df0e79b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

x-amz-id-2
PciGfZ6k2PlrqgMgPuanSXr3EL5QfyxeCHf154Az5YCHPvIcDLMlXK867yGdAmmX4FuwN+CEz10=
x-amz-request-id
1FGQZMTYDKBHKT6R
last-modified
Mon, 10 Jan 2022 19:14:41 GMT
etag
"2e249336f5d89d6f82c998cf8004a382"
cache-control
max-age=86400
content-type
text/html
server
AmazonS3
access-control-allow-origin
*
accept-ranges
bytes
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 varnish
age
39281
x-served-by
cache-lga21980-LGA
x-cache
HIT
x-cache-hits
333
x-timer
S1643646835.183944,VS0,VE0
content-length
4617
ecm3
s.amazon-adsystem.com/ Frame B665
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUlVSbTVGYkcxRVYxUk5hekU1VFc5NU4yTnBiRVpYVW5oRiJ9.ylG41dXV-7uTjrOq-PItwt...
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUlVSbTVGYkcxRVYxUk5hekU1VFc5NU4yTnBiRVpYVW5oRiJ9.ylG41dXV-7uTjrOq-PItwt76_kT-w1jUIqWXcC0_jbrio1HDLtmQUJI6fUgD-fBZyNv2m3Sbic9SzFq3p76TLw
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_ox-db5_cnv_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZC4MCS46NW0WD72QFWWZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUlVSbTVGYkcxRVYxUk5hekU1VFc5NU4yTnBiRVpYVW5oRiJ9.ylG41dXV-7uTjrOq-PItwt76_kT-w1jUIqWXcC0_jbrio1HDLtmQUJI6fUgD-fBZyNv2m3Sbic9SzFq3p76TLw
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d64582fc8c815a7-EWR
access-control-allow-headers
Origin, Content-Type
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5376 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthVB88SL3QyMlWoTWK6o2FeOTuVj3Uq3iM3dqngRwOlc0pGmncUG4PIVRQxBFgQjTYFBWfAmxFxfMKAKzjds50-hmSn0KDmGOTupru8XuYyIs87NRJwIChdf_6E_B08JQuB_SyOY4YJERh7VOklx8xlFD0O-BdZwHTTQSqrLEhh23EN0rxxZbshrk2SCYMAEjOtt2O2y720f6whzHRw4jlYQMYbNyXqXTYsgoRyffSo7qzrcnCbFOTSg0-KOKFtH75lSsKYYYjQbkr0DQK5Et4AIwUgPqrV53fCxdxUrzHBGME7nocPBYGXDK5fe404n4b838V2PAevBuIijngionl9TU&sig=Cg0ArKJSzP44sOCZBGN4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
www.googletagservices.com/tag/js/ Frame 5376 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
3206fdc6e78c7dc5e95b43ad7cc459d965ff026e828a31612bc056eb839d0555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27095
x-xss-protection
0
server
sffe
etag
"1118 / 270 of 1000 / last-modified: 1643639060"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 16:33:55 GMT
pubads_impl_2022012505.js
securepubads.g.doubleclick.net/gpt/ Frame 460F 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:50:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122166
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 31 Jan 2023 04:50:45 GMT
pd
us-u.openx.net/w/1.0/ Frame E217 		1 KB
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
2fe9954eaeba447705b53b2a15d7e7e0eb5f368d5eb9ade97ab202e665e71dc7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 31 Jan 2022 16:33:55 GMT
content-type
text/html
content-length
617
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame E8C5 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0153bf20-dfcd-40ca-8080-4475edc42789
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8531 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17e3295cd80573337b402a9e5266de82c451b52e934d011480c4c0bd6c6eb2ad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|88|51|40|90|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 31 Jan 2022 16:33:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
Content-Length
1668
Connection
keep-alive
gen_204
pagead2.googlesyndication.com/pagead/ Frame B9F8 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012601&jk=4113451364258125&bg=!39yl3JjNAAY6OBv_Ojg7ACkAdvg8WlTL0fFVlJbeIXn-X9kebc94IPQbcE8NOzRCVURg9h25qgA-UwIAAADNUgAAAAJoAQcKAESLB-Qkm9PgIufVR5fIWO8NovQIkE47-PicEywuk3_DXy9QSa2AOHeQFnmuhTqpnmM9lFPp7pU-2t9mU7ec2RNFBUy3P5kC22wble28s1FpR6Ft_IhWW649H274hqyu_gJKqtUyx-dVDZ-e3PPoxWhPOUM_K9666lE8pAfk6KDbtwpt2zAD7yk13cjGwlHI8SszhF4n8wvr09W9g6c6W8aU9_HZao06Hxrwmgv21npHrIXQgDfFDaunPUjuXzG3YshxSUN2Skszcx5ULhJ_0K4aBEzlOjKgI69iu4jAS3-jgASXdbXYAhETc6zlf3Q0l9Sj-Owza6UNITK_qn4GcVMl7o11fltC3HJkya0INzE1lysdKGl6qsTsibnFFpyYJ-JQ0XEDs3wBxnh-A4btxDPCQWlK3qyv3N1soC8ecqf84Sn4xfWj7ST31hbm_cg0DaTAMINYlF1lCmVn9BZ0MrQWcEnp5hOPQxaH1XTA0HuzOpOUi9SJYXAZFhm3_eHBDOSdoZ6bZyCF_nSiVwLvbRfZgZfzIYCj80ZhruUwsqQIoriTCu68Tljr2k_aYN-0g29VLxXO_g99ZG26BH0LMicjVzCp68x5ZsHpGYVNLhDSledH8posY9uwdvmbA4Dqol2QiI1Zgwfam8FirBrOn3PM5SFOOIjcWPFdAXxsigXDmUbsNSnu_aA87Qb77LHx8DG8sL_IEcU6TnWtVFfCbdpSBGEhJPano9lnGgQQxoBkMVKqgHUcoLFFyn3i7Bzy8jxOWvEqoQcgJ9-0HwcjAzkQcYniudXlVytZ6ji8yOVRJ1Qlov-Bq2lf3MyYp_GgYZi6oyD5u54s55oxn0rLxnE-M1SSirwjb-wz3Pojf44uMl3QrFBWNZr-G3I8xKMhqE4xm6uK2jFKk83N-CCLLVkxIZUPom9DnDxv4Eb31f_SPcnBfwEvvP-4We4ujEL47YlwGZXfPwIO6TNgrrvY8CfKGziKhzPreF_DCbcwfqVwpAAz53_4JkR9Tp8Yz0CWrjXB316H3nO-Uc0lKxv2V_52qauaf02wBw9t58oCCZOKwZsD
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wintergames.ap.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@2/src/ Frame 26D3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.concert.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
19649
x-jsd-version
2.2.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-ewr18146-EWR
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d6458323b003354-EWR
browserify-consent-string.js
cdn.concert.io/lib/bids/ Frame 26D3 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.concert.io/lib/bids/browserify-consent-string.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d44c04da1087e1be35a57ee5c975dc715c1aa92c31fd0233b3f7cd7014f1dcb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.concert.io/lib/bids/sync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 varnish
age
1162704
x-cache
HIT
content-length
38796
x-amz-id-2
WnN/jjmf3+PPUzkhN/QTPMA6KNZ+DP4wZ/1Ls9zOtJM0ELRnX8NQn0txfdItprc8akBgVZ6LGeQ=
x-served-by
cache-lga21980-LGA
last-modified
Thu, 13 Jan 2022 20:43:02 GMT
server
AmazonS3
x-timer
S1643646835.254346,VS0,VE0
etag
"c8cdc96a2fa10f85ee91bb03aee93132"
x-amz-request-id
NHRKWNTVAMSTVRQS
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
20430
css
fonts.googleapis.com/ Frame EC24 		3 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f10.1e100.net
Software
ESF /
Resource Hash
79fd81f44308bea1a5f9134ad14851c0c7b520439085c4d92879ce17bf21538f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 14:42:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 16:33:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 16:33:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3A4E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 04:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215767
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Jan 2023 04:37:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B599 		1 KB
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 30 Jan 2022 19:21:13 GMT
expires
Mon, 31 Jan 2022 19:21:13 GMT
cache-control
public, max-age=86400
age
76362
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3A4E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b5fa6ea24b22d8bc890c231bcb9026f574774d4b128073742a3e23663152c0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
async_usersync.html
acdn.adnxs.com/dmp/ Frame 602C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 31 Jan 2022 02:33:15 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Mon, 31 Jan 2022 16:33:55 GMT
Via
1.1 varnish
Age
50439
X-Served-By
cache-lga21976-LGA
X-Cache
HIT
X-Cache-Hits
106652
X-Timer
S1643646835.483765,VS0,VE0
Vary
Accept-Encoding
integrator.js
adservice.google.com/adsid/ Frame 460F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 460F 		48 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2639884059872518&correlator=1159578771531579&output=ldjh&impl=fif&eid=31064621%2C44756897&vrg=2022012505&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=5284%2Csyn.cnhi%2Ccnhi_engage_reflex_ron_payload&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D374a31865e245bd0%3AT%3D1643646832%3AS%3DALNI_MaeqgkYwMwf51rW-gt6jIMLq1OKeA&cdm=www.kokomotribune.com&bc=31&abxe=1&dt=1643646835486&lmt=1643646835&dlt=1643646834724&idt=584&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=421&oid=2&adxs=235&adys=8961&adks=4021609713&ucis=tww8jta2vqsv&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=about%3Ablank&top=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=1x421&msz=1x421&ga_vid=368398424.1643646830&ga_sid=1643646835&ga_hid=839094587&ga_fc=true&fws=260&ohw=1&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
5198ce706f1b96c34ddce2f3f337b6e9b9f4938a47f2be93c029a93341bed17f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15590
x-xss-protection
0
google-lineitem-id
5650442629
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138343928427
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 460F 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012505&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b018ab4c2ffb1c6f58d78dedc038cab87b798c961c45881cd3363a9cd3bc0272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9099
x-xss-protection
0
container.html
6358cc6f43e096b69013ca8fbe8a0fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E72 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6358cc6f43e096b69013ca8fbe8a0fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 16:33:55 GMT
expires
Tue, 31 Jan 2023 16:33:55 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
White3600ChildTest_HT5_728x90.html
s0.2mdn.net/sadbundle/5751141524754661376/ Frame BFE3 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
sffe /
Resource Hash
843970bb349e976ea74cbc5f9e3f8a90234926e7f6b36f8f0e3c59a492505657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
4171
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Tue, 25 Jan 2022 16:09:52 GMT
expires
Wed, 25 Jan 2023 16:09:52 GMT
cache-control
public, max-age=31536000
age
519844
last-modified
Mon, 08 Nov 2021 19:52:57 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 3A4E 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCcgK62wfBkzPw6zof8S_w0Mf00Oir1mOJKJBtNB3J5XSRFK_xY7wAkGeBJwUpXdm1kjSLLrJt7P4PQn8dzeCnDYa7m1z8N3ihYmxgBEwiYe4CdXGq4CZ-WkPjdS2N9uNk6bzSxSNz6nt5Zrg4ULfIAsumUryRIl34fV1FwI4w3yIOJc4N0Y3EeCkWdSKcT6aKz-u3cas5g3xGwvsm2gm3J0U4Niq6I1JfQZO2h8jit-zp47Izco4W9VOAn3IoKMXqJ1vrGEexxLRWr39rJVtMHiMuq5iM8F6SmGUEASPva_kkZjdDWsJsHywZofBCd0ht-d4yUGUJYytaKfjqz9fusoLTRrTzH4-iZI1DfASV-xzZR5AD2yx1MOgR8aFSFFdsuVW_I0eQMEfYpAdj8aEUP_KGOSlJGKRm8zgydRXlKF_f7HMIR1A567ynX9hGIRjM-R3n3YsO9zpjAsXRUPGA4Po5vD9uAns-v0jC4gbYOxlkhQMSWitJGD-6WixjsgZ6E5jevV8OF1F8gcgkSwChTwBYI6WPsn0W2K6xvlpdmvtDI6FREbnk2fu-gIP-Euu9a_ZPXWYhWv0c08z9NMQ8n6ovIw2HN7yLJ9cL0V1nKdoIL4NwvR5SgF4TGM93PGX4_Pd_mUwZlBnhGuczFXQKSLw26fYwtc-Qore3XPB-aArlBI39kzuZkix-0JWLBjLqCcdzKI7Q5hgbB40X8mRw-AAmiJkRS-lMpaFlyLpERdTqaiXi0JEO6vcMdeNV0oB2y60cnrzbj71N1FGt0sAc1JfrQi-OrIl5bj0EOD5HmyjxX81UmVlAKicc9KtjsNDp54AmA-nHNYM7N12IP98rgdX6_MbWkMs33p3ljq4Qf6LGopPuxdV_mVu96cDItUMcQmMEp9HDzX1-hRwmxu_YNOIWCEa7b5F7-WH97WzyJ3WDVrxPEzPMzLDgOjSVEfvp20Izk3mwydPP-6MNc2wnIB-fyByVxGcDbKwXNfiNA3R-tY7-hWYYw3O_Tzew9WY1pjKxkdbQOGzJoS73Bo1ZTF_R5gHaVFUYXagnFEclO98r3eWWnZ9vad3gHnXnreUz0SZJhRE9GbSXgVWiIdQgAr26jnBlaDFkO23UXT_9WkqoeGmrKPwmTT_KEZwnF7G9K15eU-ghj_0BSsqf3YuQAQZTJqbYd1PF7bTzpWQquur_7NO83VbVMJnYto--aCW38Ki2IhPnh_Ztju9SDrms-DmtJxmyTQhimxjCZl8&sai=AMfl-YRZJU-fVXR_quciZ3XaGP0_ZE_89maUqmP5LK3oeG6IGQwOWcATnQmwRDLqdnARTq5AsDXydNrMLwpG_GJJBuZ3WEul3I26vYry1ySVFd-mK1vBuhujVyfMIDz6aLL3liRklvXhJVgWQXPNPYzHZ059t9n1Iw&sig=Cg0ArKJSzJtH5vyuQv2zEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=607&cbvp=1&cstd=603&cisv=r20220126.28771&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 31 Jan 2022 16:33:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dds
rtb.openx.net/sync/ Frame E217
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=NjxVXLgrws8KnAIMCDYLcQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
c9s5k4dpkmma4ef80tflo175hhq1uah8

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E217
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=6a6661f8-0f72-4100-92ed-e1893d6cb49c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
MT3 4133 baa842e master iad-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 16:33:54 GMT
sd
us-u.openx.net/w/1.0/ Frame E217
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=946cd5fe-82b3-11ec-a9bf-a10e15a78249
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=946cd5fe-82b3-11ec-a9bf-a10e15a78249
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=946cd5fe-82b3-11ec-a9bf-a10e15a78249
Date
Mon, 31 Jan 2022 16:33:54 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
95361887-82b3-11ec-a949-97d950594b2a
sd
us-u.openx.net/w/1.0/ Frame E217
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:54 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame E217 		95 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=ef14ac9c-4aaa-4666-a609-d66de8a3f0c7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame E217
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=c7ae5ce9-c9c7-41a8-bfcf-8fb14c8cc5a2
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=c7ae5ce9-c9c7-41a8-bfcf-8fb14c8cc5a2&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=c7ae5ce9-c9c7-41a8-bfcf-8fb14c8cc5a2&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=c7ae5ce9-c9c7-41a8-bfcf-8fb14c8cc5a2&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
date
Mon, 31 Jan 2022 16:33:55 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
47154.gif
idsync.rlcdn.com/ Frame E217
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=bcaca006-dcea-4d81-b391-ce48e2b45013
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=6a6661f8-0f72-4100-92ed-e1893d6cb49c
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
MT3 4133 baa842e master iad-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 16:33:54 GMT
sd
us-u.openx.net/w/1.0/ Frame E217
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4909702476009743137
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4909702476009743137
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
165cbb59-addc-4349-9743-de892af4d38c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4909702476009743137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E217 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=b1bca31d-0d07-c01b-2ce6-cc2cb31cfa2b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RN9B0M86EKF6W9C44D54
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E217
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3949519880991651774&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3949519880991651774&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3949519880991651774&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
index.html
cdn.districtm.io/ids/ Frame 97DF 		116 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-type
text/html
cf-ray
6d6458322c9315a7-EWR
age
9757
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 b2cb5873eebaf86981435722128eab72.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
3d4nvkxPodskpDd3J_Qb5CfBL2pmOqUOALdG3LpWBGaBMmdzrHv2Tw==
x-amz-cf-pop
EWR52-C4
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
crum
dsum-sec.casalemedia.com/ Frame 8531
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4909702476009743137
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4909702476009743137
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:55 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
24c7aa81-82a9-403c-a75b-0b89ae366043
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4909702476009743137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8531 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.85.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-85-233.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8531
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB
43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
107.23.85.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-85-233.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB
date
Mon, 31 Jan 2022 16:33:55 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 8531
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfgPcgACvaPt5gBH
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfgPcgACvaPt5gBH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:55 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643646836.634547,VS0,VE0
x-served-by
cache-lga21923-LGA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfgPcgACvaPt5gBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame 8531
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=2df56434-c37a-4e45-ad98-ed466aaab7de&ssp=index&expires=30&user_group=5&bsw_param=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:56 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Date
Mon, 31 Jan 2022 16:33:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 8531
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:55 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:55 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=72F68BF5CAC442F6A9C7DDC6AF708C4C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:55 GMT
crum
dsum-sec.casalemedia.com/ Frame 8531
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6a6661f8-0f72-4100-92ed-e1893d6cb49c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:55 GMT

Redirect headers

Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
MT3 4133 baa842e master iad-pixel-x16 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 16:33:54 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8531 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YfgPcVN.dLfCtiUyYqeTcwAA%26989
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:55 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3427
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 17:31:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0B31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG3oTgT6sYjVeP6nacE2OLLCDtumraMJ-IOuh2ikvOGxF_NYBrdZ-YO-dyvl00MIX9kzP46bnjg7GzK3x4l-tUGCbfnGYivMh4iVQD9EnDuyiQZ2CbaDrWJ9Rl8qgPsljKx2piP7BvvJJA3fLI0_CedoDwZZ61QsqMeaFhYzOWdY8EcnpiPSHXKtkyFzxDFl3-WLmv5RtQlNGYzq3nKawGAOG_A71uifLqO3R1M7JddIQRUyC3L__4OJWAjxx_VQrmC06EEW6Xwc88jSlIepJt27zNKto1yz3Ozeyq4LokhEUNzayi4n-X9PR86mWMEA&sig=Cg0ArKJSzBLoGyrwsGYoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
npm.readable-stream.e129657a.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.readable-stream.e129657a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C69) /
Resource Hash
ef852aeb7f2795abec2dea2a79492ad843579c0ff531d68c47d6ec5ab58cd19b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28079247
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
10052
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C69)
etag
"8643-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
944918619 52514170
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 15 Jun 2022 15:38:29 GMT
npm.parse-asn1.e151f65d.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.parse-asn1.e151f65d.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D3) /
Resource Hash
99762b0fe5da9809648a083071dcf3cde2776217ee4bde215976d6ee2cb25bcc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28335277
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2138
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79D3)
etag
"1d13-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576513075 714291275
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 16:31:18 GMT
main.dd28bbab.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		176 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79A1) /
Resource Hash
387c9eebae04bce02e1ab7d9aef2dd386d5b9e243396ac3f3c1a202c6e82c551

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
3522302
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
48487
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/79A1)
etag
"2c1c8-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
451275657 451612319
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:25:32 GMT
npm.bowser.bd648522.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.bowser.bd648522.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7925) /
Resource Hash
1165bead2354eab83a4d6883fc2144fca8870a4d2454b4a5aa24e7e4a9239540

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208486
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5736
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7925)
etag
"64e2-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619575154 750547209
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:30 GMT
npm.minimalistic-crypto-utils.444b30c4.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		675 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.minimalistic-crypto-utils.444b30c4.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7988) /
Resource Hash
31a97591328133bb55503ae04ccaaa5a65385d77a13dce3b67d2e4bf601bc1ca

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28407618
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
416
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7988)
etag
"2a3-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128122416 213824815
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 20:25:38 GMT
npm.public-encrypt.ed3dbb13.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.public-encrypt.ed3dbb13.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/798C) /
Resource Hash
55cd050874e30e1598e9f18f7e5eca36ba29c683f5f7bbadfb66a1116e28ccf5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28412130
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1230
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/798C)
etag
"c07-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576820448 618529768
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 19:10:26 GMT
npm.process-nextick-args.cd8ecdea.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		743 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.process-nextick-args.cd8ecdea.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B7) /
Resource Hash
2e1138781e8e7bbfbd486a9b43ad0a5179db2fbd5a14ce5cdf65276f8346bfe9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27172367
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
389
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78B7)
etag
"2e7-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619853034 986811315
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 26 Jun 2022 03:33:09 GMT
npm.browserify-sign.13357932.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-sign.13357932.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E3) /
Resource Hash
d73a9ef42ce935d5eec29ddae519788aaa5512d7f6ad0480a5211b6ae458fa04

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2307
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78E3)
etag
"1cfc-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128218325 260060321
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
url_lists.2f498c63.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/url_lists.2f498c63.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7962) /
Resource Hash
5912c5a55569ea3ad9889a9e21fa23dd69ef3aa5e4a4c656158d5aac68734d5c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
8203929
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
3064
access-control-allow-origin
*
last-modified
Thu, 28 Oct 2021 16:41:07 GMT
server
ECAcc (nya/7962)
etag
"214a-5cf6c608faec0"
vary
Accept-Encoding
x-varnish
753685949 944888468
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Nov 2022 14:37:32 GMT
npm.sha.js.adcf856b.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.sha.js.adcf856b.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/792C) /
Resource Hash
bc5659878681c2cfd30d8d38093f1c48f76da8b9dad30d9e1341a8f0febedc98

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26332728
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4043
access-control-allow-origin
*
last-modified
Thu, 01 Apr 2021 16:43:13 GMT
server
ECAcc (nya/792C)
etag
"2c70-5beebed658a40"
vary
Accept-Encoding
x-varnish
576513066 672385051
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 05 Jul 2022 20:47:08 GMT
npm.create-ecdh.d4d5598f.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.create-ecdh.d4d5598f.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78DA) /
Resource Hash
22b4bf26b9c79e0b28e89503a4de4f9153994acdf351d89fc46e3700b5fa7d7b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28412205
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
725
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78DA)
etag
"6be-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128367324 206538351
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 19:09:11 GMT
npm.minimalistic-assert.2c8db5a9.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		239 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.minimalistic-assert.2c8db5a9.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6C) /
Resource Hash
c60d1063c74ade5dacbd166ae119e9d688db02715841e21ae826b9d62564ebe2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28125944
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
172
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C6C)
etag
"ef-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
945066667 44503552
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 15 Jun 2022 02:40:11 GMT
npm.brorand.7e675032.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		967 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.brorand.7e675032.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7951) /
Resource Hash
f52e9002abc398d96cb4903116e78cbb295184cdc9749851ac7f1923e8e9c0a2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
417
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7951)
etag
"3c7-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619669864 752628015
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
npm.pbkdf2.85be0737.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.pbkdf2.85be0737.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C23) /
Resource Hash
82620a235ce91107a5c9dc947947a0b36f5646d951b072653bfd23929388a30a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28418043
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1488
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C23)
etag
"d44-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576693931 556041109
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 17:31:53 GMT
npm.stream-browserify.f3f44d3a.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.stream-browserify.f3f44d3a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7923) /
Resource Hash
46b5efe32423049467d41586b84962af93f154b542ca4e34ea0216ea7747f186

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208465
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7246
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7923)
etag
"60b1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576513071 708824591
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:51 GMT
npm.buffer.c24ca057.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.buffer.c24ca057.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7889) /
Resource Hash
6bc2b8fea24fa1c8b174c7129eb2061dd61cb439252efcf3350a418ff38721dd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208622
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5914
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7889)
etag
"4dc5-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128218327 259685364
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:14 GMT
npm.browserify-rsa.aec77900.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		855 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-rsa.aec77900.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/798B) /
Resource Hash
7e532c6667b369f30bf9705a22be3a86eaa889e73c0e21f024b37ad0d15fcc6a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208461
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
448
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/798B)
etag
"357-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619597792 752690865
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:55 GMT
npm.webpack.78d57302.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		518 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.webpack.78d57302.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C61) /
Resource Hash
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208470
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
290
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/1C61)
etag
"206-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128367326 259930596
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:46 GMT
npm.util-deprecate.1d4ec36e.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		482 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.util-deprecate.1d4ec36e.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/796D) /
Resource Hash
caaee24e77e651e2ab22df93ca029110656a63d4cf16aeeedd468e6cb4c5f3af

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28248170
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
303
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/796D)
etag
"1e2-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619669866 776243581
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 16:43:06 GMT
npm.ieee754.b56c57d9.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		948 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.ieee754.b56c57d9.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78F5) /
Resource Hash
d7ff38ea460ae85369bd6b231f50383eb1a78dda3d1bacaa0f04282f68dc6a8f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28335471
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
537
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78F5)
etag
"3b4-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128457504 263790910
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 16:28:04 GMT
npm.browserify-cipher.6ee32eed.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		1 KB
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-cipher.6ee32eed.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7955) /
Resource Hash
9004d4ff1ed09b144291fcf6fcaa0957a370976bf762fe634100f297effc9e9f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
400
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7955)
etag
"422-5c2b015d70900"
vary
Accept-Encoding
x-varnish
571261844 709268658
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
npm.crypto-browserify.77f1b6fd.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.crypto-browserify.77f1b6fd.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79CF) /
Resource Hash
b5683bbd63409ac9da7ca876364fd5e0e88b53adaa98b7c95fe2ce448a217ac5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27772878
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
819
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79CF)
etag
"736-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
464922100 704003033
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 19 Jun 2022 04:44:38 GMT
npm.randomfill.9244f3ce.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.randomfill.9244f3ce.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79EE) /
Resource Hash
e37c205e491eb6ddb7cac766424efebf45f052f983117549cc204d026a01e68f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27972578
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
728
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79EE)
etag
"6ab-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619853028 831662883
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 16 Jun 2022 21:16:18 GMT
npm.inherits.780b8ce2.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		390 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.inherits.780b8ce2.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C44) /
Resource Hash
2bc87158139e11011129ae8bf843e030481ea97f9ce45797067bfc20880860a4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28240243
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
234
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C44)
etag
"186-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576693933 733847862
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 18:55:13 GMT
runtime.59ce392e.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799F) /
Resource Hash
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
3522235
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1496
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/799F)
etag
"b44-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
1045696904 1044969834
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:26:39 GMT
npm.setimmediate.8aabc28a.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.setimmediate.8aabc28a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7944) /
Resource Hash
693983f446da22ec169ea1cda8e439bdb59297e211af86071e3dddaad1470a28

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27812977
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
878
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7944)
etag
"6d1-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128260422 366840684
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 18 Jun 2022 17:36:18 GMT
npm.crypto-js.7b2ba548.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.crypto-js.7b2ba548.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/792C) /
Resource Hash
0eade3746f17e9891967eae7c851822b3214419a56edf6d6498da2370da23e54

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
24327981
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2212
access-control-allow-origin
*
last-modified
Thu, 08 Apr 2021 17:30:51 GMT
server
ECAcc (nya/792C)
etag
"145d-5bf7968a2c8c0"
vary
Accept-Encoding
x-varnish
619766158 442750424
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 29 Jul 2022 01:39:35 GMT
npm.buffer-xor.7c3c21fa.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		236 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.buffer-xor.7c3c21fa.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C66) /
Resource Hash
9d0b80262a33fa48a31314eed0bdbf568eb904f9df1a3a55d7036fca1d034935

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28331536
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
191
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C66)
etag
"ec-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576820438 715391607
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 17:33:39 GMT
npm.process.1fc92b91.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.process.1fc92b91.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7928) /
Resource Hash
2d8f51299915ddd7c603568a0bb9f09e51131dc8ef68adab932f541bff05b24e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27548350
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
741
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7928)
etag
"6cf-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
463290889 914583650
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 19 Mar 2022 17:05:36 GMT
npm.cipher-base.61db8c09.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		1 KB
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.cipher-base.61db8c09.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7992) /
Resource Hash
188ea392d7637a2dbda8795724e0057b7417720204d19de055dddd0d0e41c9cf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
24519111
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
572
access-control-allow-origin
*
last-modified
Thu, 08 Apr 2021 17:30:51 GMT
server
ECAcc (nya/7992)
etag
"5a4-5bf7968a2c8c0"
vary
Accept-Encoding
x-varnish
572916182 351369494
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 26 Jul 2022 20:34:05 GMT
npm.evp_bytestokey.d6c6af2a.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		633 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.evp_bytestokey.d6c6af2a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7945) /
Resource Hash
c837b1dfaf16175200c1abbb9a3eda039b3d1543d5866ae1eaa41eeee71b4251

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27907192
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
399
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7945)
etag
"279-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
614328784 842995937
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 17 Jun 2022 15:26:04 GMT
npm.browserify-aes.2e2733b8.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-aes.2e2733b8.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7972) /
Resource Hash
85ff3f678e3f69d8cbb242f02666cb4bff9b944e72b44322dad7cfae320ffa96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4239
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7972)
etag
"3b64-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576693926 709268655
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
npm.synacor.url-match-list.d838eb65.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.synacor.url-match-list.d838eb65.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7990) /
Resource Hash
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208622
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
866
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7990)
etag
"887-5c2b015d70900"
vary
Accept-Encoding
x-varnish
572355613 698479425
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:14 GMT
npm.asn1.js.6f553d4c.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.asn1.js.6f553d4c.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/789C) /
Resource Hash
be7759cbab7e32fdeb8c48657500073ba211724abfc2da6845064ca229dfc69d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208464
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7216
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/789C)
etag
"5c7a-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576820440 708935241
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:52 GMT
npm.create-hash.edd640e8.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		535 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.create-hash.edd640e8.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/790F) /
Resource Hash
5f4f403543b0ab8398be19a68bd906e5b862f4bf3e1372798c0c84336075874f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27769292
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
317
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/790F)
etag
"217-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
464922102 704409456
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 19 Jun 2022 05:44:24 GMT
npm.vm-browserify.1fa065ad.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.vm-browserify.1fa065ad.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79F3) /
Resource Hash
00bc27952ca428c59c06d9766803b6b634190f9df1f3f97087f83d765e36ed19

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26537716
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
985
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79F3)
etag
"957-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128367328 613224799
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 03 Jul 2022 11:50:39 GMT
npm.randombytes.ae5c5ce7.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		666 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.randombytes.ae5c5ce7.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B2) /
Resource Hash
e0df112ab3c2afb89895e654c8678a8302d0a833061f9d0bc412af6fc77ebc2c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28124048
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
439
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78B2)
etag
"29a-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
571261846 759137550
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 15 Jun 2022 03:11:47 GMT
npm.miller-rabin.77bc08a4.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		1 KB
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.miller-rabin.77bc08a4.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/796F) /
Resource Hash
f09d1406692657e3a2651e0f7f46fac3f3d3ecdb7f5061d2edbaed1600db0622

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26293921
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
593
access-control-allow-origin
*
last-modified
Thu, 01 Apr 2021 16:43:13 GMT
server
ECAcc (nya/796F)
etag
"52f-5beebed658a40"
vary
Accept-Encoding
x-varnish
619938836 79181229
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 06 Jul 2022 07:33:55 GMT
npm.ripemd160.2025db64.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.ripemd160.2025db64.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7926) /
Resource Hash
09d33b8bf2b197f37094de12f70fbebf519aaa660cc5cfdec3f209c3897723cb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28384055
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1170
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7926)
etag
"afc-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128457506 255466189
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 02:58:21 GMT
npm.browserify-des.062e6d6a.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		988 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-des.062e6d6a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/796C) /
Resource Hash
71335c1634c214fcc859f2a029ac59c9d9e355c3523e5993b04b6cb8465a454d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
488
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/796C)
etag
"3dc-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619853032 752598749
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
npm.hash.js.baac61da.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.hash.js.baac61da.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78AD) /
Resource Hash
3b481d1a93f3dff7a490e5ddadc9cd6f3d71fdafbe446d368f9948be01353692

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27694421
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5754
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78AD)
etag
"3ed5-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128122407 391522040
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 20 Jun 2022 02:32:15 GMT
npm.jsonpath.ece13fb3.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.jsonpath.ece13fb3.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799D) /
Resource Hash
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208604
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
26575
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/799D)
etag
"14700-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619853030 752782642
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:32 GMT
npm.base64-js.82b3c51c.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		1 KB
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.base64-js.82b3c51c.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C42) /
Resource Hash
06c2cd271841d970111ce4bdf05baf71f829e76d9a44fdb35ced1a94e1a6fb15

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28165166
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
781
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C42)
etag
"5c0-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
944918621 34488802
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 15:46:30 GMT
npm.timers-browserify.458e8aae.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		1 KB
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.timers-browserify.458e8aae.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B5) /
Resource Hash
aee2dcedf551a2364801daf1384f60ea73d0a6a3ecdb21fbe138c9971e76ae66

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28432598
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
442
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78B5)
etag
"475-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619791562 594608252
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 13:29:18 GMT
npm.create-hmac.b29c5277.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		1 KB
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.create-hmac.b29c5277.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7916) /
Resource Hash
339c6d769d8833c8d3012bd23e090f24d3419ea4d4b69855012e9c3271e38ffe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27729335
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
623
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7916)
etag
"5ce-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619791564 877724247
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 19 Jun 2022 16:50:20 GMT
npm.des.js.2749b0be.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.des.js.2749b0be.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79AD) /
Resource Hash
5056009a1b1450ba53675a5f438be1bdbd585db9468d2d81f50882b2c659ed07

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28245407
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2837
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79AD)
etag
"2151-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
571261850 732726794
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 17:29:09 GMT
npm.babel.runtime.384d0496.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.babel.runtime.384d0496.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E4) /
Resource Hash
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28407032
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1562
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78E4)
etag
"1106-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128260428 211924045
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 20:35:24 GMT
npm.safe-buffer.2890a42e.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		802 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.safe-buffer.2890a42e.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C0E) /
Resource Hash
41e3d1818f931c982205673dcef9839c8970acc2f5528abe4fc86aece04ad647

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26993838
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
343
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C0E)
etag
"322-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576820444 978842850
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 28 Jun 2022 05:08:37 GMT
npm.events.db12d2bd.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.events.db12d2bd.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7990) /
Resource Hash
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208622
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1869
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7990)
etag
"155e-5c2b015d70900"
vary
Accept-Encoding
x-varnish
945066671 978963
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:14 GMT
main~safeframe.d0680278.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/main~safeframe.d0680278.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/798D) /
Resource Hash
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208626
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4770
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/798D)
etag
"3650-5c2b015d70900"
vary
Accept-Encoding
x-varnish
383527640 698645492
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 24 May 2022 12:25:55 GMT
npm.hmac-drbg.dfba8bc6.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.hmac-drbg.dfba8bc6.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/793C) /
Resource Hash
0da8990b2deaff73fd3a28b59f8afaf9a141cfc792f6700e3d4c9dcb4195d791

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
25718195
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
721
access-control-allow-origin
*
last-modified
Thu, 08 Apr 2021 17:30:51 GMT
server
ECAcc (nya/793C)
etag
"71d-5bf7968a2c8c0"
vary
Accept-Encoding
x-varnish
619853036 183871827
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 12 Jul 2022 23:29:21 GMT
npm.core-js.bdfadd6a.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.core-js.bdfadd6a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/789E) /
Resource Hash
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208595
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
35118
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/789E)
etag
"19fd1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619575150 752783038
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:40 GMT
npm.core-util-is.6e36799f.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		1 KB
504 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.core-util-is.6e36799f.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E0) /
Resource Hash
9be504714f84fa58f25b9cad34552bc6d43bf33d35bc109780ab7bb566df9050

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27167402
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
384
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78E0)
etag
"414-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576513073 943179097
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 26 Jun 2022 04:55:54 GMT
npm.bn.js.d562b1e3.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.bn.js.d562b1e3.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79AA) /
Resource Hash
16ecca79afaa9ff085d1e94da5633727316f4eb058e4b484423a58db6f10767b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208481
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
11253
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/79AA)
etag
"a851-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128457508 259930584
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:35 GMT
npm.md5.js.556fb13a.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.md5.js.556fb13a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79DC) /
Resource Hash
f282abe4ca6b9f4326859008e162ea0f9ed268872de724a14f5135a2fe8ad6b8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27980022
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1296
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79DC)
etag
"cc2-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619575152 830004939
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 16 Jun 2022 19:12:14 GMT
npm.elliptic.cdbb9997.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.elliptic.cdbb9997.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C69) /
Resource Hash
0aac2695cc7744360a48f34dc4020535516812bd66f8a805743b0d326f15a266

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26508675
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
30574
access-control-allow-origin
*
last-modified
Tue, 30 Mar 2021 20:27:32 GMT
server
ECAcc (nya/1C69)
etag
"11601-5bec6d3eed500"
vary
Accept-Encoding
x-varnish
79378843 1053986630
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 May 2022 15:19:19 GMT
npm.string_decoder.34d1b1e2.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.string_decoder.34d1b1e2.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7959) /
Resource Hash
a16e154e8fb61d9a8cc79561fb5b26e52a933eff04cd4fc4243c9bc2cfae3395

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208595
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1394
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7959)
etag
"1165-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128457510 259750739
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:40 GMT
npm.isarray.0fdcbbd5.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		171 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.isarray.0fdcbbd5.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7967) /
Resource Hash
4bb20c4898a27a3a52e6cb8f21cdddead8255a279e5c490e5aa82e0189581dd8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27436036
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
152
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7967)
etag
"ab-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576820446 893635672
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 23 Jun 2022 02:18:40 GMT
npm.diffie-hellman.9bfb052f.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.diffie-hellman.9bfb052f.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C64) /
Resource Hash
f37dfeeefda3f99d6663c824de1584be0b34e27f999a6f9b72e4409635ce41bc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28237073
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2991
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C64)
etag
"29ae-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
572916186 717291806
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 19:48:03 GMT
npm.hash-base.424bbef4.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		2 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.hash-base.424bbef4.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C56) /
Resource Hash
1ecd62b677c9161fb94bd27207b10c8ee14483730c0d06747662042ff0ced983

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28453050
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
847
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C56)
etag
"8d5-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
464922104 479850403
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 07:48:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B31 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame F193
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.kokomotribune.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.237.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-237-203.compute-1.amazonaws.com
Software
/
Resource Hash
f168ef9bdd8418038ab23c299f7827b462d1dca9a63e8dff586e63a305608a20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 31 Jan 2022 16:33:55 GMT
pragma
no-cache

Redirect headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ Frame EC24 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:29:49 GMT
x-content-type-options
nosniff
age
507846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 19:29:49 GMT
pubads_impl_2022012505.js
securepubads.g.doubleclick.net/gpt/ Frame 5376 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 20:18:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122166
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Jan 2023 20:18:16 GMT
async_usersync
ib.adnxs.com/ Frame 602C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e174c6de-1d18-4577-9822-a8ef7abea744
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ Frame 26D3 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.concert.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://cdn.concert.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 04D3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 29 Jan 2022 04:37:49 GMT
expires
Sun, 29 Jan 2023 04:37:49 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
215767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 97DF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 697118bcd171d3b8a0299bf4ce5a8604.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
152565
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6d6458333e2015a7-EWR
x-amz-cf-id
lwQ1lEw9tGsIlt1UY6HrsjBk2yAp9q3IbjALvHkHmH0V-8_svMWTYw==
expires
Wed, 02 Feb 2022 16:33:55 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B599
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1&google_push=AYg5qPJhOLJlEVc7YFvFYal80nGXXQaQzZHtGUR8BChEwsWSnXJ99Yd1HRVqKi2-7F78D98OS9olKam0YWtt_7OaO2YPOacYxc5rx...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk0OTUxOTg4MDk5MTY1MTc3NA==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
presentation-atl1.turn.com
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEL0i4uNx_DnYwsHTiK7VtqU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B599
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPycBHuwmX_G6l-B9YtVSsU&google_cver=1&google_push=AYg5qPK6VdH9jLzQzurxr0mv97xTvOYmvjbucv3RO3gt80Agvp-EtPQKxg4Nm6ud2tpJDK-SQLXJNIuqOfp1gi...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPK6VdH9jLzQzurxr0mv97xTvOYmvjbucv3RO3gt80Agvp-EtPQKxg4Nm6ud2tpJDK-SQLXJNIuqOfp1giJdhsBG0UnJELxDEtCuEP4if01D7RAYyjxIVWejwYY8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPK6VdH9jLzQzurxr0mv97xTvOYmvjbucv3RO3gt80Agvp-EtPQKxg4Nm6ud2tpJDK-SQLXJNIuqOfp1giJdhsBG0UnJELxDEtCuEP4if01D7RAYyjxIVWejwYY8C6vg5k0Lrw8M6Fg&google_hm=hmH4D3P2I2HQ6a3FFA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61F80F73F62361D0E9ADC514BLIS
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPK6VdH9jLzQzurxr0mv97xTvOYmvjbucv3RO3gt80Agvp-EtPQKxg4Nm6ud2tpJDK-SQLXJNIuqOfp1giJdhsBG0UnJELxDEtCuEP4if01D7RAYyjxIVWejwYY8C6vg5k0Lrw8M6Fg&google_hm=hmH4D3P2I2HQ6a3FFA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61F80F73F62361D0E9ADC514BLIS
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame B599
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESED04DCgUXgNgOjMi-q8x9k8&google_cver=1&google_push=AYg5qPKwsL0DELPH5DkHQmE4lPaA4MSF4WJp8n9si8m1LALaNZHKSQ9AxZWZsFuhRmRQHRuCtEeRGZExlUOnQXCPrXr8ZZaDn_z1A...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKwsL0DELPH5DkHQmE4lPaA4MSF4WJp8n9si8m1LALaNZHKSQ9AxZWZsFuhRmRQHRuCtEeRGZExlUOnQXCPrXr8ZZaDn_z1Asb-bOnkK-MQMcE7muPYgI9s72Pmotn3Ap...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKwsL0DELPH5DkHQmE4lPaA4MSF4WJp8n9si8m1LALaNZHKSQ9AxZWZsFuhRmRQHRuCtEeRGZExlUOnQXCPrXr8ZZaDn_z1Asb-bOnkK-MQMcE7muPYgI9s72Pmotn3ApY3UyGyMUs&google_hm=NjxVXLgrws8KnAIMCDYLcQ==
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKwsL0DELPH5DkHQmE4lPaA4MSF4WJp8n9si8m1LALaNZHKSQ9AxZWZsFuhRmRQHRuCtEeRGZExlUOnQXCPrXr8ZZaDn_z1Asb-bOnkK-MQMcE7muPYgI9s72Pmotn3ApY3UyGyMUs&google_hm=NjxVXLgrws8KnAIMCDYLcQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
57727fm8k5rvsusghtamkl11qhg9rggp
pixel
cm.g.doubleclick.net/ Frame B599
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMXCkz2iiCOzXc0mNQzbafs&google_cver=1&google_push=AYg5qPKWSwED0bnA0LpMA-Tni38mn9VtSSBShlrJHQqMJxb-cl1twFff9ClAAjHhKBPc-WzLHoCV1laUb5cdr...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKWSwED0bnA0LpMA-Tni38mn9VtSSBShlrJHQqMJxb-cl1twFff9ClAAjHhKBPc-WzLHoCV1laUb5cdrghjILEFxbI9LM_563BzCjCGTiNtM3rog6kNOmMvZ25bWM3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKWSwED0bnA0LpMA-Tni38mn9VtSSBShlrJHQqMJxb-cl1twFff9ClAAjHhKBPc-WzLHoCV1laUb5cdrghjILEFxbI9LM_563BzCjCGTiNtM3rog6kNOmMvZ25bWM3nfafSAXo6uq0&google_hm=YkUzUDZFb05wUmlrQXJMWjZyT2s=
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKWSwED0bnA0LpMA-Tni38mn9VtSSBShlrJHQqMJxb-cl1twFff9ClAAjHhKBPc-WzLHoCV1laUb5cdrghjILEFxbI9LM_563BzCjCGTiNtM3rog6kNOmMvZ25bWM3nfafSAXo6uq0&google_hm=YkUzUDZFb05wUmlrQXJMWjZyT2s=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
279
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B599
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECsqN1p07CMXjlHFxpiyDp4&google_cver=1&google_push=AYg5qPIOhjmlunx3puKLigBzxDtYfPPcpEBN81iLG5Dr81GrRjvImLUQoBZK_oupT-n8DPooaAg...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyV1ZWTFktVi1BWVJI&google_push=AYg5qPIOhjmlunx3puKLigBzxDtYfPPcpEBN81iLG5Dr81GrRjvImLUQoBZK_oupT-n8DPooaAg1erkN6IA5e4BNC4-MZquMHtIOEc2WU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyV1ZWTFktVi1BWVJI&google_push=AYg5qPIOhjmlunx3puKLigBzxDtYfPPcpEBN81iLG5Dr81GrRjvImLUQoBZK_oupT-n8DPooaAg1erkN6IA5e4BNC4-MZquMHtIOEc2WUR7msEgKKhzObWgnkRyYnL9apv8cgtAoz2BJfA
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyV1ZWTFktVi1BWVJI&google_push=AYg5qPIOhjmlunx3puKLigBzxDtYfPPcpEBN81iLG5Dr81GrRjvImLUQoBZK_oupT-n8DPooaAg1erkN6IA5e4BNC4-MZquMHtIOEc2WUR7msEgKKhzObWgnkRyYnL9apv8cgtAoz2BJfA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame B599
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA...
0
0
pixel
cm.g.doubleclick.net/ Frame B599
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIhlEIsnt7dIroFyt3zV...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIhlEIsnt7dIroFyt3zVWy2OCZxXTTJydUNcisvIVu4DVzV-Q3Ujbdb-PlhE-Rq3b6iALF5-qk273NjS3ztySZWxo3yLcfxCdCdIJ5v8AQlgSxGQh2M7FNaFoL6s5Q7Cnql...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIhlEIsnt7dIroFyt3zVWy2OCZxXTTJydUNcisvIVu4DVzV-Q3Ujbdb-PlhE-Rq3b6iALF5-qk273NjS3ztySZWxo3yLcfxCdCdIJ5v8AQlgSxGQh2M7FNaFoL6s5Q7CnqlYTYJXQ4&google_hm=BYvu38c3TkgOszE_gO9h1PE
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
Tengine
ETag
RX8beedfc7374e480eb3313f80ef61d4f1005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIhlEIsnt7dIroFyt3zVWy2OCZxXTTJydUNcisvIVu4DVzV-Q3Ujbdb-PlhE-Rq3b6iALF5-qk273NjS3ztySZWxo3yLcfxCdCdIJ5v8AQlgSxGQh2M7FNaFoL6s5Q7CnqlYTYJXQ4&google_hm=BYvu38c3TkgOszE_gO9h1PE
Connection
keep-alive
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame B599 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IONe2gQ7uc83PDNgBXZAgmbFY_MmOU4eF4OSQdEr4_Spokyfb2gaJP64GDoIAaWyZ-zh-2
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.com/adsid/ Frame 5376 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5376 		48 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1518223740491278&correlator=1008351799046577&output=ldjh&impl=fif&eid=31064559&vrg=2022012505&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=5284%2Csyn.cnhi%2Cron_cnhi_reflex_dtp_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cdm=ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com&bc=31&abxe=1&dt=1643646835777&lmt=1614716223&dlt=1643646834531&idt=1217&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=2&adxs=0&adys=0&adks=1830610523&ucis=1qhs95uuuqj&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fwww.kokomotribune.com%2F&top=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=300x0&ga_vid=1080583845.1643646836&ga_sid=1643646836&ga_hid=1720195532&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1192c820b840863b96f0d2c09c87d67bfb150db923ec218347ce30d15e9d9ef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15656
x-xss-protection
0
google-lineitem-id
5671639369
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346776860
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
64079d933a1814e8a7c3237fb16b6abd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A7D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64079d933a1814e8a7c3237fb16b6abd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 16:33:55 GMT
expires
Tue, 31 Jan 2023 16:33:55 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
crum
dsum-sec.casalemedia.com/ Frame F193 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=b9945a85-3bbb-49e0-98bc-294bcf0d021a&expiration=1651422835
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 16:33:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 460F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
npm.css-loader.fcfdedff.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		1 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.css-loader.fcfdedff.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C33) /
Resource Hash
05d15b90d5d0083b16e9b9917566fc391a5d2822551f3047d0abedeb4b53ec62

Request headers

Referer
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26884217
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
688
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C33)
etag
"4de-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576633671 999467574
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 29 Jun 2022 11:35:37 GMT
default_css.0e4981f7.bundle.js
engage.imds-cdn.com/dist/ Frame 0B31 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/default_css.0e4981f7.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/795C) /
Resource Hash
034ef92f58ef6d441066f15a2514f3dd65bab5b42ba776c1d071bd773f1fd45f

Request headers

Referer
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208435
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2647
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:19 GMT
server
ECAcc (nya/795C)
etag
"32db-5c2b015c7c6c0"
vary
Accept-Encoding
x-varnish
619597817 752719950
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:25:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A58E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIpvoMGhDSEK9G3tBnlf04-C3TA9dfURP7AWHYL7uSs2TSVV2zGpxedA_gfkt7SgEVLby_N30-xmt6kKsnR3uVBml65O0AfoSNF35XAOXK9ZenvoWayR4TvxIbVFJTTlLVbkMkisyxHGFUIlnjYGv-HGebK9utQGWvTLwfVQe1jf-Tb4eQuRgvp0PP8RcUjwKVKxAkaQ1_4a2EScjt-EfSsg-OtF4puLXPSjRK1jNySsGbJ2afFgpkOqF7k7nbq-76IQ3gfeh2dtiCz5kRRDzOeDvvv7AzIRwMLT7lRqjRi-fTM8EKiakObttexbNao7EhFvQN261CwF8aOqJJXMK9yaVARc8J6K-2t5VCuA&sig=Cg0ArKJSzLXeil_bqzQUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
npm.readable-stream.e129657a.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.readable-stream.e129657a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C69) /
Resource Hash
ef852aeb7f2795abec2dea2a79492ad843579c0ff531d68c47d6ec5ab58cd19b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28079247
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
10052
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C69)
etag
"8643-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
944918619 52514170
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 15 Jun 2022 15:38:29 GMT
npm.parse-asn1.e151f65d.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.parse-asn1.e151f65d.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D3) /
Resource Hash
99762b0fe5da9809648a083071dcf3cde2776217ee4bde215976d6ee2cb25bcc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28335277
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2138
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79D3)
etag
"1d13-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576513075 714291275
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 16:31:18 GMT
main.dd28bbab.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		176 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79A1) /
Resource Hash
387c9eebae04bce02e1ab7d9aef2dd386d5b9e243396ac3f3c1a202c6e82c551

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
3522302
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
48487
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/79A1)
etag
"2c1c8-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
451275657 451612319
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:25:32 GMT
npm.bowser.bd648522.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.bowser.bd648522.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7925) /
Resource Hash
1165bead2354eab83a4d6883fc2144fca8870a4d2454b4a5aa24e7e4a9239540

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208486
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5736
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7925)
etag
"64e2-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619575154 750547209
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:30 GMT
npm.minimalistic-crypto-utils.444b30c4.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		675 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.minimalistic-crypto-utils.444b30c4.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7988) /
Resource Hash
31a97591328133bb55503ae04ccaaa5a65385d77a13dce3b67d2e4bf601bc1ca

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28407618
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
416
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7988)
etag
"2a3-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128122416 213824815
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 20:25:38 GMT
npm.public-encrypt.ed3dbb13.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.public-encrypt.ed3dbb13.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/798C) /
Resource Hash
55cd050874e30e1598e9f18f7e5eca36ba29c683f5f7bbadfb66a1116e28ccf5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28412130
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1230
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/798C)
etag
"c07-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576820448 618529768
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 19:10:26 GMT
npm.process-nextick-args.cd8ecdea.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		743 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.process-nextick-args.cd8ecdea.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B7) /
Resource Hash
2e1138781e8e7bbfbd486a9b43ad0a5179db2fbd5a14ce5cdf65276f8346bfe9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27172367
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
389
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78B7)
etag
"2e7-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619853034 986811315
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 26 Jun 2022 03:33:09 GMT
npm.browserify-sign.13357932.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-sign.13357932.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E3) /
Resource Hash
d73a9ef42ce935d5eec29ddae519788aaa5512d7f6ad0480a5211b6ae458fa04

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2307
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78E3)
etag
"1cfc-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128218325 260060321
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
url_lists.2f498c63.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/url_lists.2f498c63.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7962) /
Resource Hash
5912c5a55569ea3ad9889a9e21fa23dd69ef3aa5e4a4c656158d5aac68734d5c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
8203929
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
3064
access-control-allow-origin
*
last-modified
Thu, 28 Oct 2021 16:41:07 GMT
server
ECAcc (nya/7962)
etag
"214a-5cf6c608faec0"
vary
Accept-Encoding
x-varnish
753685949 944888468
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Nov 2022 14:37:32 GMT
npm.sha.js.adcf856b.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.sha.js.adcf856b.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/792C) /
Resource Hash
bc5659878681c2cfd30d8d38093f1c48f76da8b9dad30d9e1341a8f0febedc98

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26332728
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4043
access-control-allow-origin
*
last-modified
Thu, 01 Apr 2021 16:43:13 GMT
server
ECAcc (nya/792C)
etag
"2c70-5beebed658a40"
vary
Accept-Encoding
x-varnish
576513066 672385051
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 05 Jul 2022 20:47:08 GMT
npm.create-ecdh.d4d5598f.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.create-ecdh.d4d5598f.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78DA) /
Resource Hash
22b4bf26b9c79e0b28e89503a4de4f9153994acdf351d89fc46e3700b5fa7d7b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28412205
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
725
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78DA)
etag
"6be-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128367324 206538351
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 19:09:11 GMT
npm.minimalistic-assert.2c8db5a9.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		239 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.minimalistic-assert.2c8db5a9.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6C) /
Resource Hash
c60d1063c74ade5dacbd166ae119e9d688db02715841e21ae826b9d62564ebe2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28125944
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
172
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C6C)
etag
"ef-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
945066667 44503552
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 15 Jun 2022 02:40:11 GMT
npm.brorand.7e675032.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		967 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.brorand.7e675032.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7951) /
Resource Hash
f52e9002abc398d96cb4903116e78cbb295184cdc9749851ac7f1923e8e9c0a2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
417
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7951)
etag
"3c7-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619669864 752628015
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
npm.pbkdf2.85be0737.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.pbkdf2.85be0737.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C23) /
Resource Hash
82620a235ce91107a5c9dc947947a0b36f5646d951b072653bfd23929388a30a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28418043
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1488
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C23)
etag
"d44-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576693931 556041109
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 17:31:53 GMT
npm.stream-browserify.f3f44d3a.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.stream-browserify.f3f44d3a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7923) /
Resource Hash
46b5efe32423049467d41586b84962af93f154b542ca4e34ea0216ea7747f186

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208465
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7246
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7923)
etag
"60b1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576513071 708824591
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:51 GMT
npm.buffer.c24ca057.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.buffer.c24ca057.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7889) /
Resource Hash
6bc2b8fea24fa1c8b174c7129eb2061dd61cb439252efcf3350a418ff38721dd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208622
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5914
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7889)
etag
"4dc5-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128218327 259685364
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:14 GMT
npm.browserify-rsa.aec77900.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		855 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-rsa.aec77900.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/798B) /
Resource Hash
7e532c6667b369f30bf9705a22be3a86eaa889e73c0e21f024b37ad0d15fcc6a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208461
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
448
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/798B)
etag
"357-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619597792 752690865
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:55 GMT
npm.webpack.78d57302.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		518 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.webpack.78d57302.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C61) /
Resource Hash
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208470
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
290
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/1C61)
etag
"206-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128367326 259930596
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:46 GMT
npm.util-deprecate.1d4ec36e.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		482 B
446 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.util-deprecate.1d4ec36e.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/796D) /
Resource Hash
caaee24e77e651e2ab22df93ca029110656a63d4cf16aeeedd468e6cb4c5f3af

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28248170
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
303
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/796D)
etag
"1e2-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619669866 776243581
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 16:43:06 GMT
npm.ieee754.b56c57d9.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		948 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.ieee754.b56c57d9.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78F5) /
Resource Hash
d7ff38ea460ae85369bd6b231f50383eb1a78dda3d1bacaa0f04282f68dc6a8f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28335471
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
537
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78F5)
etag
"3b4-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128457504 263790910
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 16:28:04 GMT
npm.browserify-cipher.6ee32eed.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		1 KB
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-cipher.6ee32eed.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7955) /
Resource Hash
9004d4ff1ed09b144291fcf6fcaa0957a370976bf762fe634100f297effc9e9f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
400
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7955)
etag
"422-5c2b015d70900"
vary
Accept-Encoding
x-varnish
571261844 709268658
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
npm.crypto-browserify.77f1b6fd.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.crypto-browserify.77f1b6fd.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79CF) /
Resource Hash
b5683bbd63409ac9da7ca876364fd5e0e88b53adaa98b7c95fe2ce448a217ac5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27772878
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
819
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79CF)
etag
"736-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
464922100 704003033
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 19 Jun 2022 04:44:38 GMT
npm.randomfill.9244f3ce.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.randomfill.9244f3ce.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79EE) /
Resource Hash
e37c205e491eb6ddb7cac766424efebf45f052f983117549cc204d026a01e68f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27972578
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
728
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79EE)
etag
"6ab-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619853028 831662883
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 16 Jun 2022 21:16:18 GMT
npm.inherits.780b8ce2.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		390 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.inherits.780b8ce2.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C44) /
Resource Hash
2bc87158139e11011129ae8bf843e030481ea97f9ce45797067bfc20880860a4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28240243
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
234
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C44)
etag
"186-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576693933 733847862
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 18:55:13 GMT
runtime.59ce392e.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799F) /
Resource Hash
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
3522235
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1496
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/799F)
etag
"b44-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
1045696904 1044969834
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:26:39 GMT
npm.setimmediate.8aabc28a.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.setimmediate.8aabc28a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7944) /
Resource Hash
693983f446da22ec169ea1cda8e439bdb59297e211af86071e3dddaad1470a28

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27812977
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
878
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7944)
etag
"6d1-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128260422 366840684
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 18 Jun 2022 17:36:18 GMT
npm.crypto-js.7b2ba548.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.crypto-js.7b2ba548.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/792C) /
Resource Hash
0eade3746f17e9891967eae7c851822b3214419a56edf6d6498da2370da23e54

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
24327981
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2212
access-control-allow-origin
*
last-modified
Thu, 08 Apr 2021 17:30:51 GMT
server
ECAcc (nya/792C)
etag
"145d-5bf7968a2c8c0"
vary
Accept-Encoding
x-varnish
619766158 442750424
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 29 Jul 2022 01:39:35 GMT
npm.buffer-xor.7c3c21fa.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		236 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.buffer-xor.7c3c21fa.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C66) /
Resource Hash
9d0b80262a33fa48a31314eed0bdbf568eb904f9df1a3a55d7036fca1d034935

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28331536
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
191
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C66)
etag
"ec-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576820438 715391607
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 17:33:39 GMT
npm.process.1fc92b91.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.process.1fc92b91.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7928) /
Resource Hash
2d8f51299915ddd7c603568a0bb9f09e51131dc8ef68adab932f541bff05b24e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27548350
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
741
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7928)
etag
"6cf-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
463290889 914583650
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 19 Mar 2022 17:05:36 GMT
npm.cipher-base.61db8c09.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		1 KB
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.cipher-base.61db8c09.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7992) /
Resource Hash
188ea392d7637a2dbda8795724e0057b7417720204d19de055dddd0d0e41c9cf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
24519111
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
572
access-control-allow-origin
*
last-modified
Thu, 08 Apr 2021 17:30:51 GMT
server
ECAcc (nya/7992)
etag
"5a4-5bf7968a2c8c0"
vary
Accept-Encoding
x-varnish
572916182 351369494
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 26 Jul 2022 20:34:05 GMT
npm.evp_bytestokey.d6c6af2a.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		633 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.evp_bytestokey.d6c6af2a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7945) /
Resource Hash
c837b1dfaf16175200c1abbb9a3eda039b3d1543d5866ae1eaa41eeee71b4251

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27907192
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
399
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7945)
etag
"279-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
614328784 842995937
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 17 Jun 2022 15:26:04 GMT
npm.browserify-aes.2e2733b8.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-aes.2e2733b8.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7972) /
Resource Hash
85ff3f678e3f69d8cbb242f02666cb4bff9b944e72b44322dad7cfae320ffa96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4239
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7972)
etag
"3b64-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576693926 709268655
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
npm.synacor.url-match-list.d838eb65.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.synacor.url-match-list.d838eb65.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7990) /
Resource Hash
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208622
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
866
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7990)
etag
"887-5c2b015d70900"
vary
Accept-Encoding
x-varnish
572355613 698479425
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:14 GMT
npm.asn1.js.6f553d4c.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.asn1.js.6f553d4c.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/789C) /
Resource Hash
be7759cbab7e32fdeb8c48657500073ba211724abfc2da6845064ca229dfc69d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208464
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7216
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/789C)
etag
"5c7a-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576820440 708935241
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:52 GMT
npm.create-hash.edd640e8.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		535 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.create-hash.edd640e8.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/790F) /
Resource Hash
5f4f403543b0ab8398be19a68bd906e5b862f4bf3e1372798c0c84336075874f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27769292
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
317
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/790F)
etag
"217-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
464922102 704409456
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 19 Jun 2022 05:44:24 GMT
npm.vm-browserify.1fa065ad.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.vm-browserify.1fa065ad.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79F3) /
Resource Hash
00bc27952ca428c59c06d9766803b6b634190f9df1f3f97087f83d765e36ed19

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26537716
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
985
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79F3)
etag
"957-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128367328 613224799
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 03 Jul 2022 11:50:39 GMT
npm.randombytes.ae5c5ce7.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		666 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.randombytes.ae5c5ce7.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B2) /
Resource Hash
e0df112ab3c2afb89895e654c8678a8302d0a833061f9d0bc412af6fc77ebc2c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28124048
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
439
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78B2)
etag
"29a-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
571261846 759137550
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 15 Jun 2022 03:11:47 GMT
npm.miller-rabin.77bc08a4.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		1 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.miller-rabin.77bc08a4.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/796F) /
Resource Hash
f09d1406692657e3a2651e0f7f46fac3f3d3ecdb7f5061d2edbaed1600db0622

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26293921
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
593
access-control-allow-origin
*
last-modified
Thu, 01 Apr 2021 16:43:13 GMT
server
ECAcc (nya/796F)
etag
"52f-5beebed658a40"
vary
Accept-Encoding
x-varnish
619938836 79181229
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 06 Jul 2022 07:33:55 GMT
npm.ripemd160.2025db64.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.ripemd160.2025db64.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7926) /
Resource Hash
09d33b8bf2b197f37094de12f70fbebf519aaa660cc5cfdec3f209c3897723cb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28384055
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1170
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7926)
etag
"afc-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128457506 255466189
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 02:58:21 GMT
npm.browserify-des.062e6d6a.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		988 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.browserify-des.062e6d6a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/796C) /
Resource Hash
71335c1634c214fcc859f2a029ac59c9d9e355c3523e5993b04b6cb8465a454d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208566
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
488
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/796C)
etag
"3dc-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619853032 752598749
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:10 GMT
npm.hash.js.baac61da.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.hash.js.baac61da.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78AD) /
Resource Hash
3b481d1a93f3dff7a490e5ddadc9cd6f3d71fdafbe446d368f9948be01353692

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27694421
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5754
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78AD)
etag
"3ed5-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128122407 391522040
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 20 Jun 2022 02:32:15 GMT
npm.jsonpath.ece13fb3.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.jsonpath.ece13fb3.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799D) /
Resource Hash
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208604
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
26575
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/799D)
etag
"14700-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619853030 752782642
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:32 GMT
npm.base64-js.82b3c51c.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		1 KB
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.base64-js.82b3c51c.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C42) /
Resource Hash
06c2cd271841d970111ce4bdf05baf71f829e76d9a44fdb35ced1a94e1a6fb15

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28165166
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
781
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C42)
etag
"5c0-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
944918621 34488802
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 15:46:30 GMT
npm.timers-browserify.458e8aae.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		1 KB
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.timers-browserify.458e8aae.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B5) /
Resource Hash
aee2dcedf551a2364801daf1384f60ea73d0a6a3ecdb21fbe138c9971e76ae66

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28432598
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
442
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78B5)
etag
"475-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619791562 594608252
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 13:29:18 GMT
npm.create-hmac.b29c5277.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		1 KB
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.create-hmac.b29c5277.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7916) /
Resource Hash
339c6d769d8833c8d3012bd23e090f24d3419ea4d4b69855012e9c3271e38ffe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27729335
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
623
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7916)
etag
"5ce-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619791564 877724247
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 19 Jun 2022 16:50:20 GMT
npm.des.js.2749b0be.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.des.js.2749b0be.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79AD) /
Resource Hash
5056009a1b1450ba53675a5f438be1bdbd585db9468d2d81f50882b2c659ed07

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28245407
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2837
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79AD)
etag
"2151-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
571261850 732726794
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 17:29:09 GMT
npm.babel.runtime.384d0496.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.babel.runtime.384d0496.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E4) /
Resource Hash
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28407032
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1562
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78E4)
etag
"1106-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128260428 211924045
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 20:35:24 GMT
npm.safe-buffer.2890a42e.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		802 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.safe-buffer.2890a42e.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C0E) /
Resource Hash
41e3d1818f931c982205673dcef9839c8970acc2f5528abe4fc86aece04ad647

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26993838
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
343
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C0E)
etag
"322-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576820444 978842850
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 28 Jun 2022 05:08:37 GMT
npm.events.db12d2bd.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.events.db12d2bd.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7990) /
Resource Hash
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208622
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1869
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7990)
etag
"155e-5c2b015d70900"
vary
Accept-Encoding
x-varnish
945066671 978963
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:14 GMT
main~safeframe.d0680278.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/main~safeframe.d0680278.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/798D) /
Resource Hash
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208626
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4770
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/798D)
etag
"3650-5c2b015d70900"
vary
Accept-Encoding
x-varnish
383527640 698645492
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 24 May 2022 12:25:55 GMT
npm.hmac-drbg.dfba8bc6.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.hmac-drbg.dfba8bc6.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/793C) /
Resource Hash
0da8990b2deaff73fd3a28b59f8afaf9a141cfc792f6700e3d4c9dcb4195d791

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
25718195
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
721
access-control-allow-origin
*
last-modified
Thu, 08 Apr 2021 17:30:51 GMT
server
ECAcc (nya/793C)
etag
"71d-5bf7968a2c8c0"
vary
Accept-Encoding
x-varnish
619853036 183871827
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 12 Jul 2022 23:29:21 GMT
npm.core-js.bdfadd6a.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.core-js.bdfadd6a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/789E) /
Resource Hash
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208595
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
35118
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/789E)
etag
"19fd1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619575150 752783038
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:40 GMT
npm.core-util-is.6e36799f.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		1 KB
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.core-util-is.6e36799f.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E0) /
Resource Hash
9be504714f84fa58f25b9cad34552bc6d43bf33d35bc109780ab7bb566df9050

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27167402
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
384
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78E0)
etag
"414-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576513073 943179097
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 26 Jun 2022 04:55:54 GMT
npm.bn.js.d562b1e3.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.bn.js.d562b1e3.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79AA) /
Resource Hash
16ecca79afaa9ff085d1e94da5633727316f4eb058e4b484423a58db6f10767b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208481
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
11253
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/79AA)
etag
"a851-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128457508 259930584
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:35 GMT
npm.md5.js.556fb13a.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.md5.js.556fb13a.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79DC) /
Resource Hash
f282abe4ca6b9f4326859008e162ea0f9ed268872de724a14f5135a2fe8ad6b8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27980022
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1296
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/79DC)
etag
"cc2-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
619575152 830004939
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 16 Jun 2022 19:12:14 GMT
npm.elliptic.cdbb9997.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.elliptic.cdbb9997.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C69) /
Resource Hash
0aac2695cc7744360a48f34dc4020535516812bd66f8a805743b0d326f15a266

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
26508675
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
30574
access-control-allow-origin
*
last-modified
Tue, 30 Mar 2021 20:27:32 GMT
server
ECAcc (nya/1C69)
etag
"11601-5bec6d3eed500"
vary
Accept-Encoding
x-varnish
79378843 1053986630
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 May 2022 15:19:19 GMT
npm.string_decoder.34d1b1e2.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.string_decoder.34d1b1e2.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7959) /
Resource Hash
a16e154e8fb61d9a8cc79561fb5b26e52a933eff04cd4fc4243c9bc2cfae3395

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
22208595
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1394
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7959)
etag
"1165-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128457510 259750739
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:40 GMT
npm.isarray.0fdcbbd5.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		171 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.isarray.0fdcbbd5.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7967) /
Resource Hash
4bb20c4898a27a3a52e6cb8f21cdddead8255a279e5c490e5aa82e0189581dd8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
27436036
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
152
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/7967)
etag
"ab-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576820446 893635672
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 23 Jun 2022 02:18:40 GMT
npm.diffie-hellman.9bfb052f.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.diffie-hellman.9bfb052f.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C64) /
Resource Hash
f37dfeeefda3f99d6663c824de1584be0b34e27f999a6f9b72e4409635ce41bc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28237073
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2991
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C64)
etag
"29ae-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
572916186 717291806
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 19:48:03 GMT
npm.hash-base.424bbef4.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		2 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.hash-base.424bbef4.bundle.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C56) /
Resource Hash
1ecd62b677c9161fb94bd27207b10c8ee14483730c0d06747662042ff0ced983

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:55 GMT
content-encoding
gzip
age
28453050
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
847
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C56)
etag
"8d5-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
464922104 479850403
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 11 Jun 2022 07:48:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A58E 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
url-list.js
engage.imds-cdn.com/ Frame 0B31 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/url-list.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/url_lists.2f498c63.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D0) /
Resource Hash
1d6c771d5a031898c49a43f646165414ca6cea0d2c24bbed59a3828d8641c0fe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
225
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1990
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:27 GMT
server
ECAcc (nya/79D0)
etag
"168d-5d3af1add46c0"
vary
Accept-Encoding
x-varnish
427649359 427649350
via
1.1 varnish
cache-control
public, max-age=900, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 31 Jan 2022 16:48:55 GMT
cnhi_engage_reflex_ron_payload.json
reflex-engage.imds-cdn.com/v/5284/syn.cnhi/ Frame 0B31 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reflex-engage.imds-cdn.com/v/5284/syn.cnhi/cnhi_engage_reflex_ron_payload.json
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7994) /
Resource Hash
0e39434c2eae87a64684f2952d8b95d9ba7f6ec76886027951af2b12a43f8f0e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 14:57:12 GMT
server
ECAcc (nya/7994)
age
756
etag
"dcec43b278e58eeb703f53d6ec5e6415+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=900, immutable
x-amz-request-id
142MQM1K9ZM485AF
x-cache
HIT
content-length
982
x-amz-id-2
QL/qjWa/e30cFUvs4tntpboFFNnXocK8d4kHB7SBg9t+XoVwKwSExGV1IRQXLZ+bhMlR0E8skj8=
all
csm.us.criteo.net/ Frame EC24 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=mo4Gg6_glbHJPEq5Hox9L-7kNMHBB6woMmNjz5Ng1Cend3ntOhydeoBsqoCUNgCJflEtXl1oQtSHCuo2PiUWJ_520l8OM5Mz1ACvbC0jTMF86-EeA6QOd-Wh6aDYvbYuiAUryPLDfvG9u5qfDkv1ecdK2erDDonT_CUU4UCZbuRM8Dvkv8CYyf-R1zwDrjm2cwqGs-KY8cnSQNGDiafhJetnHAinQQ7B08Pn30Z8yhltnBPex2pFoFbboD7GrtjgIGjB7Q&sds=2&rev=80217&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YfgPcAAOnxkKcQmMAAAgMwstmpiBOhCYslbnKg&u=%7CNOEoZAVT4DWH9UBHQxeQ94r5%2Fp9MnAwxiu1krlqD33A%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRI6Ii_lo2SNFOJw9zEgue1Kcz_seQPJk1ZygzKJYHm7snmfUu7zTu-min7KISmVVoTu2xENBMd8XiMa6cayCCNK1Gj6g41_qle-ac15h7ywDLwkDYyQ8A76jD1-xbkXqXO8Q5PVyS2r_LceY4XBpVKrd2BYzYTRua02kubKeBZ8T1HTaaUDMXITffBSX7PdZ8bnkQg0hVaowjndziW8JBiI-EHqN0t2JfV-ulkLBtbJSX_XZMVXlC_EN7cw7Tv5X_ZpSQXej3RDk4g-Mvl-a_-susqM1erEPiCde4vcUWAhw0HLsx7HZWVcOQweLgW2M1ETP_ii0FuuNKAt6_8aaBRvwcUfUEvtFpC6kYoMbg9U_VCZ5JtPYMhPQGBOT63nLLp3vBeM2fXg98KVyQnomkxK3PoQ9DKsGuE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwZu9cA_4YZm-OoyTxAOzwICQDpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2oAGs3f7oA8gBCeACAKgDAaoEmAJP0Okv85hbRb04-x1L-dyyA3l713PK9d-SUr2F1PBWsC0GDtOTpem-8i6Ms-7cZyr6UwX0hPjUmhOMW28TkMTD93KHisEJCXFRdI3MoJS3m3PZHh6hxoHdjjZQMq7qHohw6t9Z8QKiLPDK_kwXzqwejQqNlD6FMR3b_y1-8IL_puvi8B6lp_hJ4nfnzCqnNaRF8Oy9a-Vu4olmnDl9dUU9DcHYpNfgjiMjXspqUwD0uRxtmVz7RPrEXQoA15nw80vBvUYq3G7uUSwwP_S_653Dg5Lf0Yk-DqOAknn9WUr6-U4qlDgC_sKzugKonofSv1eH7dnvw-gWEhf1pEbf3kgIn0aE66PzHxs_iufgXa8pQM1LFN9tZmrB4AQBgAb1i-W_6crB-RegBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_034CcpUmcnbuIG3AWXnxlMT_kg0w%26client%3Dca-pub-7327662408303156%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 16:33:55 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
npm.css-loader.fcfdedff.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		1 KB
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.css-loader.fcfdedff.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C33) /
Resource Hash
05d15b90d5d0083b16e9b9917566fc391a5d2822551f3047d0abedeb4b53ec62

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
26884218
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
688
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C33)
etag
"4de-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
576633671 999467574
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 29 Jun 2022 11:35:38 GMT
default_css.0e4981f7.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/default_css.0e4981f7.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/795C) /
Resource Hash
034ef92f58ef6d441066f15a2514f3dd65bab5b42ba776c1d071bd773f1fd45f

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208436
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2647
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:19 GMT
server
ECAcc (nya/795C)
etag
"32db-5c2b015c7c6c0"
vary
Accept-Encoding
x-varnish
619597817 752719950
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:25:20 GMT
index.072f5c6.html
engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/ Frame 6C64 		213 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7897) /
Resource Hash
0ea7b10d47092c289c1c2cf5ce890521bb19b0fdf092af8c32478d88bfa01f58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
3522332
cache-control
public, max-age=31536000, immutable
content-type
text/html; charset=UTF-8
date
Mon, 31 Jan 2022 16:33:56 GMT
etag
"d5-5d3af1aec8900"
expires
Tue, 31 Jan 2023 16:25:07 GMT
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (nya/7897)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
79466485 79374047
content-length
188
hls.light.min.js
cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/ Frame 6181 		182 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb48084f1a7d8d8fc8d04196f50eca02e2de8a93332b91af55bf9cce37649bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3481360
x-jsd-version
0.12.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19129-FRA, cache-ewr18155-EWR
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2d606-yxBQBEYmlQftoUevDqxt5g6evwY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6d6458379f303354-EWR
en
am4.imds-cdn.com/api/6/asset/list/client/showcase/expand/list/provider/vwibbitz/genres/Lifestyle/rows/25/media_scheme/mp4/language/ Frame 0B31 		70 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am4.imds-cdn.com/api/6/asset/list/client/showcase/expand/list/provider/vwibbitz/genres/Lifestyle/rows/25/media_scheme/mp4/language/en
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C1A) /
Resource Hash
e0a8acb414380f461d6702f380f64c72ff9ae8d68a1d89222cb504033567869a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
464
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7185
access-control-allow-origin
*
last-modified
Mon, 31 Jan 2022 16:26:12 GMT
server
ECAcc (nya/1C1A)
x-timer
0.043
vary
Accept-Encoding
x-varnish
964317853
via
1.1 varnish
cache-control
max-age=900, x-grace=3600
accept-ranges
bytes
content-type
application/json; charset=utf-8
loader.072f5c6.js
engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/ Frame 6C64 		560 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C56) /
Resource Hash
c644c113c77dc425f7bf2ea31cead0b9ef453e60e54c539f516956329a4688c9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
3522482
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
316
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/1C56)
etag
"230-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
79466567 79401556
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:22:32 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 04D3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
521344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:44:52 GMT
npm.synacor.dead-saxy.ff4b4bdc.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/798B) /
Resource Hash
7361d0f700589a2c75a20699065577375cc67d1e38702cb6baef5dc8545bbe16

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208436
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
14781
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/798B)
etag
"e5c3-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576550377 709022930
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:35 GMT
npm.entities.62b6714b.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.entities.62b6714b.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78D0) /
Resource Hash
4e629876f06e9131d30fa228f18833fec649e00e775e25187c167453cf2e68f1

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208436
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
13403
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78D0)
etag
"94ca-5c2b015d70900"
vary
Accept-Encoding
x-varnish
614329586 752691296
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:35 GMT
npm.os.frame-jail.1cdacdb0.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.os.frame-jail.1cdacdb0.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78CC) /
Resource Hash
7b8ed82a957ce11b42b909e91f82dc310bf019fc087ac9c2e93dc978ed70ac2b

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208436
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
9209
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78CC)
etag
"9bc0-5c2b015d70900"
vary
Accept-Encoding
x-varnish
898598105 260152215
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 07 Jun 2022 08:52:05 GMT
npm.synacor.vpaid-loader.8b68bd9c.bundle.js
engage.imds-cdn.com/dist/ Frame A58E 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/npm.synacor.vpaid-loader.8b68bd9c.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/runtime.59ce392e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C30) /
Resource Hash
33ac5d23f6f7f0ce3ba0599df5b54284bb3a9a709dd700594be732480a5263d6

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208425
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
14058
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/1C30)
etag
"af3c-5c2b015d70900"
vary
Accept-Encoding
x-varnish
572759572 698711630
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:46 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame BFE3 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 31 Jan 2022 16:33:56 GMT
css
fonts.googleapis.com/ Frame BFE3 		2 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f10.1e100.net
Software
ESF /
Resource Hash
343c3f66452116621f20adc7eef6810649a590eeef134d8c791d8e97662e4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 15:22:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 16:33:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 16:33:56 GMT
White3600ChildTest_HT5_728x90.js
s0.2mdn.net/sadbundle/5751141524754661376/ Frame BFE3 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.js?1633583333959
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
sffe /
Resource Hash
4754923e9872bb96e8a6cd0b84cd7cfb354129ed28f1d3edd8b5a492fb86afd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 16:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519843
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7651
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 19:52:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Jan 2023 16:09:53 GMT
_preloader.gif
s0.2mdn.net/sadbundle/5751141524754661376/images/ Frame BFE3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5751141524754661376/images/_preloader.gif?1633583333960
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
sffe /
Resource Hash
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5751141524754661376/White3600ChildTest_HT5_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 10:50:07 GMT
x-content-type-options
nosniff
age
539029
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1949
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 19:52:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Jan 2023 10:50:07 GMT
npm.core-js.bdfadd6a.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.core-js.bdfadd6a.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7973) /
Resource Hash
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208595
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
35118
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7973)
etag
"19fd1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128424713 259778766
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:41 GMT
npm.babel.runtime.384d0496.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.babel.runtime.384d0496.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78D7) /
Resource Hash
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
28217835
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1562
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78D7)
etag
"1106-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128367342 288422873
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 01:08:42 GMT
main~safeframe.d0680278.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//main~safeframe.d0680278.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C2A) /
Resource Hash
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208621
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4770
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/1C2A)
etag
"3650-5c2b015d70900"
vary
Accept-Encoding
x-varnish
142019476 750762268
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 27 Jun 2022 14:51:16 GMT
npm.entities.62b6714b.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.entities.62b6714b.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7974) /
Resource Hash
4e629876f06e9131d30fa228f18833fec649e00e775e25187c167453cf2e68f1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208470
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
13403
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7974)
etag
"94ca-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576611190 709244304
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:46 GMT
npm.events.db12d2bd.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.events.db12d2bd.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78D0) /
Resource Hash
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208461
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1869
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78D0)
etag
"155e-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619688554 750764847
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:56 GMT
npm.jsonpath.ece13fb3.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.jsonpath.ece13fb3.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/792A) /
Resource Hash
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208470
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
26575
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/792A)
etag
"14700-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128367344 259967684
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:46 GMT
npm.os.frame-jail.1cdacdb0.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78F8) /
Resource Hash
7b8ed82a957ce11b42b909e91f82dc310bf019fc087ac9c2e93dc978ed70ac2b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208550
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
9209
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78F8)
etag
"9bc0-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128424717 259899777
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:27 GMT
npm.synacor.dead-saxy.ff4b4bdc.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7909) /
Resource Hash
7361d0f700589a2c75a20699065577375cc67d1e38702cb6baef5dc8545bbe16

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208595
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
14781
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7909)
etag
"e5c3-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576633725 709057389
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:41 GMT
npm.synacor.url-match-list.d838eb65.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.synacor.url-match-list.d838eb65.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78BD) /
Resource Hash
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208549
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
866
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78BD)
etag
"887-5c2b015d70900"
vary
Accept-Encoding
x-varnish
387696240 709301003
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 24 May 2022 11:59:19 GMT
npm.webpack.78d57302.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		518 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.webpack.78d57302.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E3) /
Resource Hash
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208550
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
290
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78E3)
etag
"206-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619822815 752783454
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:27 GMT
runtime.59ce392e.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//runtime.59ce392e.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799B) /
Resource Hash
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
3522065
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1496
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/799B)
etag
"b44-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
1045729189 1045293300
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:29:30 GMT
url_lists.2f498c63.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//url_lists.2f498c63.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C46) /
Resource Hash
5912c5a55569ea3ad9889a9e21fa23dd69ef3aa5e4a4c656158d5aac68734d5c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
8203923
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
3064
access-control-allow-origin
*
last-modified
Thu, 28 Oct 2021 16:41:07 GMT
server
ECAcc (nya/1C46)
etag
"214a-5cf6c608faec0"
vary
Accept-Encoding
x-varnish
619688556 619791550
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:33:53 GMT
safeframe.501e404a.bundle.js
engage.imds-cdn.com/dist// Frame 6C64 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//safeframe.501e404a.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C4A) /
Resource Hash
5f73689219b6223082fe22414c9290fdaf4567608bf797a952e700ecae7ae75c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
3550901
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7003
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 04:44:47 GMT
server
ECAcc (nya/1C4A)
etag
"54cf-5d3a0aa2f2dc0"
vary
Accept-Encoding
x-varnish
122367380 122494844
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:30:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A0A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 04:30:58 GMT
expires
Mon, 30 Jan 2023 04:30:58 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
129778
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E3D2 		783 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
GSE /
Resource Hash
d8559b6fee01bd9d4c586c5f3b297d816305880a200d8e68aa382b01382866d6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6KH9xcHr3QYTQ77N1bYNVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 16:33:56 GMT
date
Mon, 31 Jan 2022 16:33:56 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-6KH9xcHr3QYTQ77N1bYNVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
url-list.js
engage.imds-cdn.com/ Frame A58E 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/url-list.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/url_lists.2f498c63.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D0) /
Resource Hash
1d6c771d5a031898c49a43f646165414ca6cea0d2c24bbed59a3828d8641c0fe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
225
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1990
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:27 GMT
server
ECAcc (nya/79D0)
etag
"168d-5d3af1add46c0"
vary
Accept-Encoding
x-varnish
427649359 427649350
via
1.1 varnish
cache-control
public, max-age=900, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 31 Jan 2022 16:48:55 GMT
ron_cnhi_reflex_dtp_300x250.json
reflex-engage.imds-cdn.com/v/5284/syn.cnhi/ Frame A58E 		430 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reflex-engage.imds-cdn.com/v/5284/syn.cnhi/ron_cnhi_reflex_dtp_300x250.json
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78C6) /
Resource Hash
e81cb9a20f10b69a3628a037de8a91d025dc3b1ffbae0d29afea5e2cc10d6644

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 14:57:11 GMT
server
ECAcc (nya/78C6)
age
8
etag
"3e8763e6bb8c0f50e0d76729759f35d3+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=900, immutable
x-amz-request-id
D6SG6BVJEFC1VW48
x-cache
HIT
content-length
219
x-amz-id-2
7yyEoaydMZmzy2ecF+YOYkkwFgcRSc06fYjZ7lHJlAjT4gVugQTcRn009VH6Cxl8haFIM9gmxps=
async_usersync
ib.adnxs.com/ Frame E8C5 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
dcb3b085-eea4-4bec-8467-4e98947481bb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BE8A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_wOONuBQQhSI5bnKpwJwMgJv-Ubui81H8D8rOwFnuuUeFJlghBpR0EG-7PU7U5LOTEfDDIc2AYXKRj-VmCH-TxsRd_TyCc9eD1u3yZgUN22pkhLFhFxonHS75qrty9Ab9PDkRKRvOoQKFLwbFd-rtry8xozwFGzDcxNWBhFzkmfOCNjMYlKHPAElnjR0IZiHr65DKsziYCtvO6n2aVuK7HDUVK3SWXoqdAyYyh3lipNHIsldbduf5WPGAiZYgvYhkKZkaGQPVVVpNy1ck8GviBYChQLfSnoJS5TVpDc8sk9h_BEPR-5r5sVUm_GiAmLCztviAK6jYCqNQfQcME4LwfTkh-w&sig=Cg0ArKJSzE70KgkBXf4REAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 16:33:56 GMT
truncated
/ Frame 5376 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f28f410c7a2df9fc3b0ce33b819bcc7ee59537e85ce9c3ece2c78f9fe19c7a2c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A020 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-jAzr0qKZuQxay6gUVUPSTqBjmTW6sXjFWp3bLOVok10Y1kH4xxkNAoxwvIh5HVPEfz7OXVDZuvYOJ9Jwi11ZjXuHrnbG2ibgzZ9YrRQw8xZRzv3XIXZ6SgCvrXjKfKGiqf4qEIGrLKicMMR83zQULUpxumksaCxzpfxvcn5ATIuvnIl7L-Sz9bfzz_yY1Gp_V8iBWvt8aprDsTDMUDbXZZRrLU24CSBcR0rE8ZlTv1MSMxHY5I9VDlMpe5zdnz8L9xzb33aTKhAn1QJVjCfH5n6n58OsOl80OwTy2g5wolVD_ybht6sVnkFxdtqzNmAqe2kiTmuYrljohUdj288RPEcS2Q&sig=Cg0ArKJSzLWzrkDZVH-NEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 16:33:56 GMT
uat_87066.js
ad-cdn.technoratimedia.com/00/00/00/ Frame 6C64 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/00/00/00/uat_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fcnhi_engage_reflex_ron_payload&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6D) /
Resource Hash
c9d920ca022c8a5bb6dcd90e540f3f5d402b41cafa552d2c8f344d843d8ae62d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
content-md5
flIcZH7XBxVKFKXPEDWk8w==
age
852
x-cache
HIT
storage-tier
Standard
content-length
5887
opc-request-id
iad-1:p3vEYduep4IL4tOfrE0f--UsjsdRpLl79mFjLlxKELl_BAZglvUaHhyFHFAGYWgX
access-control-allow-origin
*
last-modified
Tue, 25 Jan 2022 20:06:04 GMT
server
ECAcc (nya/1C6D)
x-api-id
native
etag
7cd2781d-0b42-4ac0-8735-0dfacf987687
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
version-id
453971f8-ec53-45ed-a727-150b0c2ae714
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
cache-control
max-age=900
access-control-allow-credentials
true
expires
Mon, 31 Jan 2022 16:48:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 57BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstVxVDWmK63W2Jya8p2Pg2uDr2iOwS2HmkNc6OJcMlc7SfABWNAKqNoFyPJtPIxjs_dWEzE6Zd0q59Qaycosd-lMIaivtEEubcO-dKqxDsdQOAuuRYJwOAsUw-uOapcDGVS9Df_pz9ujV4i6_ki-G4uDsXQPJsINBLaGE4OW2ZUE8RmYuRFMzka91fppTnDYW-1WZ4VmV0BWfiUB-Xki6CfDpOR8zCWXLTXLMJLRj_MVoV2bps4NU3aB-vJd4tBxqbgimPNk_H45va2gZpCfV_klXuF27ZUE1PRxxJW_Fd33weOg0V3cMqLO-ZvCvWGNaHTQUbYJkIGIJe5i0&sig=Cg0ArKJSzKqzWHoKUpOYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 16:33:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FAC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt0jCrq23MQchFx3F8ibIrytlZyt9fwx9dU-UHjuky6IaaMfT3RlSNOlEMakLhmhGRLqmd-3n5InEd6hOEGPUrZNgSGNLVlwcziow7-0DALsauAPSNJixzykiKz_b_cw_HK2mcNE_pEfhPP1VgoLLlkBgfs0CVAW6nk8AnDOU3z7hvzf5JvjMUEqCkmotyCEJqQknQg14GCP8DnYktytxWHvt34X1_1um2aA-MVnuK5Y_msUUSKvIxcLU3EHJoY9VkJr2FfZr8Ovq3TKbx1pq_xc_WkCWBVJexIFE030hDkJREjxdK2z5sbLAtbOm_uwpYFvcp_T7tgZSff3kQw2LIZ4sNVFSUcg&sig=Cg0ArKJSzMA37ehkC-mJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 16:33:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FAC6 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
40f188978634d504a536eecb89ef9799c76888a80e2ef6220e9f3b6e190a41da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9097
x-xss-protection
0
truncated
/ Frame A58E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
114ec1413a432ab8e953f6a9b3ec8e09aa458c5cf4b44939b5a64fb56a9e683c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A58E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOu1ZVXuiq40zFPkVVOejUA1SbjZKMTgEh2uqh27k1-xsUJ78POetadGyGsH5bXEWolngFdlWlgoRCFmnODUgekwQP2KUujrtXIkpQ3DjtfRZqEzKYEincNAVFOjFpKrkWnFYodtJotW6KWGxNID4DNB6rMEh0tsN-iKQ8V0T3WUb7HrfO7w7gs1UB6CD0FBNTli4O2bWIwQPvVlqp2KfXTVpHcUKVYmUAvxgbhcgKGTHS2Jskl1q1jJ5d9ZiaghcNAGO2xkTjLBD56sUvY9aHoeINaiQ0Jq34Tg9tVZlNwIMbBELqi98ZldNdrPrDDhMD42bzfxQQcZcc-ndE5mHKH7yK5Glmwl9Fq4lD6biW&sig=Cg0ArKJSzHM1W7aIyqzsEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 16:33:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5376 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzxQaVjMjUZTAt1id0q4YRc07ljenauXlmy0X8c7X17urDfzofSH4MKRma9kDDrsqKXt30JdiU5gMdYYlwZl3B7Wxxtn857bt58NHJC-IDDh8PPKUrCNuBaQqx-bHHnKyqLBmF8DqdM5tCIA0XHYM1-d0n-ppu1hiAX3Db1piV4ttmp4bHXiudmInY3S3r0SBDlruDpwoLD69o5-nVPfH0VHNQk1on0a9a--YnLSwylH8Mu28j6wEjCvlcAaW1Y_SelzXiEHIzgMGMmSn2VNanh7NmYMRboq2g_wRdaBxwvIY5JEY-HepUSLo0fc5gaSNXmnWRu3I-Z5bE3yIt5JbLPLfnUg&sig=Cg0ArKJSzADcETcBvhcLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 16:33:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5376 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012505&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
8e27d2f302138767c38690aab3c080156e9109cf01a196c24c197c1979dd350d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9071
x-xss-protection
0
truncated
/ Frame 0B31 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
634f034f5522c3670f06116b2c75cbb4de31a9b17889b3a10f3431847d40597d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0B31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssu4iW9DjV7vLzRbhUYMOyefUQ1Pw7-3MnflI7s9paRNCElsIHLsUAxXL-3CB-c9FNv4EbA-jybdq5-jCdg58nAZ-UWpElp_uVdFA68jOaQxBK9YY1X2JD7F9NZ3cO-vx190i24CC6yAVoDmVpjYuAkwW2dHjeBUWbnjalNhZ6O4yrbLT-XxaKjStVerijvoiWUfw6ul6vDPBpcFMO51pXERIzoVxZiWV1XoqASD8gBedLquBgxaUKska3RcU9WnG0tkvAAkWkDC7yvvzD8GyzbQjCxPR539YbmGSs6fcUucyDxQseSZvs_Ndg70UnWnS1J&sig=Cg0ArKJSzORvvlqpSeGTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 16:33:56 GMT
uat_87066.js
ad-cdn.technoratimedia.com/00/00/00/ Frame AEB6 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/00/00/00/uat_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6D) /
Resource Hash
c9d920ca022c8a5bb6dcd90e540f3f5d402b41cafa552d2c8f344d843d8ae62d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
content-md5
flIcZH7XBxVKFKXPEDWk8w==
age
852
x-cache
HIT
storage-tier
Standard
content-length
5887
opc-request-id
iad-1:p3vEYduep4IL4tOfrE0f--UsjsdRpLl79mFjLlxKELl_BAZglvUaHhyFHFAGYWgX
access-control-allow-origin
*
last-modified
Tue, 25 Jan 2022 20:06:04 GMT
server
ECAcc (nya/1C6D)
x-api-id
native
etag
7cd2781d-0b42-4ac0-8735-0dfacf987687
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
version-id
453971f8-ec53-45ed-a727-150b0c2ae714
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
cache-control
max-age=900
access-control-allow-credentials
true
expires
Mon, 31 Jan 2022 16:48:56 GMT
hls.light.min.js
cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/ Frame DFB3 		182 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb48084f1a7d8d8fc8d04196f50eca02e2de8a93332b91af55bf9cce37649bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3481360
x-jsd-version
0.12.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19129-FRA, cache-ewr18155-EWR
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2d606-yxBQBEYmlQftoUevDqxt5g6evwY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6d64583a5d203354-EWR
en
am4.imds-cdn.com/api/6/asset/list/client/showcase/expand/list/provider/vwibbitz/genres/Lifestyle/rows/25/media_scheme/mp4/language/ Frame A58E 		70 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am4.imds-cdn.com/api/6/asset/list/client/showcase/expand/list/provider/vwibbitz/genres/Lifestyle/rows/25/media_scheme/mp4/language/en
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C1A) /
Resource Hash
e0a8acb414380f461d6702f380f64c72ff9ae8d68a1d89222cb504033567869a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
464
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7185
access-control-allow-origin
*
last-modified
Mon, 31 Jan 2022 16:26:12 GMT
server
ECAcc (nya/1C1A)
x-timer
0.043
vary
Accept-Encoding
x-varnish
964317853
via
1.1 varnish
cache-control
max-age=900, x-grace=3600
accept-ranges
bytes
content-type
application/json; charset=utf-8
SPug
simage4.pubmatic.com/AdServer/ Frame A7F4 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 5C65 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7917) /
Resource Hash
80c3b0bb3843e2e6e04ae445d0096615e1d11172c1959e6b7c49094e25498238

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
402
cache-control
max-age=900
content-md5
QCSeq2FKawOpVfv0E2CAsg==
content-type
text/html; charset=utf-8
date
Mon, 31 Jan 2022 16:33:56 GMT
etag
37bc1cf3-694b-48fb-bcf6-07886e29e3bd
expires
Mon, 31 Jan 2022 16:48:56 GMT
last-modified
Tue, 25 Jan 2022 20:06:01 GMT
opc-request-id
iad-1:ZeRCJYvHldXx43cS4J9VI_uExnZ3b7WnCokQPGEuhR6febiTGjkBj6j5WEgoqOWT
server
ECAcc (nya/7917)
storage-tier
Standard
vary
Accept-Encoding
version-id
bd9997b4-74c0-44b1-b547-14aba203aaf5
x-api-id
native
x-cache
HIT
content-length
6224
adserv_87066.js
adtag.technoratimedia.com/ Frame 6C64 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtag.technoratimedia.com/adserv_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fcnhi_engage_reflex_ron_payload&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback&&disp=referrer&tmiv=1&tcb=0.006746600337322439&abv=BTF
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
57e3c170fa4e9e75966f0570199c6e94aaf1e3fadf84ded37f8051f94b88283a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
https://engage.imds-cdn.com/
access-control-allow-credentials
true
x-varnish
609741522
accept-ranges
bytes
content-length
1093
via
1.1 varnish
bid
ap.lijit.com/rtb/ 		94 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.29.0-pre
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
587db890b1ef5d6613769153c53a35f6347e85edf3fe5781339e3c79a838ac2b

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Jan 2022 16:33:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.kokomotribune.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
trinity.json
apex.go.sonobi.com/ 		839 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%225ed4f7dac2f776%22%3A%22121808278466059cd0bb%7C300x250%22%2C%226b015324dddd42%22%3A%22121808278466059cd0bb%7C300x250%22%7D&ref=https%3A%2F%2Fwww.kokomotribune.com%2F&s=b748c367-5fb2-4eb6-a16d-f3908d916cac&pv=e25a61d4-e4d5-4d3a-903f-7ba976cb21a3&vp=desktop&lib_name=prebid&lib_v=4.29.0-pre&us=5&ius=1
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
42cb06e5da71ace9dea336071f06d9f9d5dc139cc9d368e3769ee8510fd41329
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-91
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.kokomotribune.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
504
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8e7af9d622fdec3950bda54d1ef4a7528f1aacc6df4a13622a5659b3206df16a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Jan 2022 16:33:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
09433c11-4d87-4657-b239-15f1002d22cb
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.kokomotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
justapinch-com-d.openx.net/w/1.0/ 		175 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kokomotribune.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1a57551b-052b-4b72-a2d8-7feb47e23f6a%2C6dbf3c78-72f0-4915-9d4f-99d745544837&nocache=1643646836645&aus=300x250%7C300x250&divIds=ahm_widg_id_3%2Cahm_widg_id_7&auid=544092638%2C544092638
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
fb5498d21f05b86228749f53929d60ab329754c9a3566b926723a78ea9fdf570

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.kokomotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=594615&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22137047e77ade535%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kokomotribune.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0-pre%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221435aac3cc55861%22%2C%22ext%22%3A%7B%22siteID%22%3A%22594615%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215a21627cff643%22%2C%22ext%22%3A%7B%22siteID%22%3A%22594615%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.50.75.217 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-75-217.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1bbabdc6a8165c49d6634ec2d8e562c97546f65094bee580704b7242e1c3e603

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
x-ak-initial-geo
CC:[US], RC:[NY], CN:[NA], CIP:[37.120.138.195], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.kokomotribune.com
x-cs-client-geo
01
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
01
expires
Mon, 31 Jan 2022 16:33:56 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96944c0178781371c5137e6cb8000d&pos=8a969cb9017878136882137ec1c60012&cmd=bid&secure=1
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5a1534f0a982f9f46d3cf2ecb9858b79563feccce09bbd595ed98ea47d64fbcb

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96944c0178781371c5137e6cb8000d&pos=8a969cb9017878136882137ec1c60012&cmd=bid&secure=1
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e7e4b3d7efe78244f34fba52d30b8344520df9e430b1103c5768de912fb90148

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kokomotribune.com
access-control-allow-credentials
true
content-length
62
usersync.html
ad-cdn.technoratimedia.com/html/ Frame BB6C 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/00/00/00/uat_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C42) /
Resource Hash
80c3b0bb3843e2e6e04ae445d0096615e1d11172c1959e6b7c49094e25498238

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
402
cache-control
max-age=900
content-md5
QCSeq2FKawOpVfv0E2CAsg==
content-type
text/html; charset=utf-8
date
Mon, 31 Jan 2022 16:33:56 GMT
etag
37bc1cf3-694b-48fb-bcf6-07886e29e3bd
expires
Mon, 31 Jan 2022 16:48:56 GMT
last-modified
Tue, 25 Jan 2022 20:06:01 GMT
opc-request-id
iad-1:ZeRCJYvHldXx43cS4J9VI_uExnZ3b7WnCokQPGEuhR6febiTGjkBj6j5WEgoqOWT
server
ECAcc (nya/1C42)
storage-tier
Standard
vary
Accept-Encoding
version-id
bd9997b4-74c0-44b1-b547-14aba203aaf5
x-api-id
native
x-cache
HIT
content-length
6224
adserv_87066.js
adtag.technoratimedia.com/ Frame AEB6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtag.technoratimedia.com/adserv_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback&&disp=referrer&tmiv=1&tcb=0.8802649869804546&abv=BTF
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/00/00/00/uat_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
4af56ef950b2e57a1f574fe6323ecd810d0b95f8731dd7b6e98d4ad2e94631e5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
access-control-allow-credentials
true
x-varnish
643455522
accept-ranges
bytes
content-length
1092
via
1.1 varnish
index.072f5c6.html
engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/ Frame FC9A 		213 B
252 B 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/main.dd28bbab.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7897) /
Resource Hash
0ea7b10d47092c289c1c2cf5ce890521bb19b0fdf092af8c32478d88bfa01f58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
3522332
cache-control
public, max-age=31536000, immutable
content-type
text/html; charset=UTF-8
date
Mon, 31 Jan 2022 16:33:56 GMT
etag
"d5-5d3af1aec8900"
expires
Tue, 31 Jan 2023 16:25:07 GMT
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (nya/7897)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
79466485 79374047
content-length
188
async_usersync
ib.adnxs.com/ Frame 602C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
2e7fdd6b-4155-4465-8c0a-5fa43d9a7767
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 3A0A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
521345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:44:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FAC6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E3D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012505&jk=2639884059872518&rc=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
loader.072f5c6.js
engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/ Frame FC9A 		560 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C56) /
Resource Hash
c644c113c77dc425f7bf2ea31cead0b9ef453e60e54c539f516956329a4688c9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
3522482
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
316
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/1C56)
etag
"230-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
79466567 79401556
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:22:32 GMT
usync.html
eus.rubiconproject.com/ Frame 53E4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 16:33:56 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
date
Mon, 31 Jan 2022 16:33:56 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3483 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=27969
expires
Tue, 01 Feb 2022 00:20:05 GMT
date
Mon, 31 Jan 2022 16:33:56 GMT
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame AA55 		883 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
9f77d2b206ad096aaf6878347829c5bcddf2d245411fda33b4175dfe9b1a1894

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 31 Jan 2022 16:33:56 GMT
content-type
text/html
content-length
518
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.html
cdn.districtm.io/ids/ Frame FA41
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=101769
  • https://cdn.districtm.io/ids/index.html?sellerid=101769
116 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=101769
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-type
text/html
cf-ray
6d64583a59a615a7-EWR
age
9758
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 6265ab4d72053dc7cb93b359f1255480.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
oV1mjGBeAJOwPHdarDM-zPXbzDUFZn1h6z6HFuSIsV3hzllgEr3K5g==
x-amz-cf-pop
EWR52-C4
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Mon, 31 Jan 2022 16:33:56 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=101769
cf-ray
6d64583a294815a7-EWR
cache-control
max-age=3600
expires
Mon, 31 Jan 2022 17:33:56 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ps
pixel.33across.com/ Frame 237D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

x-33x-status
200000000000000002000088
server
33XP004
date
Mon, 31 Jan 2022 16:33:56 GMT
/
onetag-sys.com/usync/ Frame 5BF2 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 6508 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
4c39f5d08e6fadde3ffd025fc835d15c28b51262f684b34b053543e882ac61c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-type
text/html; charset=utf-8
content-length
495
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
technorati
sync.1rx.io/usersync2/ Frame 5C65 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync2/technorati
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
services
uat-net.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
0
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
895225609
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
services
sync.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4909702476009743137
0
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4909702476009743137
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
775142123
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c172d664-2a60-4f83-b911-2b5f292891ce
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4909702476009743137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
810301630
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2033
content-length
185
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
sync
sync.bfmio.com/ Frame 5C65
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Server
54.243.106.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-106-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 31 Jan 2022 16:33:56 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame 5C65
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=163
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Server
54.243.106.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-106-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 31 Jan 2022 16:33:56 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
services
uat-net.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=926f08b8-82b3-11ec-929d-1ee132960503
0
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=926f08b8-82b3-11ec-929d-1ee132960503
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
651970371
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
nginx
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=926f08b8-82b3-11ec-929d-1ee132960503
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
69
Connection
keep-alive
Content-Length
0
syn
match.prod.bidr.io/cookie-sync/ Frame 5C65 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/syn
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.214.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-214-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
sync.targeting.unrulymedia.com/csync/ Frame 5C65
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005&rndcb=3569068596
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1f612897-dbf9-4d3c-b640-ec045dee66c8&user_group=1&ssp=adconductor&bsw_param=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://sync.1rx.io/usersync/bidswitch/f099e3ae-440c-48b2-9845-1d4b4b9f77d8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
services
uat-net.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=7551d5a1-6701-484c-855b-a0261d33ce27
0
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=7551d5a1-6701-484c-855b-a0261d33ce27
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
872450357
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=7551d5a1-6701-484c-855b-a0261d33ce27
date
Mon, 31 Jan 2022 16:33:56 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
0
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
715371516
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
date
Mon, 31 Jan 2022 16:33:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
uat-net.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YfgPcVN.dLfCtiUyYqeTcwAA%26989
0
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
860991856
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
285
Expires
Mon, 31 Jan 2022 16:33:56 GMT
services
uat-net.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%%
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=voXcyPVxQiGh&pid=83
0
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&uid=voXcyPVxQiGh&pid=83
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
715371518
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://uat-net.technoratimedia.com/services?srv=cs&uid=voXcyPVxQiGh&pid=83
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-c97897cf6-4bnvn
expires
-1
usersync
match.bnmla.com/ Frame 5C65 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000237&redir=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs%26pid=84%26uid=%5BUUID%5D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
services
sync.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=23648134860141EF92D2E2886F7673DB&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%...
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=UCFUID
0
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=UCFUID
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
731138631
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=UCFUID
date
Mon, 31 Jan 2022 16:33:56 GMT
connection
close
content-length
88
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
services
uat-net.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://pixel.advertising.com/ups/58150/sync?_origin=1&redir=true&uid=23648134860141EF92D2E2886F7673DB
  • https://ups.analytics.yahoo.com/ups/58150/sync?_origin=1&redir=true&uid=23648134860141EF92D2E2886F7673DB&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=47&uid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
0
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=47&uid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
891587393
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=47&uid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
date
Mon, 31 Jan 2022 16:33:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 5C65
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=23648134860141EF92D2E2886F7673DB
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&ssp=synacor&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10604851223583558621&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=131a2ce2-e10b-4246-8be8-cd21cd382fed&ssp=synacor&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850504048006765284&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10604851223583558621&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10604851223583558621&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Server
18.197.240.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-240-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10604851223583558621&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
services
uat-net.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=23648134860141EF92D2E2886F7673DB
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=6e086bef306a121b&is_secure=true&networkId=63258&version=1&nuid=23648134860141EF92D2E2886F7673DB
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAGblmjalQplgN_qHOxAAAAAAA&expiration=1643733237&nuid=23648134860141EF92D2E2886F7673DB&is_secure=true
0
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAGblmjalQplgN_qHOxAAAAAAA&expiration=1643733237&nuid=23648134860141EF92D2E2886F7673DB&is_secure=true
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
830912010
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAGblmjalQplgN_qHOxAAAAAAA&expiration=1643733237&nuid=23648134860141EF92D2E2886F7673DB&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
services
sync.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://pixel.advertising.com/ups/58182/sync?&gdpr=&gdpr_consent=&redir=true&uid=23648134860141EF92D2E2886F7673DB
  • https://ups.analytics.yahoo.com/ups/58182/sync?&gdpr=&gdpr_consent=&redir=true&uid=23648134860141EF92D2E2886F7673DB&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
  • https://sync.technoratimedia.com/services?srv=cs&pid=52&uid=y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
0
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=52&uid=y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
761709627
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=52&uid=y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
date
Mon, 31 Jan 2022 16:33:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
sync.technoratimedia.com/ Frame 5C65
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=23648134860141EF92D2E2886F7673DB&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=2866484375683580000V10
0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=2866484375683580000V10
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
755059324
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 31 Jan 2022 16:33:57 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=2866484375683580000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 31 Jan 2022 16:33:57 GMT
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame 5C65 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=23648134860141EF92D2E2886F7673DB
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1944
bid
cs.chocolateplatform.com/ Frame 5C65 		0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/bid?advid=5704&bcid=23648134860141EF92D2E2886F7673DB
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.101.174 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
174.101.212.35.bc.googleusercontent.com
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
Chocolate Cookie Sync Powered by Vdopia
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/javascript
technorati
sync.1rx.io/usersync2/ Frame BB6C 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync2/technorati
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
0
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
858634166
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
usync.html
eus.rubiconproject.com/ Frame FAFE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 16:33:56 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
date
Mon, 31 Jan 2022 16:33:56 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3FF6 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=27969
expires
Tue, 01 Feb 2022 00:20:05 GMT
date
Mon, 31 Jan 2022 16:33:56 GMT
vary
Accept-Encoding
services
sync.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4909702476009743137
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4909702476009743137
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
697791533
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
36877b2f-2cc7-47ac-94b6-937d6a71201b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4909702476009743137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 416F 		1 KB
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e90c68eeb9f340c373b9831bcbc751894e09f773121af629881af1c98f65951f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 31 Jan 2022 16:33:56 GMT
content-type
text/html
content-length
692
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.html
cdn.districtm.io/ids/ Frame B71C
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=101769
  • https://cdn.districtm.io/ids/index.html?sellerid=101769
116 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=101769
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-type
text/html
cf-ray
6d64583aba2015a7-EWR
age
9758
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
8bIPBvj9ncepWnjlmBZSeA44ZnlzM4OqoWmFatLxsyUNV6-p6mC-XQ==
x-amz-cf-pop
EWR52-C4
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Mon, 31 Jan 2022 16:33:56 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=101769
cf-ray
6d64583a89da15a7-EWR
cache-control
max-age=3600
expires
Mon, 31 Jan 2022 17:33:56 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
de.tynt.com/deb/ Frame 337C
Redirect Chain
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
5e943aba4b3dfeabd8cc7ed072796380457fca9b6dce20e94b4a31fbe818fa65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
2385
date
Mon, 31 Jan 2022 16:33:56 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
8340000A
server
33XP001
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
content-length
0
date
Mon, 31 Jan 2022 16:33:56 GMT
services
sync.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
755059328
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1405
content-length
185
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
sync
sync.bfmio.com/ Frame BB6C
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Server
54.243.106.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-106-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 31 Jan 2022 16:33:56 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame BB6C
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=163
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Server
54.243.106.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-106-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 31 Jan 2022 16:33:56 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=926f08b8-82b3-11ec-929d-1ee132960503
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=926f08b8-82b3-11ec-929d-1ee132960503
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
755838815
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
nginx
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=926f08b8-82b3-11ec-929d-1ee132960503
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
158
Connection
keep-alive
Content-Length
0
syn
match.prod.bidr.io/cookie-sync/ Frame BB6C 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/syn
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.214.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-214-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
sync.targeting.unrulymedia.com/csync/ Frame BB6C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005&rndcb=6118671694
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=a...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/f099e3ae-440c-48b2-9845-1d4b4b9f77d8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
/
onetag-sys.com/usync/ Frame C9BE 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=7551d5a1-6701-484c-855b-a0261d33ce27
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=7551d5a1-6701-484c-855b-a0261d33ce27
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
755838813
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=7551d5a1-6701-484c-855b-a0261d33ce27
date
Mon, 31 Jan 2022 16:33:56 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
891587385
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
date
Mon, 31 Jan 2022 16:33:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YfgPcVN.dLfCtiUyYqeTcwAA%26989
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
724876288
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
285
Expires
Mon, 31 Jan 2022 16:33:56 GMT
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%%
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=voXcyPVxQiGh&pid=83
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&uid=voXcyPVxQiGh&pid=83
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
873476356
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://uat-net.technoratimedia.com/services?srv=cs&uid=voXcyPVxQiGh&pid=83
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-c97897cf6-4bnvn
expires
-1
usersync
match.bnmla.com/ Frame BB6C 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000237&redir=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs%26pid=84%26uid=%5BUUID%5D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sync
eb2.3lift.com/ Frame 66F5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
a335b1173687071484c2b20285ec59bf29f43afc9f07d71304647681bc34962c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-type
text/html; charset=utf-8
content-length
436
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
services
sync.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=23648134860141EF92D2E2886F7673DB&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%...
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=UCFUID
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=UCFUID
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
694415093
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=UCFUID
date
Mon, 31 Jan 2022 16:33:56 GMT
connection
close
content-length
88
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://pixel.advertising.com/ups/58150/sync?_origin=1&redir=true&uid=23648134860141EF92D2E2886F7673DB
  • https://ups.analytics.yahoo.com/ups/58150/sync?_origin=1&redir=true&uid=23648134860141EF92D2E2886F7673DB&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=47&uid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=47&uid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
818399011
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=47&uid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
date
Mon, 31 Jan 2022 16:33:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=23648134860141EF92D2E2886F7673DB
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=synacor
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455420248101649&expires=30&ssp=synacor
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
0
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
763443215
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Location
//uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Date
Mon, 31 Jan 2022 16:33:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
services
uat-net.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=23648134860141EF92D2E2886F7673DB
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=560972f59bf0121a&is_secure=true&networkId=63258&version=1&nuid=23648134860141EF92D2E2886F7673DB
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAGbw-JjEsGQwNSxergAAAAAAA&expiration=1643733237&nuid=23648134860141EF92D2E2886F7673DB&is_secure=true
0
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAGbw-JjEsGQwNSxergAAAAAAA&expiration=1643733237&nuid=23648134860141EF92D2E2886F7673DB&is_secure=true
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
830912004
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAGbw-JjEsGQwNSxergAAAAAAA&expiration=1643733237&nuid=23648134860141EF92D2E2886F7673DB&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
services
sync.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://pixel.advertising.com/ups/58182/sync?&gdpr=&gdpr_consent=&redir=true&uid=23648134860141EF92D2E2886F7673DB
  • https://ups.analytics.yahoo.com/ups/58182/sync?&gdpr=&gdpr_consent=&redir=true&uid=23648134860141EF92D2E2886F7673DB&apid=UP91fa012b-82b3-11ec-9212-0e2d0ba359af
  • https://sync.technoratimedia.com/services?srv=cs&pid=52&uid=y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=52&uid=y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
626584748
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=52&uid=y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
date
Mon, 31 Jan 2022 16:33:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
sync.technoratimedia.com/ Frame BB6C
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=23648134860141EF92D2E2886F7673DB&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=2866484375683587000V10
0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=2866484375683587000V10
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
833559323
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 31 Jan 2022 16:33:57 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=2866484375683587000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 31 Jan 2022 16:33:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5376 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:56 GMT
psa.js
ad-cdn.technoratimedia.com/psa/ Frame 6C64 		2 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/psa/psa.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6B) /
Resource Hash
3adaa4daf4886e87addc1d25cf0b421cd6ed149dcb621ad42011b681df46e07e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
content-md5
80D94lJ24kMbEOUahXW9bw==
age
549
x-cache
HIT
storage-tier
Standard
content-length
706
opc-request-id
iad-1:shWasM3W3bslCvNhvP4EWzCJED0s12kdTemrSoZLgNgK0-HUErtKCKxn7EDcf5Bk
access-control-allow-origin
*
last-modified
Thu, 13 Jan 2022 01:08:46 GMT
server
ECAcc (nya/1C6B)
x-api-id
native
etag
866d78ec-d693-4bc1-ba7f-77670daab957
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
version-id
a4399842-860c-4d55-859f-4f3539979e90
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
cache-control
max-age=900
access-control-allow-credentials
true
expires
Mon, 31 Jan 2022 16:48:56 GMT
pixel
uat-net.technoratimedia.com/ Frame 6C64 		0
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/pixel?rid=17238329699278340&id=3&bid=TMX&mkt=2&sz=300x250
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
729172126
access-control-allow-origin
https://engage.imds-cdn.com/
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
npm.core-js.bdfadd6a.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.core-js.bdfadd6a.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7973) /
Resource Hash
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208595
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
35118
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7973)
etag
"19fd1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128424713 259778766
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:41 GMT
npm.babel.runtime.384d0496.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.babel.runtime.384d0496.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78D7) /
Resource Hash
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
28217835
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1562
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/78D7)
etag
"1106-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128367342 288422873
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Jun 2022 01:08:42 GMT
main~safeframe.d0680278.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//main~safeframe.d0680278.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C2A) /
Resource Hash
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208621
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4770
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/1C2A)
etag
"3650-5c2b015d70900"
vary
Accept-Encoding
x-varnish
142019476 750762268
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 27 Jun 2022 14:51:16 GMT
npm.entities.62b6714b.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.entities.62b6714b.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7974) /
Resource Hash
4e629876f06e9131d30fa228f18833fec649e00e775e25187c167453cf2e68f1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208470
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
13403
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7974)
etag
"94ca-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576611190 709244304
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:46 GMT
npm.events.db12d2bd.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.events.db12d2bd.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78D0) /
Resource Hash
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208461
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1869
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78D0)
etag
"155e-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619688554 750764847
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:56 GMT
npm.jsonpath.ece13fb3.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.jsonpath.ece13fb3.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/792A) /
Resource Hash
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208470
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
26575
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/792A)
etag
"14700-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128367344 259967684
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:46 GMT
npm.os.frame-jail.1cdacdb0.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78F8) /
Resource Hash
7b8ed82a957ce11b42b909e91f82dc310bf019fc087ac9c2e93dc978ed70ac2b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208550
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
9209
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78F8)
etag
"9bc0-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128424717 259899777
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:27 GMT
npm.synacor.dead-saxy.ff4b4bdc.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7909) /
Resource Hash
7361d0f700589a2c75a20699065577375cc67d1e38702cb6baef5dc8545bbe16

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208595
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
14781
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7909)
etag
"e5c3-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576633725 709057389
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:41 GMT
npm.synacor.url-match-list.d838eb65.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		2 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.synacor.url-match-list.d838eb65.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78BD) /
Resource Hash
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208549
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
866
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78BD)
etag
"887-5c2b015d70900"
vary
Accept-Encoding
x-varnish
387696240 709301003
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 24 May 2022 11:59:19 GMT
npm.webpack.78d57302.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		518 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.webpack.78d57302.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E3) /
Resource Hash
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
22208550
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
290
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78E3)
etag
"206-5c2b015d70900"
vary
Accept-Encoding
x-varnish
619822815 752783454
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:23:27 GMT
runtime.59ce392e.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//runtime.59ce392e.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799B) /
Resource Hash
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
3522065
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1496
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/799B)
etag
"b44-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
1045729189 1045293300
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:29:30 GMT
url_lists.2f498c63.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//url_lists.2f498c63.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C46) /
Resource Hash
5912c5a55569ea3ad9889a9e21fa23dd69ef3aa5e4a4c656158d5aac68734d5c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
8203923
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
3064
access-control-allow-origin
*
last-modified
Thu, 28 Oct 2021 16:41:07 GMT
server
ECAcc (nya/1C46)
etag
"214a-5cf6c608faec0"
vary
Accept-Encoding
x-varnish
619688556 619791550
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:33:53 GMT
safeframe.501e404a.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//safeframe.501e404a.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/js/loader.072f5c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C4A) /
Resource Hash
5f73689219b6223082fe22414c9290fdaf4567608bf797a952e700ecae7ae75c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
content-encoding
gzip
age
3550901
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7003
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 04:44:47 GMT
server
ECAcc (nya/1C4A)
etag
"54cf-5d3a0aa2f2dc0"
vary
Accept-Encoding
x-varnish
122367380 122494844
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 31 Jan 2023 16:30:14 GMT
usync.js
eus.rubiconproject.com/ Frame 53E4 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60a4b7df11899f4c2beadd6c42358b829739aef12cedd672a26839b1273a433f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16143
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 31 Jan 2022 21:03:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DF7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 04:30:58 GMT
expires
Mon, 30 Jan 2023 04:30:58 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
129779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D3F4 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
GSE /
Resource Hash
c71d7d49487186b449a04e523d982c033c9c6a6bb29a12b20044700775931246
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nveBlp6MYwA+rvxYYFuZ7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 16:33:57 GMT
date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-nveBlp6MYwA+rvxYYFuZ7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
services
sync.technoratimedia.com/ Frame AA55 		0
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=d40690de-76fa-43d2-8628-50dbefcf0f2d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
735624675
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true
sd
us-u.openx.net/w/1.0/ Frame AA55
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1D531_EA90DFED_6D890629
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1D531_EA90DFED_6D890629
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1D531_EA90DFED_6D890629
Date
Mon, 31 Jan 2022 16:33:57 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
194
Strict-Transport-Security
max-age=-326633637; includeSubDomains
Content-Type
text/html; charset=utf-8
sync
s.cpx.to/ Frame AA55 		95 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=a957f373-2d05-47ee-8e7e-b617dab82e49&dsp=OPENX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.87.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-87-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 31 Jan 2022 16:33:57 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 31 Jan 2022 16:33:57 UTC
sd
us-u.openx.net/w/1.0/ Frame AA55
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=Wwci36GL1NezCR5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=Wwci36GL1NezCR5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:56 GMT
Server
PingMatch/v2.0.30-700-g8d321aa#rel-ec2-master i-01fedfc6b95b9b672@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=Wwci36GL1NezCR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame AA55
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4969829177705457557
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4969829177705457557
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4969829177705457557
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame AA55
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jbxpc4vrOS2WvGov3-4iLYu_PH2WtDYogrSOXqPQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jbxpc4vrOS2WvGov3-4iLYu_PH2WtDYogrSOXqPQ
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jbxpc4vrOS2WvGov3-4iLYu_PH2WtDYogrSOXqPQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AA55
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=openx
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=CSunf-cDTytmJwFi_KJ-CCV4isM&user_group=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Date
Mon, 31 Jan 2022 16:33:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame AA55
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455420248101649
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455420248101649
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455420248101649
Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame AA55
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:57 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=72F68BF5CAC442F6A9C7DDC6AF708C4C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 16:33:57 GMT
64716
i6.liadm.com/s/ Frame AA55
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024&_li_chk=true&previous_uuid=de4c7605675e481e99947aee106728ca
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024&previous_uuid=17afd0f164e14b23a12abc11e5824ed1
  • https://i6.liadm.com/s/64716?sha1=&bidder_id=206088&sha2=&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024&md5=
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/64716?sha1=&bidder_id=206088&sha2=&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024&md5=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
HTTP/1.1
Server
34.232.192.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-192-101.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/64716?sha1=&bidder_id=206088&sha2=&bidder_uuid=e9dc03e4-2677-4190-ae6e-b2bd51b9f024&md5=
Date
Mon, 31 Jan 2022 16:33:57 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
709996.gif
id.rlcdn.com/ Frame AA55 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
psa.js
ad-cdn.technoratimedia.com/psa/ Frame AEB6 		2 KB
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/psa/psa.js
Requested by
Host: adtag.technoratimedia.com
URL: https://adtag.technoratimedia.com/adserv_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback&&disp=referrer&tmiv=1&tcb=0.8802649869804546&abv=BTF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6B) /
Resource Hash
3adaa4daf4886e87addc1d25cf0b421cd6ed149dcb621ad42011b681df46e07e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-encoding
gzip
content-md5
80D94lJ24kMbEOUahXW9bw==
age
550
x-cache
HIT
storage-tier
Standard
content-length
706
opc-request-id
iad-1:shWasM3W3bslCvNhvP4EWzCJED0s12kdTemrSoZLgNgK0-HUErtKCKxn7EDcf5Bk
access-control-allow-origin
*
last-modified
Thu, 13 Jan 2022 01:08:46 GMT
server
ECAcc (nya/1C6B)
x-api-id
native
etag
866d78ec-d693-4bc1-ba7f-77670daab957
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
version-id
a4399842-860c-4d55-859f-4f3539979e90
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
cache-control
max-age=900
access-control-allow-credentials
true
expires
Mon, 31 Jan 2022 16:48:57 GMT
pixel
uat-net.technoratimedia.com/ Frame AEB6 		0
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/pixel?rid=17238329700260926&id=3&bid=TMX&mkt=2&sz=300x250
Requested by
Host: adtag.technoratimedia.com
URL: https://adtag.technoratimedia.com/adserv_87066.js?ad_size=300x250&pub_code=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&seat=autoplay&idx=1&referrer=https%3A%2F%2Fwww.kokomotribune.com%2F&callback=contango_callback&&disp=referrer&tmiv=1&tcb=0.8802649869804546&abv=BTF
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
695024440
access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
xuid
eb2.3lift.com/ Frame 6508
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f7b60080-53d0-4379-88f3-81d8f68637b7&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=f7b60080-53d0-4379-88f3-81d8f68637b7&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=f7b60080-53d0-4379-88f3-81d8f68637b7&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=UipM9w5fp&dongle=u6nf
eb2.3lift.com/ Frame 6508
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=UipM9w5fp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=UipM9w5fp&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=UipM9w5fp&dongle=u6nf
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 6508
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPP-ldGrihMWat_G8VsGxPA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPP-ldGrihMWat_G8VsGxPA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPP-ldGrihMWat_G8VsGxPA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6508
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUwMjA2NTkyNTIxMDY1NzI4Njc5Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUwMjA2NTkyNTIxMDY1NzI4Njc5Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUwMjA2NTkyNTIxMDY1NzI4Njc5Ng%3D%3D
date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 6508
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1502065925210657286796&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1502065925210657286796&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=948f0aba-53ad-47e6-a358-37114db0f5ed&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=948f0aba-53ad-47e6-a358-37114db0f5ed&_noobservation=1&_expected_cookie=ad6ca80...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=948f0aba-53ad-47e6-a358-37114db0f5ed&_noobservation=1&_expected_cookie=ad6ca8002cc51a54575ea3bb91b0e025
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d6458403bc80c9d-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=948f0aba-53ad-47e6-a358-37114db0f5ed&_noobservation=1&_expected_cookie=ad6ca8002cc51a54575ea3bb91b0e025
date
Mon, 31 Jan 2022 16:33:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6d64583fdb490c9d-EWR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 6508
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1502065925210657286796?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-QIZP1fNE2oRqsiY97cIUhRMGhiQM0jipTLr.uozXVg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-QIZP1fNE2oRqsiY97cIUhRMGhiQM0jipTLr.uozXVg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 31 Jan 2022 16:33:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-QIZP1fNE2oRqsiY97cIUhRMGhiQM0jipTLr.uozXVg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 6508
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1502065925210657286796&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=triplelift
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455420248101649&expires=30&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 31 Jan 2022 16:33:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 6508 		42 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1502065925210657286796&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
etag
"9ea1ae3587d81:0"
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 626ECF025F0943B19294238A846ECA77 Ref B: EWR30EDGE0217 Ref C: 2022-01-31T16:33:57Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 6508 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1502065925210657286796
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 6508
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=bE3P6EoNpRikArLZ6rOk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MJCTGUBWIVXU4...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=bE3P6EoNpRikArLZ6rOk
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=bE3P6EoNpRikArLZ6rOk
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=bE3P6EoNpRikArLZ6rOk
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 6508 		0
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=88&uid=1502065925210657286796
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
757809611
access-control-allow-origin
https://eb2.3lift.com/
access-control-allow-credentials
true
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BFE3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 05:20:29 GMT
x-content-type-options
nosniff
age
558808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 05:20:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3A4E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCcgK62wfBkzPw6zof8S_w0Mf00Oir1mOJKJBtNB3J5XSRFK_xY7wAkGeBJwUpXdm1kjSLLrJt7P4PQn8dzeCnDYa7m1z8N3ihYmxgBEwiYe4CdXGq4CZ-WkPjdS2N9uNk6bzSxSNz6nt5Zrg4ULfIAsumUryRIl34fV1FwI4w3yIOJc4N0Y3EeCkWdSKcT6aKz-u3cas5g3xGwvsm2gm3J0U4Niq6I1JfQZO2h8jit-zp47Izco4W9VOAn3IoKMXqJ1vrGEexxLRWr39rJVtMHiMuq5iM8F6SmGUEASPva_kkZjdDWsJsHywZofBCd0ht-d4yUGUJYytaKfjqz9fusoLTRrTzH4-iZI1DfASV-xzZR5AD2yx1MOgR8aFSFFdsuVW_I0eQMEfYpAdj8aEUP_KGOSlJGKRm8zgydRXlKF_f7HMIR1A567ynX9hGIRjM-R3n3YsO9zpjAsXRUPGA4Po5vD9uAns-v0jC4gbYOxlkhQMSWitJGD-6WixjsgZ6E5jevV8OF1F8gcgkSwChTwBYI6WPsn0W2K6xvlpdmvtDI6FREbnk2fu-gIP-Euu9a_ZPXWYhWv0c08z9NMQ8n6ovIw2HN7yLJ9cL0V1nKdoIL4NwvR5SgF4TGM93PGX4_Pd_mUwZlBnhGuczFXQKSLw26fYwtc-Qore3XPB-aArlBI39kzuZkix-0JWLBjLqCcdzKI7Q5hgbB40X8mRw-AAmiJkRS-lMpaFlyLpERdTqaiXi0JEO6vcMdeNV0oB2y60cnrzbj71N1FGt0sAc1JfrQi-OrIl5bj0EOD5HmyjxX81UmVlAKicc9KtjsNDp54AmA-nHNYM7N12IP98rgdX6_MbWkMs33p3ljq4Qf6LGopPuxdV_mVu96cDItUMcQmMEp9HDzX1-hRwmxu_YNOIWCEa7b5F7-WH97WzyJ3WDVrxPEzPMzLDgOjSVEfvp20Izk3mwydPP-6MNc2wnIB-fyByVxGcDbKwXNfiNA3R-tY7-hWYYw3O_Tzew9WY1pjKxkdbQOGzJoS73Bo1ZTF_R5gHaVFUYXagnFEclO98r3eWWnZ9vad3gHnXnreUz0SZJhRE9GbSXgVWiIdQgAr26jnBlaDFkO23UXT_9WkqoeGmrKPwmTT_KEZwnF7G9K15eU-ghj_0BSsqf3YuQAQZTJqbYd1PF7bTzpWQquur_7NO83VbVMJnYto--aCW38Ki2IhPnh_Ztju9SDrms-DmtJxmyTQhimxjCZl8&sai=AMfl-YRZJU-fVXR_quciZ3XaGP0_ZE_89maUqmP5LK3oeG6IGQwOWcATnQmwRDLqdnARTq5AsDXydNrMLwpG_GJJBuZ3WEul3I26vYry1ySVFd-mK1vBuhujVyfMIDz6aLL3liRklvXhJVgWQXPNPYzHZ059t9n1Iw&sig=Cg0ArKJSzJtH5vyuQv2zEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2213&vt=11&dtpt=1606&dett=3&cstd=603&cisv=r20220126.28771&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
walmart_300x250_2.jpg
ad-cdn.technoratimedia.com/psa/creatives/ Frame 6C64 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-cdn.technoratimedia.com/psa/creatives/walmart_300x250_2.jpg
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7952) /
Resource Hash
9333093d62b2bdce025d4f2d10a2d3dcfb06efadc22cc4264e30915e6f2254b4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-md5
nTzdL4jsQ8He1lvXhqOOaQ==
age
898
x-cache
HIT
storage-tier
Standard
content-length
59911
opc-request-id
iad-1:XkVVgIuKURRRK-Tdqt60vf-olq7i_iW-moyuleDx9ar4icv05B51nn9ViR2b95_R
access-control-allow-origin
*
last-modified
Thu, 13 Jan 2022 01:09:00 GMT
server
ECAcc (nya/7952)
x-api-id
native
etag
9072aa8a-a917-4af3-a32d-c187d992efa8
access-control-allow-methods
GET
content-type
image/jpeg
version-id
d954592b-f6e6-4c1d-8c7f-490b447ee311
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
cache-control
max-age=900
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:48:57 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3483 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68413732&p=156344&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
65f7738f8c4904125b6876b594ca6c2c7e8281c25ca626055b10d03e9b240ef2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame FA41 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=101769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=101769
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 697118bcd171d3b8a0299bf4ce5a8604.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
152567
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6d64583c1c5a15a7-EWR
x-amz-cf-id
lwQ1lEw9tGsIlt1UY6HrsjBk2yAp9q3IbjALvHkHmH0V-8_svMWTYw==
expires
Wed, 02 Feb 2022 16:33:57 GMT
1516
vid.springserve.com/rt/ Frame A58E 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/rt/1516?w=300&h=250&cb=1489166767568948&is_inview=0&mute=1&ap=1&vid=386878816&vt=&kwds=&zid=138346776860&sid=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&url=https%3A%2F%2Fwww.kokomotribune.com%2F&v_url=&browser=chrome&adunit=%2F5284%2Fsyn.cnhi%2Fron_cnhi_reflex_dtp_300x250&crossdomain=1&client=syn.cnhi&dur=90&sizebucket=small&dfpcid=138346776860&testbucket=43&inview=0&domain=www.kokomotribune.com&nc=0&ud=0&bt=0&avs=0&sec=1&vp=0&vw=0&rm=0&schain=1.0%2C1!synacor.com%2C82312%2C1&payid=e108f11b2cdf7d5b
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.14.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-14-89.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ec2fd857bd50cf6ac06233a474655306a0fafbc1d7f6102d0bd52400f36f0d21

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
services
sync.technoratimedia.com/ Frame 416F 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=d40690de-76fa-43d2-8628-50dbefcf0f2d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
709870811
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true
sd
us-u.openx.net/w/1.0/ Frame 416F
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_1427b725-9b38-4a38-9318-cf926914d839
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_1427b725-9b38-4a38-9318-cf926914d839
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_1427b725-9b38-4a38-9318-cf926914d839
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/redirect/ Frame 416F
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&val=61F80F73F62361D0E9ADC514BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D61F80F73F62361D0E9ADC514BLIS
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=61F80F73F62361D0E9ADC514BLIS
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/redirect/openx?partner_device_id=61F80F73F62361D0E9ADC514BLIS
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://tr.blismedia.com/v1/redirect/openx?partner_device_id=61F80F73F62361D0E9ADC514BLIS
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 416F
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=6ba4a70988db1219&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGblmjalQpowMKc9MNAAAAAAA&expiration=1643733237&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGblmjalQpowMKc9MNAAAAAAA&expiration=1643733237&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGblmjalQpowMKc9MNAAAAAAA&expiration=1643733237&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 416F
Redirect Chain
  • https://px.owneriq.net/eox
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ6969332371368871870&uid=Q6969332371368871870&ref=%2Feox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q6969332371368871870
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q6969332371368871870
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q6969332371368871870
Cache-Control
max-age=46825
Connection
keep-alive
Content-Type
text/html
Content-Length
154
sd
us-u.openx.net/w/1.0/ Frame 416F
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncOpenX
  • https://rtb.adentifi.com/CookieSyncOpenX&cuidcheck
  • https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_96358712-82b3-11ec-823f-125e5676ad8d
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_96358712-82b3-11ec-823f-125e5676ad8d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_96358712-82b3-11ec-823f-125e5676ad8d
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
csync.loopme.me/ Frame 416F 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=0ccbf330-b77d-4f64-b1e3-45cb6b88a9f9&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.88.75.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.75.88.23.clients.your-server.de
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame 416F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=e051aedd-84d2-427f-9bb3-f05c29f1c9f7
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=e051aedd-84d2-427f-9bb3-f05c29f1c9f7
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662312525383177
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662312525383177
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
481
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d64584029de199d-EWR
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662312525383177
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
services
sync.technoratimedia.com/ Frame 416F
Redirect Chain
  • https://sync.1rx.io/usersync/openx/7a5ccf02-6a18-498a-bc05-17537d977db7
  • https://sync.targeting.unrulymedia.com/csync/RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-8beedfc7-374e-480e-...
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
0
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
815050022
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true

Redirect headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Tengine
ETag
RX8beedfc7374e480eb3313f80ef61d4f1005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
Connection
keep-alive
Content-Type
text/html
adx
match.prod.bidr.io/cookie-sync/ Frame 416F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFELXgwN0Q4QjhBQUFZLXNJQzF3UQ&bee_sync_partners=pm%2Csas%2Csyn%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiato...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Csyn%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Csyn%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
HTTP/1.1
Server
54.236.214.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-214-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Csyn%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
366
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 416F 		45 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=2146b6ff-baad-4101-8fa7-30d569c0a317
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 31 Jan 2022 16:33:57 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 31 Jan 2022 16:33:57 GMT
xuid
eb2.3lift.com/ Frame 66F5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3949519880991651774&dongle=d407
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3949519880991651774&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3949519880991651774&dongle=d407
pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
ib.adnxs.com/prebid/ Frame 66F5 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1502065925210657286796
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a0a560a1-d4c1-442f-a881-459e253e476b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 66F5 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1502065925210657286796
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
1bcb7be4-9b9d-47b3-8926-e0f0ac3c27c5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 66F5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=6a6661f8-0f72-4100-92ed-e1893d6cb49c&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=6a6661f8-0f72-4100-92ed-e1893d6cb49c&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
MT3 4133 baa842e master iad-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=6a6661f8-0f72-4100-92ed-e1893d6cb49c&dongle=3995&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 16:33:56 GMT
xuid
eb2.3lift.com/ Frame 66F5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YfgPcgACvaPt5gBH&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YfgPcgACvaPt5gBH&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643646837.228611,VS0,VE0
x-served-by
cache-lga21923-LGA
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=YfgPcgACvaPt5gBH&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 66F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4909702476009743137&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4909702476009743137&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
fe2e2f9c-6c39-43eb-93c0-363f2c978804
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=4909702476009743137&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 66F5 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=88&uid=1502065925210657286796
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
695335669
access-control-allow-origin
https://eb2.3lift.com/
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame FAFE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60a4b7df11899f4c2beadd6c42358b829739aef12cedd672a26839b1273a433f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16143
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 31 Jan 2022 21:03:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame B71C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=101769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=101769
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 697118bcd171d3b8a0299bf4ce5a8604.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
152567
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6d64583c5cb315a7-EWR
x-amz-cf-id
lwQ1lEw9tGsIlt1UY6HrsjBk2yAp9q3IbjALvHkHmH0V-8_svMWTYw==
expires
Wed, 02 Feb 2022 16:33:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3215 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 04:30:58 GMT
expires
Mon, 30 Jan 2023 04:30:58 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
129779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9352 		783 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
GSE /
Resource Hash
e567c23b372048e9986d3fe03b8496b5c8b1f4092fe84ff548539bb0d4212451
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Udmf81WJn3U+3dAWo5iO6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 16:33:57 GMT
date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Udmf81WJn3U+3dAWo5iO6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
services
uat-net.technoratimedia.com/ Frame 53E4
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&khaos=KZ2WVVLY-V-AYRH
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=KZ2WVVLY-V-AYRH
0
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=KZ2WVVLY-V-AYRH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
H2
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
594147804
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=KZ2WVVLY-V-AYRH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
walmart_300x250_1.jpg
ad-cdn.technoratimedia.com/psa/creatives/ Frame AEB6 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-cdn.technoratimedia.com/psa/creatives/walmart_300x250_1.jpg
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79CF) /
Resource Hash
5d4035628bdf4270cf7a15e47c77fd35dd1de4b03129172eabeae7bbddaac57c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-md5
v89hWpDU1gflljRd9kiePQ==
age
224
x-cache
HIT
storage-tier
Standard
content-length
21921
opc-request-id
iad-1:p61Q7uekyZtgKncSexoIB4co-SwA465jsY9UiOZPn5CVSJ14ldlYFvbN9i4upWYB
access-control-allow-origin
*
last-modified
Thu, 13 Jan 2022 01:08:49 GMT
server
ECAcc (nya/79CF)
x-api-id
native
etag
9a6cf8d3-471d-40cc-9a81-c9f862eb8623
access-control-allow-methods
GET
content-type
image/jpeg
version-id
a32c295a-a601-4ad7-942d-3b353f756339
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
cache-control
max-age=900
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:48:57 GMT
cm
us-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646836822.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_priva...
1 KB
700 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
602781cab601ad026204f89aca5f318f6aa82391de2afc222720b47da3d30e4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 31 Jan 2022 16:33:57 GMT
content-type
text/html
content-length
681
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
40000000008200000A
server
33XP001
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
content-length
0
date
Mon, 31 Jan 2022 16:33:57 GMT
services
sync.technoratimedia.com/ Frame 337C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1643646836822.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D...
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=117487727574175
0
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=117487727574175
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
785561982
access-control-allow-origin
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=117487727574175
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 337C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1646238837%26external_user_id%3Df7b60080-53d0-4379-88f3-81d8f68637b7
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1646238837&external_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1646238837&external_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:56 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1646238837&external_user_id=f7b60080-53d0-4379-88f3-81d8f68637b7
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 337C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646836822.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=YfgPcVN.dLfCtiUyYqeTcwAA%26989
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=YfgPcVN.dLfCtiUyYqeTcwAA%26989
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
316
Expires
Mon, 31 Jan 2022 16:33:57 GMT
match
cms-xch-chicago.33across.com/ Frame 337C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646836822.4&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553&partner_url=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%...
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=45&external_user_id=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=45&external_user_id=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=45&external_user_id=70da80ac-8ecc-416d-833b-d9e15a60c3ac-61f80f72-5553
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
match
cms-xch-chicago.33across.com/ Frame 337C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643646836822.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privac...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4909702476009743137
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4909702476009743137
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
cbc3a020-92ac-4b85-b4f1-05dd7d87447d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4909702476009743137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
cms-xch-chicago.33across.com/ Frame 337C
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1643646836822.7
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=003a4b88-32d8-4c14-bcd1-5c5358de9a09
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=003a4b88-32d8-4c14-bcd1-5c5358de9a09&ts=1643646837&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=003a4b88-32d8-4c14-bcd1-5c5358de9a09&ts=1643646837&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=003a4b88-32d8-4c14-bcd1-5c5358de9a09&ts=1643646837&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
npm.stream-browserify.f3f44d3a.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.stream-browserify.f3f44d3a.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7930) /
Resource Hash
46b5efe32423049467d41586b84962af93f154b542ca4e34ea0216ea7747f186

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-encoding
gzip
age
22208611
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7246
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/7930)
etag
"60b1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
464575682 593942962
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:25 GMT
npm.string_decoder.34d1b1e2.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.string_decoder.34d1b1e2.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78DF) /
Resource Hash
a16e154e8fb61d9a8cc79561fb5b26e52a933eff04cd4fc4243c9bc2cfae3395

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-encoding
gzip
age
22208462
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1394
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78DF)
etag
"1165-5c2b015d70900"
vary
Accept-Encoding
x-varnish
128122596 259968015
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:54 GMT
npm.base64-js.82b3c51c.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		1 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.base64-js.82b3c51c.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/791C) /
Resource Hash
06c2cd271841d970111ce4bdf05baf71f829e76d9a44fdb35ced1a94e1a6fb15

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-encoding
gzip
age
28247298
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
781
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/791C)
etag
"5c0-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
128367451 281585673
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 13 Jun 2022 16:57:38 GMT
npm.buffer.c24ca057.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.buffer.c24ca057.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C0E) /
Resource Hash
6bc2b8fea24fa1c8b174c7129eb2061dd61cb439252efcf3350a418ff38721dd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-encoding
gzip
age
22208605
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5914
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/1C0E)
etag
"4dc5-5c2b015d70900"
vary
Accept-Encoding
x-varnish
614328869 752627611
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:22:31 GMT
npm.synacor.vpaid-loader.8b68bd9c.bundle.js
engage.imds-cdn.com/dist// Frame FC9A 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist//npm.synacor.vpaid-loader.8b68bd9c.bundle.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B9) /
Resource Hash
33ac5d23f6f7f0ce3ba0599df5b54284bb3a9a709dd700594be732480a5263d6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/dist//_ads/sf/1-1-0/html/index.072f5c6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-encoding
gzip
age
22208460
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
14058
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (nya/78B9)
etag
"af3c-5c2b015d70900"
vary
Accept-Encoding
x-varnish
576611313 708935384
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 22 Aug 2022 14:24:56 GMT
services
sync.technoratimedia.com/ Frame FA41
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/101769
  • https://sync.technoratimedia.com/services?srv=cs&pid=55&uid=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.JcIAus43t...
0
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=55&uid=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.JcIAus43tcdwYKoXsr0VSQAlg9riW7iKAIPGlXMHnwCAKTDCM0frngwwmfVY9r5ZZTGD-K-2sGxw1P-0Z-temQ
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=101769
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
831954025
access-control-allow-origin
https://cdn.districtm.io/
access-control-allow-credentials
true

Redirect headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://sync.technoratimedia.com/services?srv=cs&pid=55&uid=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.JcIAus43tcdwYKoXsr0VSQAlg9riW7iKAIPGlXMHnwCAKTDCM0frngwwmfVY9r5ZZTGD-K-2sGxw1P-0Z-temQ
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d64583d9e9715a7-EWR
access-control-allow-headers
Origin, Content-Type
content-length
0
services
sync.technoratimedia.com/ Frame B71C
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/101769
  • https://sync.technoratimedia.com/services?srv=cs&pid=55&uid=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.hPreT-4qt...
0
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=55&uid=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.hPreT-4qtODoqsd_2h_fgygrbqlRZzjPlwMKjIDc8H4nT-IX3qbyrFaGdd9kC4QehaxHv02tykmY6TNS_TDjHA
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=101769
Protocol
H2
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
702344702
access-control-allow-origin
https://cdn.districtm.io/
access-control-allow-credentials
true

Redirect headers

date
Mon, 31 Jan 2022 16:33:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://sync.technoratimedia.com/services?srv=cs&pid=55&uid=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.hPreT-4qtODoqsd_2h_fgygrbqlRZzjPlwMKjIDc8H4nT-IX3qbyrFaGdd9kC4QehaxHv02tykmY6TNS_TDjHA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d64583e0f5a15a7-EWR
access-control-allow-headers
Origin, Content-Type
content-length
0
cookie-sync
match.prod.bidr.io/ Frame 8601
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD-x07D8B8AAAY-sIC1wQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AAD-x07D8B8AAAY-sIC1wQ&pid=558502&do=add
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AAD-x07D8B8AAAY-sIC1wQ&pid=558502&do=add
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.214.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-214-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Mon, 31 Jan 2022 16:33:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-c97897cf6-4bnvn
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AAD-x07D8B8AAAY-sIC1wQ&pid=558502&do=add
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
usersync.aspx
dis.criteo.com/dis/ Frame 980C 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 31 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
279703
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame F5A8
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_c4178cd4398a43e0b5321
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_c4178cd4398a43e0b5321
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 16:33:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug012:0:502
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_c4178cd4398a43e0b5321
content-type
image/gif
content-length
0
date
Mon, 31 Jan 2022 16:33:57 GMT
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 4CC1
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=965dc45a-82b3-11ec-b646-6a23e1f7cedc
42 B
224 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=965dc45a-82b3-11ec-b646-6a23e1f7cedc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 16:33:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug015:0:1071
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=965dc45a-82b3-11ec-b646-6a23e1f7cedc
X-RealServer-NX
lga-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 867D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CSunf-cDTytmJwFi_KJ-CCV4isM
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CSunf-cDTytmJwFi_KJ-CCV4isM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 16:33:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:464
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 31 Jan 2022 16:33:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CSunf-cDTytmJwFi_KJ-CCV4isM
Content-Length
159
Connection
keep-alive
services
sync.technoratimedia.com/ Frame 12E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=45&uid=97A641CF-0105-4E75-A3D1-DE931CED0425
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 16:33:57 GMT
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
811217796
age
0
via
1.1 varnish
mw
mwzeom.zeotap.com/ Frame 3483
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=97A641CF-0105-4E75-A3D1-DE931CED0425
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3c07664286ed6cd5124d68918e0f37b2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=f7b60080-53d0-4379-88f3-81d8f68637b7&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=e4cb6d0de85c98aa
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=36bdcfee-fa91-429b-7bb0-88f8b1b87b3e&reqId=242f25ef-4c0f-4294-50e1-1702adc8ab75&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELhomhozPTq9Nv9JohHQFLs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=36bdcfee-fa91-429b-7bb0-88f8b1b87b3e&reqId=242f25ef-4c0f-4294-50e1-170...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESELhomhozPTq9Nv9JohHQFLs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=36bdcfee-fa91-429b-7bb0-88f8b1b87b3e&reqId=242f25ef-4c0f-4294-50e1-1702adc8ab75&zcluid=e4cb6d0de85c98aa&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d6458461b758cb1-EWR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESELhomhozPTq9Nv9JohHQFLs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=36bdcfee-fa91-429b-7bb0-88f8b1b87b3e&reqId=242f25ef-4c0f-4294-50e1-1702adc8ab75&zcluid=e4cb6d0de85c98aa&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 3483
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=97A641CF-0105-4E75-A3D1-DE931CED0425&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=97A641CF-0105-4E75-A3D1-DE931CED0425&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=97A641CF-0105-4E75-A3D1-DE931CED0425&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=97A641CF-0105-4E75-A3D1-DE931CED0425&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=97A641CF-0105-4E75-A3D1-DE931CED0425&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
g.pixel
aa.agkn.com/adscores/ Frame 3483 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=97A641CF-0105-4E75-A3D1-DE931CED0425
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-85.ewr52.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR52-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
MoKkmUw-uZiXfVBfHxm6hrSmEltKWAFRKsX9m8axvK_vBlNzXbRKag==
expires
0
/
io.narrative.io/ Frame 3483
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:97A641CF-0105-4E75-A3D1-DE931CED0425
  • https://io.narrative.io/?io.narrative.guid.v2=965f0810-82b3-11ec-b070-0a4515f2e365&companyId=673&id=pubmatic_id:97A641CF-0105-4E75-A3D1-DE931CED0425
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=965f0810-82b3-11ec-b070-0a4515f2e365&companyId=673&id=pubmatic_id:97A641CF-0105-4E75-A3D1-DE931CED0425
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
HTTP/1.1
Server
44.198.222.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-222-213.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 16:33:57 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=965f0810-82b3-11ec-b070-0a4515f2e365&companyId=673&id=pubmatic_id:97A641CF-0105-4E75-A3D1-DE931CED0425
Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
97A641CF-0105-4E75-A3D1-DE931CED0425
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3483 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/97A641CF-0105-4E75-A3D1-DE931CED0425?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.85.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-85-233.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 3483
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=97A641CF-0105-4E75-A3D1-DE931CED0425&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kGXxUWdE2uW4RptKCQaG7dFyemKPf0Q-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kGXxUWdE2uW4RptKCQaG7dFyemKPf0Q-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kGXxUWdE2uW4RptKCQaG7dFyemKPf0Q-~A&gdpr=0&gdpr_consent=
date
Mon, 31 Jan 2022 16:33:57 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 3483
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4909702476009743137&gdpr=0&gdpr_consent=
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4909702476009743137&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:22:36 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug030:0:435
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
8763df62-f6ef-4eed-b580-c73084d0cd64
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4909702476009743137&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3483
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=946cd5fe-82b3-11ec-a9bf-a10e15a78249&gdpr=0&gdpr_consent=
1 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=946cd5fe-82b3-11ec-a9bf-a10e15a78249&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:16:45 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug010:0:435
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=946cd5fe-82b3-11ec-a9bf-a10e15a78249&gdpr=0&gdpr_consent=
Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
9658519d-82b3-11ec-a9bf-a10e15a78249
Pug
simage2.pubmatic.com/AdServer/ Frame 3483
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=97A641CF-0105-4E75-A3D1-DE931CED0425&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7e80aaff23b8121c&is_secure=true&networkId=17100&version=1&nuid=97A641CF-0105-4E75-A3D1-DE931CED0425&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGblmjalQpsgNpfT7pAAAAAAA&expiration=1643733237&nuid=97A641CF-0105-4E75-A3D1-DE931CED0425&...
42 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGblmjalQpsgNpfT7pAAAAAAA&expiration=1643733237&nuid=97A641CF-0105-4E75-A3D1-DE931CED0425&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:16:04 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug001:0:763
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGblmjalQpsgNpfT7pAAAAAAA&expiration=1643733237&nuid=97A641CF-0105-4E75-A3D1-DE931CED0425&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3483
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_96358712-82b3-11ec-823f-125e5676ad8d&gdpr=0
42 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_96358712-82b3-11ec-823f-125e5676ad8d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:16:22 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug007:0:396
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_96358712-82b3-11ec-823f-125e5676ad8d&gdpr=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
image2.pubmatic.com/AdServer/ Frame 3483
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AXolYQctdT8aeiY9UyhuPwd5cG8acno6DnJ62YuR
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AXolYQctdT8aeiY9UyhuPwd5cG8acno6DnJ62YuR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 13:18:29 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug028:0:431
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AXolYQctdT8aeiY9UyhuPwd5cG8acno6DnJ62YuR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A4E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyueT0k19flUxvhN4DuGyHTkjWODzl6uQK-293L_GrargUIAvmCHtNlpu_6Dn7uS6UDrRmwJ-ZeQ3R5byUGOvSjQkJvBWlB20cirt6-et0OKFlEZM&sai=AMfl-YSPayMXvxs0vlt4pOhvmgCtPx3qQlIifJ3e_IP5I1CAxHLTqIKkp3LTNGcPmR_rzbHLqeHUpnkQmDZ8kQ0beaDVr-tn_RJltcFe6S9cpquDm1xzOF65HMBc9qpI&sig=Cg0ArKJSzHgrfzlm7OhaEAE&cid=CAASEuRo97_5wT3OTefaP3zQlOGgkQ&id=lidar2&mcvt=1131&p=1110,315,1200,1043&mtos=1131,1131,1131,1131,1131&tos=1131,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3881486894&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643646834096&rpt=2280&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid_5ad38643.js
vpaid.springserve.com/production/ Frame E808 		499 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_5ad38643.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist/npm.synacor.vpaid-loader.8b68bd9c.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-120.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3318a328560cac567c76cc9df1b8395b50f066d1e8edd31ae2b15213bd3065

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:36:05 GMT
content-encoding
br
last-modified
Thu, 27 Jan 2022 15:32:23 GMT
server
AmazonS3
age
349073
etag
W/"209f133480c3a90839bec5291a1c45d9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
h3g07_ZDMp5b_Lg4br4lSnXyl6_PRDpQiqUY177xvZEhxtBhlyJPqw==
activeview
pagead2.googlesyndication.com/pcs/ Frame F8FC 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp3OAmtUWjK-PNPurgI0xszvsy_kyrIRq4eZA4aOCTaqAPTRBvnLRcoOwyboYJo0DcLB5HqO61ycjyyuhTzPDd&sig=Cg0ArKJSzDz5CeoPozXSEAE&cid=CAASFeRodwTKYUg_zqsvGCaILiRyzKxE9g&id=lidar2&mcvt=1084&p=450,315,700,1285&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1535538250&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643646833474&rpt=2981&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
cms-xch-chicago.33across.com/ Frame 1C49 		68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=9f01d30e-cf26-4b0e-80df-416bd17ba394
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=openx&id=
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=64da0456-d77f-494a-8063-92e0b1f47da8
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537115685&val=64da0456-d77f-494a-8063-92e0b1f47da8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://us-u.openx.net/w/1.0/sd?id=537115685&val=64da0456-d77f-494a-8063-92e0b1f47da8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
112
Expires
Tue, 29 May 1984 15:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26b5ee0a76404927b0a0c5ea9275e162
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26b5ee0a76404927b0a0c5ea9275e162
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26b5ee0a76404927b0a0c5ea9275e162
date
Mon, 31 Jan 2022 16:33:57 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-length
0
x-xss-protection
1; mode=block
sd
eu-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=1a6e33b0-a7da-40e0-8c45-96e78831386f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=1a6e33b0-a7da-40e0-8c45-96e78831386f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=1a6e33b0-a7da-40e0-8c45-96e78831386f
date
Mon, 31 Jan 2022 16:33:57 GMT
server
_
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=95f67a7f-6a67-4f11-ba56-4db76b4e16ad&redirectId=2257
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
  • https://match.deepintent.com/usersync/108/
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_c4178cd4398a43e0b5321
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_c4178cd4398a43e0b5321
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_c4178cd4398a43e0b5321
date
Mon, 31 Jan 2022 16:33:57 GMT
server
c
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sd
us-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=44a9aa08-e1fe-3e2d-3d82c194
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=44a9aa08-e1fe-3e2d-3d82c194
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:57 GMT
server
nginx/1.20.2
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=44a9aa08-e1fe-3e2d-3d82c194
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
cache-control
max-age=3600
content-type
text/html; charset=utf-8
content-length
103
ox
match.justpremium.com/match/ Frame 1C49 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=a3eb1190-461c-418b-bef6-c88dda5a72f1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.130.110 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-130-110.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
content-length
43
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=0
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=0&prevuid=06030002_61f80f75af97e&knw=
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=06030002_61f80f75af97e
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=06030002_61f80f75af97e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:57 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=06030002_61f80f75af97e
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sd
us-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=UipM9w5fp?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=UipM9w5fp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_p...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=UipM9w5fp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=UipM9w5fp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=UipM9w5fp
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=UipM9w5fp
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
vary
Origin
content-type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 1C49 		43 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=858401a0-fb19-41ec-ab54-f81da39e0e99
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:57 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1C49
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=978a92dd-bd2a-4dfb-b626-a4266b8b09cc&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=643924338726
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=643924338726
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:57 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=643924338726
sodar
pagead2.googlesyndication.com/pagead/ Frame D3F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012701&jk=1526293325578209&rc=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04D3 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7Pohcg_4YeHBIp3m3LUPz9Ge-A8AAAAAOAHgBAI&bg=!UlGlURXNAAY6OBv_Ojg7ACkAdvg8WiMurJAKdiyEmJHSFE1qX1FneejKH0g-aVpg0rkbdbK1aoAlMwIAAAN7UgAAAAdoAQeZA1nvhhHFUnPvjAjss51TPV9mNOgZ9ymfbmI7CCa5w7v2pzxZ2SNg3_XR1k41aohwcp_O79Vc3dHFngnXLcxGz639LWVU-XUY0L44y-tEDXfiF5MUeiX4FNme7j-nQ96JRna_xZFHSbI0bKWZxXX_R-jBvEcejAJEtVrbsLwLatN-YVt3KBqyuWo8PTBPwHVJNqCjEBF8n55aeMdmgj_pA1LCfnqdZQhYpPULcc_CdKDUqCIG17p9uibWcNCwEzS1mevEqJc7krIADrse1SkfTmMzftOO942q2an2Ab00AQMGTwJxlBI-dziW-ZJct_QBsp5TpSq812nV7xalNRtPnPKxyQRPCBH7MX8GvUW9HPm8YR-70G5xlRgggMG4_sOh3TBY8w8OkEnaJL9U3MNPPI8PiTwy7a9dT_c9WSkIj70D2Ktwah_-SJgAT7YdUffFOWb2Ty10Tr2dchQjJwviWUZTPs3yuyy3QlRtr9mPvP19e5mj9TIzCnm4--OCHiB4qqibKwQFoGSuqRcZWVBYcH8SDKkeyjWkOorBJ6tOqKlYYkYtr8nXFWiV9x4K1Q7Ed8vJvNHsstBpHKmwtr0RYRJr05lAVw8z32v_Eu6dqBolKxLovBDyPhPRjReeKS5H2VeVUqmFvAvQt8wl_h398a7R6IhY2G1Xpg8v8oAmztLL-ARMKvZ5mPQGue9S7NnPMmpANxD8DOwgdpZby6S5HOGetET5hNwIBZeZNm21zHIabb2_9BS_uHb5vcSZFg3I-9lyPgei-8vg18ixxV5zxhV7h9rcv5Lrx49obdy0jpyjDA28zMXy4XCP_t5aYm5spsyBFTE5Ismx78XK_eU3vJc_0w6aQ6GCR2-4A9EKGsDEAYDAw1xLy19RZn-G1axXiQ2FEUECQCD4ENf7CdOPxALorgJFtcZZuzsNGowRrrMu2CQOu37j0kUxE1CvKGXAG7val9D_zcTFyrJqC7VjEP8KTboETSIOGqhUpy6T2GsniPYHU1kk-IEFUx_ERUh7pHbdYdF5nQZqSfp883-7N67adJDM0Bh7M5b4zwiQz75EIQaRxPiAR_ssx6sWPU-rjPJLhY4nif83nYxxV8h0iPSo_om0ZU8VxJCsQ8TucmxEEGI5RFJN25tDQQ
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9352 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012505&jk=1518223740491278&rc=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
1516
vid.springserve.com/rt/ Frame FC9A 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/rt/1516?w=1&h=421&cb=6227704677304078&is_inview=0&mute=1&ap=1&vid=386878780&vt=&kwds=&zid=138343928427&sid=%2F5284%2Fsyn.cnhi%2Fcnhi_engage_reflex_ron_payload&url=https%3A%2F%2Fwww.kokomotribune.com%2F&v_url=&browser=chrome&adunit=%2F5284%2Fsyn.cnhi%2Fcnhi_engage_reflex_ron_payload&crossdomain=0&client=syn.cnhi&dur=90&sizebucket=small&dfpcid=138343928427&testbucket=90&inview=0&domain=www.kokomotribune.com&nc=0&ud=0&bt=0&avs=0&sec=1&vp=25&vw=0.17&rm=0&us_privacy=1---&schain=1.0%2C1!synacor.com%2C82312%2C1&payid=e108f11b2cdf7d5b
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.14.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-14-89.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8893946596c44e71c6929907807cd4e70c2aee7bbaa16752d1e9996ea3b72bec

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://engage.imds-cdn.com
date
Mon, 31 Jan 2022 16:33:57 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
/
adspsp.com/pt/1710310/18/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/18/1/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2T742&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6rq&m=z&zi=adb_floorboard,richmedia,11,U94f9a409f61a93,adb_leaderboard_atf,totalaudience,2,U390505f4d876e1&z=0,1,2,3:1,1,dm,4uu.0,k,00at,dr,4uu.0,k,00ay,p7,4uu.0,k,00md_1600x90_k.an.5ws_1&z=4,5,6,7:1,1,do,435.0,k,00au,ds,435.0,k,00ay,p7,4ci.0,k,00md_1140x250_k.an.5ws_1&rnd=1643646837775
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 1DF7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
521346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:44:52 GMT
/
adspsp.com/pt/1710310/15/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/15/2/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=1:1,2,U390505f4d876e1,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fkokomotribune%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2T74p&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6rq&m=z&rnd=1643646837798
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 3215 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
521346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:44:52 GMT
vpaid_5ad38643.js
vpaid.springserve.com/production/ Frame 083E 		499 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_5ad38643.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-120.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3318a328560cac567c76cc9df1b8395b50f066d1e8edd31ae2b15213bd3065

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:36:05 GMT
content-encoding
br
last-modified
Thu, 27 Jan 2022 15:32:23 GMT
server
AmazonS3
age
349073
etag
W/"209f133480c3a90839bec5291a1c45d9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
JKUw8dMooXnRx6HUrEYsqCGSSms42pPSjeq4SKN-NP0z5DufTwJ7CQ==
generate_204
tpc.googlesyndication.com/ Frame 3A0A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eTiCCw
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 460F 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012505&jk=2639884059872518&bg=!_v2l_bnNAAY6OBv_Ojg7ACkAdvg8WobkGRttvLPnvRxb3n9gQOfRjX-ndao3yUe4mgPMMF7uuAttagIAAAIYUgAAAAloAQcKAKt-e0bI99z5JLvB5Gaqhj32n4EwEIAe1Et5QwSWy-DPoxJLhUx2G1svPDBnaO-Ei5YcUZzZQgetbaywSBmJV4Hyu7wYl6iQJEeW7PLi30je8fFbjWlQ9XLbyZz8cYfzFZICqNWshueEq-FwY6Zt6d74714jF54twMCABIIAFZ6YVsrualVQfulTBq6ykotexTHcHt260nDY_cs4k_7WLks_fcPT5Dx6swdOZpCZAuhmGqPat-R5VxSyoQWrAaVyThSzYMbNgJOn1QWYOhChGFTKhK0ljFWLeTW55ALbKg31rnPFeJRpp0ckbhLzsOEbrFTaZS3GGNMgg_2PNp9SNxgsg6or7F0p_Tauj7Ez_7qzDdy0oDDaZk5K4VQdju2dJFFuky1yoBtdGTCj79xVocDCtaOU7aVOEhaaWxKdUepitsr6rTp5AANnuMnlGdpCVlQY_IFRU3TFruxtBClGTIt87fewCDSqtO5aHqJXxJtDDiiS5JYreen8vSFEHCOor5cJFnI_2PirCLXx9NuemDftuwK9jFDEgVYaWmpoHQTGeIYuPLyJT_d9zHIESzxMRzdOLK9ErUT5Gdxif4UwJDVS9FBZd9XFSPYAzpJS23lxxNLM-24-SBZ9dbsPshPr0S8uu9029Vy2aZzc8ht80jZd-7hlCf0Ld7d6CrXvLACDDE4KBb8tTOUszdyTvMy5U-dhDBFpnhOhc11vVsLKb90Iw6IcTQGvZ-bjtD7160t20Cfgz68G1jIGPv7soQXOcg7mjoCS1ATZIbSu-GPXCqaMBGCMacTgPsvpcxbrW5_Zhk2UvCxkgO_UXjRbpNQykyjO1lFRTwyxc5isrO_VcK6blj-527pjG0BlICo9NTsj1VPgG93C6eY3esrqXsJWC4Ju_HkxsJREPDD6f4TPtun4IscmwftcWd5TZbNGzLuQJBO3sLEUJKIqbmeBlDvRlWxeBklXVvwUErJ6gvCv2Hs0Nbalp5BirbRyP-8RjCseMN7kRgxQtv_KT8Y0uSAa5dv6Ny-IB6F14Yd70Lce7TigxChb_CBJb9EQuqMXrzGfXWtp49YW3Bh87lzIssvlkNskvWejZ3SK9-q0LpwHa_ttqRSEOyCAYMLksQJdUayTjBWUdkONqeWvGnN4NGgi-dwcRRX8KAlLQGtmc8C3lIKN-db4ePVfKBiu6IwxvJT1R4Zq8i3reEh5guanNsp4oXgHiQYMjUk
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame E808 		0
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SynacorHB
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5ad38643.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.146.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-146-219.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ Frame 083E 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SynacorHB
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.146.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-146-219.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://engage.imds-cdn.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
springserve
uat-net.technoratimedia.com/openrtb/bids/ Frame E808 		0
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5ad38643.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
879011352
access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
access-control-allow-credentials
true
springserve
uat-net.technoratimedia.com/openrtb/bids/ Frame 083E 		0
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
528151433
access-control-allow-origin
https://engage.imds-cdn.com
access-control-allow-credentials
true
generate_204
tpc.googlesyndication.com/ Frame 1DF7 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gJ9fVg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3215 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hlCizA
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5376 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012505&jk=1518223740491278&bg=!uLulu__NAAY6OBv_Ojg7ACkAdvg8WmRjYkC9UyKU-szk0I9HVsfNCZvDq93_u6c8aVE0RwEpJlpyPwIAAAC3UgAAAAJoAQcKAAiIzgiSO3yau5kDCRUeYJfSk2Bwue8RrsBNCCfeN3uF-njclVJSQCINCj8BY2ZbGoY8tL3beaVHnOBvBYN53ipBrIbyScy8apnASzRb87J5Hw7ql-ds6QXf3vNDK7YZ89cywfLyUbswFZ_4eY_q1UBhf1UuqpvCw2WaR7kjuRCkqSnen8J13D2hGuevOiJF4OtOtfWbH637iiu5huK7wu7PqibkwySLBWBJEQzEHoZKg6cjbGXEfPJAPGD3EIXC5-xtYW5Pw1SJHe6_GmmCOGyTp9127kx8uERIsdhq5OxKQjtw3oaey4558N6wfUOCcCukKdD9j0Ftt7YSzX7sL94sUPX04lvucSBIz4XOWep5McP17b9cPHq9utGhMoTpD3aoyKebDvVuUyPOLnoxdWOZomQXP-8HK7Ge3gf17BPx0N9OO115HMQJhxyeHsAZoVd5i_vXvShIAri4oHvOmweOhLuZVgUyHYyaaY42_yylKd5XuNJrckitX1wDL4Ea4itI6C-j6aQ3fpkq4OB6eOpdiyAIasj2HEeBmYIMJ1whAXYhCCycGU1Wp1nu-QwxrL55UpRa06-fi-HA7-q_i_k3PSSXsQImRmm-IkCbFqyol-XacanqRR4qSgyGpHLeTw2ueyaDhuNmzUUdlcP-SAKtBO1LCWGi8yd0NHo47dbT7442XgqGdl7sGa38eyduo4gP8OiqyyCaNpNkubp8m2UiFGUxOQQhC93KkMqPBr9xnuau9go03wD6I-nVboiTzHHMVpdvpSmoQNqja0_Q123bjmTkyV34riF-1mY2NeFw2-pqDDau0LyamLqorzmN7kxImZ-PwYjPL0F978xnEOOnjIp-SbCEtduWlXFBpOQ703aD3UyVTrqhDi8517TC72t6WFcGcPOrg1otN_jFhQDaty-3noBqMgpk5WnuIWFB-FtUiIi1JHjYCnv7c2jCPQhXJwi-JGFlD9T_-Gn2lICG7pyg6GToyCezehIe4IoKkCAEkzT6NU5th_Qlv447Xj7SCvLKBGDFvbwT1MRrX_Qj3STNUQ
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adspsp.com/pt/1710310/15/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/15/2/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=1:1,11,U94f9a409f61a93,adb_floorboard,%2F9869277%2Fcnhi%2Fkokomotribune%2Frichmedia&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2T7k0&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6rq&m=z&zi=adb_floorboard,richmedia,11,U94f9a409f61a93,adb_leaderboard_atf,totalaudience,2,U390505f4d876e1&z=0,1,2,3:1,2,dm,4uu.0,k,00at,p7,4uu.0,k,00md,qw,4uu.0,k,00o2_1600x90_k.1q.yg&z=4,5,6,7:1,2,do,435.0,k,00au,p7,4ci.0,k,00md,qw,4ci.0,k,00o2_1140x250_k.1q.yg&rnd=1643646838350
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAC6 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012701&jk=1526293325578209&bg=!kpGlkdXNAAY6OBv_Ojg7ACkAdvg8Wr93swh4zJYAD1Rzuuhla0TcSlTwurXHCqb_iWaJU9R-yt681wIAAADrUgAAAAJoAQeZAtjp6vKsAAo1IuweArRzSjDDKG_2aatOsNOq5_DLNOI0EWKnx4EoHXgz1R1fNoOE6owHCjkUcvdqQTXZOylkJZZR8GWcqsVpBYqovVOwXhhsPitMMxoiFh20LomZi_pGZmneLkpdngd2pX1-xtN630hgRFHZAuiqq_tuvUiLhQf1znA70jcBVybzY8ar3oMtekxMrNE05k6UdAfoeSzfH7W_rYpgh-clSMUoC5sQJ9EviHeoxzjQcqN-QsZgqwKU-U8898l4TwyF925A3iv98N1_c2SRDNBHnp1PHqpMiUHpWfc7Oc6d43eD6Q53hB_Tvkfvq3i5QMDdalk_iQdrrrTG_rpicUfoXn3u_xCFkhbGPBAgCDHswwjCtRKgj00HKV3AnSunTlTwSOKqa8Ww4eGfNc6YpD3HJkw81KrwsPivjAZ9Mr9Jr6ODZoBCnoRD3X9QvjGySZlFM0PuZgp2JQ9xQvPBriSAj2Qn4NxvzoPYf6kfV9Tf8q4jZZJSSq641FqZUy9EROIRGAOMa1gmyCtj7PxVZcjUW14v9kfC6jMMMFY2V-Ssj9tuDqp_Z97thV1XkZyQCjJwgq78Uxv7HDjQFxEfYYkA_dux7dRdLDYZRnPcpfMsad-8O2hGXczl9XnrbbFC6rPrhrje3qt931iJ_Y4Sd8lzRtD8G8bvLbS4aWeNlWza3R5m4mQz3_J04OUfOSWP6jXIPrN7VBQUkKYBuZTbFoqEPkSyiZFd5A0lf7DXQx9zrPfNwf5fLCOc3XSBKleW8ILYlUA57aCIQXGGx1MxnntyrOd-KZ92vXLS182ZDqwTAzDRnY8vJoecsnnO8_ExFMCd1_mNy4uK0qy651hWecWu856roRdnHQiohAkflsZPFPVpqVfLLih9jn9dE0N5l8OK4RAwBWih3vuZoVQ3F_LhbomWBRE2aJIzvHUNc0VQBzMD9U6oSMWNqLhce0B7rnW-Wg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kokomotribune.com
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=3743700561529328&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=281191609%3A9869277%2Ctrx_cnhi%2Ckokomotribune.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&fsbs=1&prev_scp=slotName%3Dldgr1%26pubDom%3Dkokomotribune.com%26atab%3Dtrue%26frstlk%3Dtrue&eri=1&cust_params=section%3Dhomepage&cookie=ID%3D374a31865e245bd0%3AT%3D1643646832%3AS%3DALNI_MaeqgkYwMwf51rW-gt6jIMLq1OKeA&bc=31&abxe=1&dt=1643646838461&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=1010&adys=2189&adks=2274245186&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=360x250&msz=300x-1&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
90857bc047b3996677f920f671a6e52242804623523910d8b6b5fec89370d61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17944
x-xss-protection
0
google-lineitem-id
5441321963
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138324261133
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2973852823683421&correlator=3743700561529328&output=ldjh&impl=fif&eid=31060032&vrg=2022012505&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=281191609%3A9869277%2Ctrx_cnhi%2Ckokomotribune.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&fsbs=1&prev_scp=slotName%3Dldgr4%26pubDom%3Dkokomotribune.com%26atab%3Dtrue%26frstlk%3Dtrue%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0%26hb_adid%3D20b48d93f9369f2%26hb_bidder%3Dappnexus&eri=1&cust_params=section%3Dhomepage&cookie=ID%3D374a31865e245bd0%3AT%3D1643646832%3AS%3DALNI_MaeqgkYwMwf51rW-gt6jIMLq1OKeA&bc=31&abxe=1&dt=1643646838467&lmt=1643646751&dlt=1643646828952&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=1010&adys=3977&adks=4161423443&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.kokomotribune.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=368398424.1643646830&ga_sid=1643646832&ga_hid=1591636544&ga_fc=true&fws=4&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
6f561f6e0ea764db8e427994113b22c7a6023660e6107b1c92d9a58f6e20e9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14022
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ Frame 083E 		1 KB
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x383%26iu%3D%2F5284%2Fsyn.synacorengage%26description_url%3Dhttps%253A%252F%252Fwww.kokomotribune.com%252F%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26output%3Dxml_vast3%26impl%3Ds%26correlator%3D1643646837769%26ord%3D1643646837769%26url%3Dkokomotribune.com%26cust_params%3Ddfpcid%253D138343928427%2526dfpadunit%253D%252F5284%252Fsyn.cnhi%252Fcnhi_engage_reflex_ron_payload%2526sizebucket%253Dsmall%2526dfpclient%253Dsyn.cnhi%2526autoplaydomain%253Dkokomotribune.com%2526browserclass%253Dchrome%2526autoplaybucket%253D90&type=all
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
e75ef61d7f41b0ee9bc53811014fa06409661291349700a6d57d3bc1cf69c312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://engage.imds-cdn.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
662
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 6540 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x383%26iu%3D/5284/syn.synacorengage%26description_url%3Dhttps%253A%252F%252Fwww.kokomotribune.com%252F%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26output%3Dxml_vast3%26impl%3Ds%26correlator%3D1643646837769%26ord%3D1643646837769%26url%3Dkokomotribune.com%26cust_params%3Ddfpcid%253D138343928427%2526dfpadunit%253D%252F5284%252Fsyn.cnhi%252Fcnhi_engage_reflex_ron_payload%2526sizebucket%253Dsmall%2526dfpclient%253Dsyn.cnhi%2526autoplaydomain%253Dkokomotribune.com%2526browserclass%253Dchrome%2526autoplaybucket%253D90%26channel%3Dvastadp
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f10.1e100.net
Software
sffe /
Resource Hash
9dc0e651f622a4267e1d80928f816768b64bffff7db9118be29c1c1c4c3824a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16294
x-xss-protection
0
last-modified
Fri, 28 Jan 2022 21:07:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:48:58 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame E808 		157 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5ad38643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.22.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-22-214.compute-1.amazonaws.com
Software
/
Resource Hash
44f04a39122978caf73851dc247fb50c8a1a04ece8dfee902b11ba74781fe810

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
154
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0BCA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYcT4OJvs6_KmVY36ZyEfOJwmlObglxic9kUz4EvL7RIUwvGiN9GTksnBbpNT_51B8z-A9wBMjjs8MworOtHOKz3vDHXilblCO9p72NwTrylfRx8ZSlZKcKkfqMtcsccoOkVG-IQ8LFq6X2nqg4t5EaK8a11x8L8FCy8MnBBPiOdeF1a-Sg8jKb2FqeoUppsza0fYiHpmC-QXh6dJaHUqfOrdK7z4-10KZlTjYP2nr2Zmsgmd-XvX0G0sNtyKT3JKoigcnNKL5hhuuUINs-Wj-S_6TA7szSeTRhLfozsES4DPzikiytsD7PCDXjI2hiMnZzdznU29SJoxqMw&sig=Cg0ArKJSzMfBP8Fkg7YTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 0BCA 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
x-xss-protection
0
server
cafe
etag
6659623896352890502
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:26:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 0BCA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:32:01 GMT
l
www.google.com/ads/measurement/ Frame 0BCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQc5D879DGhaEs8YcAtmKOfmV1jA-BhiBR75Zsxkh6QgtQmQkb72P8zGLv6rKC-EQUJKLXOyHh8BJU98f-Svx1DJgr6vQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BCA 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:58 GMT
15516910540182765576
tpc.googlesyndication.com/simgad/ Frame 0BCA 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15516910540182765576
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
a13febd75abd3e9df3b14dbfd1f3d4ce260c5e3c8b13a608aa76c9f132cfa9d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 00:27:19 GMT
x-content-type-options
nosniff
age
144399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107082
x-xss-protection
0
last-modified
Mon, 21 Sep 2020 16:08:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 30 Jan 2023 00:27:19 GMT
truncated
/ Frame 0BCA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7768a1c920f1a85bd1bf89c8a05b9c8ea7944745c9f02107dd851ef00b417acb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0BCA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVZ_gQVRwMocGCM9o7WhXxOY5qkp2GrGONHA8HHegSDxXpVMxMVzbs7anMpz0mKyGjZX5c4Dp_rI58mERIMHSLoCEKAzm_QEmzuRIO90a9AbJcuYMo7JXNLp-lGPYlmViIjxak9_crp6j3nZscKtOYv4xM8xNjz6ujNWV_E6oS58IRZNgPm8oD6bDtGwOm7TGjm4Pl7Ys-gmYGainGBzElixuj82rzARdNUwmrtTAj7hfeah43z8HCCynphjxWUEL0KG9sECm_gLvVeolraYyTYlriB3SykqBI17v6KsXKkBgWYdUN2imYtPrma6_dhkZEMmLT2d2BSVcarxw2&sig=Cg0ArKJSzEM7_ETYQJhjEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 16:33:58 GMT
container.html
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB25 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 16:33:52 GMT
expires
Tue, 31 Jan 2023 16:33:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame EB25 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2LjEdg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSgAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9xdjfndW1hdZP8__GXFlkIFfqHGdQGyzyyADRji9wz4eZkFXcQOAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02NzE4NDI2MjM3NjE1NjEwGKHoKQ&sigh=Q6wlU4RE9ms&uach_m=[UACH]&cid=CAQSOwCNIrLM3WmC1VB899liD63m829VARbDeGTi9R52vfzsBNf5vYKofq2O5mrjnZ8wQsMxgQt8mgSXuKAvGAE
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
placement.js
displayf-tm.everesttech.net/feed/ Frame EB25 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=NDvDYv7j52tWqoUbsWqn&rand=-281768613649248805&tm_auction_id=lxssa4KzEeywYj6elZ3eVw.1-1.MB&didtype=UNK&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&page_url=https%3A%2F%2Fwww.kokomotribune.com&seller_id=pub-6718426237615610&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&q=H4sIAAAAAAAAAGWSPWzTYBCGa7ulbYREiYJAkZBMprTCjn8_2-1Q3KS0oXWaxglpIhY7_pK4sfM5thunHTswgBioxNKFHSQGfiTUBYmFDQYWJBbEVDFBNyoG0h8mbrjhdM_dq_du8tvvLw-pt9mnVw5fvG8lH4_FZsJtD9IthFoONDw7oBvIzZi2ZUGfVi0d-n3ol2BvCwZh_Pvotc-jqcRGE0Buu1eslYw-bFl2a80D6cOvTzAuEWbrXEltCaJeF5ysb6FcxMq_3n18fmkh4Xabyppdr4mGAttRr-yaQWUP8zW0YzuOkRFphkxX7a6FooAslEmWoZk5clgAwhw5AMI0qXqeA6vQXLHDjMhLNA_I9MpyWVu9STp2B5JLsNFB02S27SMXZhSJZmgBKBwtsaRuNA3fPqf2MVKUoCgC2WBFWeEBNDlFEc2GCBTFUmSZ5Q-w684gCAxhZWcRbke1TQCdOg_vRjRLsbS28AOTJh7diScKuX6u1pc2RS6s9lDFDKq9bvJyB3WQi0LfNre68MRQEldGTuPn_BGW8LZMCkisLHCA4yXAioBljrFEvqL3WC1S3M31QJHb606zq-3iUzBso4ABlOcji-obYA-f8kOTOjsR1bT9IHyGjwZ2CF_iE8Nm6HdheISnY_-R8QtnUOoiTzOUXlCL-vJa-Rgfj43BgeeEu8R87MLZJ0y9uo8niYqeS52k6X_iZwnb9Rau3h4avDgIh5sMp-jbDbh0ChUnHxAj-8T5iANCiOEVPY4XaklCZNjURAFGZA35nZkxlmFYnpssqqVyXl3NF2fHNXVDyxdyt7AbsU9_7i29_vDmL6QgQjOrAgAA&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
adobe /
Resource Hash
1ade863fd803caacbf1659f8c6b95a9692c62c2a37c4e833ea9119511d5f2797

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-region
US-East
date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
gzip
x-pt
P=1881 0=0
x-timer
S1643646839.907400,VS0,VE11
x-served-by
cache-lga21923-LGA
vary
Accept-Encoding, User-Agent
x-failover
none
access-control-allow-origin
*
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
via
1.1 varnish
server
adobe
x-cache-hits
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame EB25 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:32:01 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame EB25 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:33:24 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EB25 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 23:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB25 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:58 GMT
e.png
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/ Frame EB25 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/e.png?e=win&aid=lxssa4KzEeywYj6elZ3eVw.1-1.MB&cp=2452968&slot=1&x_price=YfgPdgAKa0EKDHkOAAST4e1WudCiozFZ7GBgUA&ets=1643646838755&tz=America%2FNew_York&source=google&fc=12&fci=1&country=US&region=NY&mc=48&ap=0&ut=0&vis=UNKNOWN&site=NDvDYv7j52tWqoUbsWqn&bp=33587&curr=USD&exr=1.0&fid=Xf6e2yqPYRavegdigOp6&c=4117995505&ccurr=USD&cuxr=1.0&a=447083&ca=717226&st=DISPLAY&sh=150&sw=180&rid=4212&mp=9&psk=NDvDYv7j52tWqoUbsWqn&cfc=0&cfci=0&dur=-1&cityid=-1&metroid=134&countryid=232&postalid=3456&duration=180&v=1&auth=oxrWgPGo-QtsfCKlkxgEh2R6-wY&x_r=8bbB4Q
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.147.104.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-104.compute-1.amazonaws.com
Software
adobe /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:58 GMT
x-pt
P=139 0=0
content-type
image/png
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
server
adobe
expires
Thu, 01 Jan 1970 00:00:00 GMT
imp
statsf-tm.everesttech.net/stats/1/ Frame EB25 		85 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/imp?sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&psId=NDvDYv7j52tWqoUbsWqn&burl=https%3A%2F%2Fef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&w=300&h=250&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&price=YfgPdgAKa0EKDHkOAAST4e1WudCiozFZ7GBgUA&PG=F&seller_id=pub-6718426237615610&campaignKey=IUSq1Mw9mjQs98hQlfnM&bidderZone=ethos06-prod-va6&bidderGroup=rtb-bidder-first&env=site&conn=ethernet&s=H4sIAAAAAAAAAAHAAD__KqUl8fwiBq-ejvmK0KpsHVu8iEvs0WTEkaSVuvt9nl0C0wzBRjXXbaAO1ilklmEqmUjTOnOESxmOPGGewLcFnB6KcBii86_pV8ppr2_-iYV0f0mSx38E1U_7Ys8847724ll0Rg5yH924PzkVzKlcCX2Mpn5mDF2y2e7uxh2PgOt4mpiJCClXKUbN9VPC3weqasvdMAyOuEKdrJY0XkPTuEo0CLQbfXmcCjMCgPcx_VGZCevltg6osAeIVS9Ux4CLSH0qusAAAAA&date=1643646838756&auth=a489d31a756adabda24da055bb4fafa3&vinst=t&rurl=https%3A%2F%2Fwww.kokomotribune.com%2F&wd=1
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
via
1.1 varnish
x-pt
P=231
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-lga21923-LGA
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:58 GMT
i
vid-io-cle.springserve.com/vd/ Frame E808 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=18358f8e&ps_id=623035&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5ad38643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.190.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-190-206.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
date
Mon, 31 Jan 2022 16:33:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
pixel
uat-net.technoratimedia.com/ Frame 6C64 		0
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/pixel?rid=17238329699278340&id=9&mpos=0&apos=0
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:58 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
840474678
access-control-allow-origin
https://engage.imds-cdn.com/
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A72F 		1 KB
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 30 Jan 2022 19:21:13 GMT
expires
Mon, 31 Jan 2022 19:21:13 GMT
cache-control
public, max-age=86400
age
76365
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame EB25 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e93f5b5f25752fba3d101f0b48884bcdf1b2c4d2771c617642f5253f17c58e07

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6540 		376 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f10.1e100.net
Software
sffe /
Resource Hash
6fee8b4efec9b0317fa9c53cffbda34f21dace30ad3104e5af3cadf6217fc354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127062
x-xss-protection
0
expires
Mon, 31 Jan 2022 16:33:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6540 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.2912599800756437&wt=1643646839022&sdkv=h.3.496.0&xai=undefined&url=3,https%3A%2F%2Fwww.kokomotribune.com%2F$0
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
displayproxy-20201012.js
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame 52C6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=lxssa4KzEeywYj6elZ3eVw.1-1.MB
Requested by
Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=NDvDYv7j52tWqoUbsWqn&rand=-281768613649248805&tm_auction_id=lxssa4KzEeywYj6elZ3eVw.1-1.MB&didtype=UNK&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&page_url=https%3A%2F%2Fwww.kokomotribune.com&seller_id=pub-6718426237615610&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&q=H4sIAAAAAAAAAGWSPWzTYBCGa7ulbYREiYJAkZBMprTCjn8_2-1Q3KS0oXWaxglpIhY7_pK4sfM5thunHTswgBioxNKFHSQGfiTUBYmFDQYWJBbEVDFBNyoG0h8mbrjhdM_dq_du8tvvLw-pt9mnVw5fvG8lH4_FZsJtD9IthFoONDw7oBvIzZi2ZUGfVi0d-n3ol2BvCwZh_Pvotc-jqcRGE0Buu1eslYw-bFl2a80D6cOvTzAuEWbrXEltCaJeF5ysb6FcxMq_3n18fmkh4Xabyppdr4mGAttRr-yaQWUP8zW0YzuOkRFphkxX7a6FooAslEmWoZk5clgAwhw5AMI0qXqeA6vQXLHDjMhLNA_I9MpyWVu9STp2B5JLsNFB02S27SMXZhSJZmgBKBwtsaRuNA3fPqf2MVKUoCgC2WBFWeEBNDlFEc2GCBTFUmSZ5Q-w684gCAxhZWcRbke1TQCdOg_vRjRLsbS28AOTJh7diScKuX6u1pc2RS6s9lDFDKq9bvJyB3WQi0LfNre68MRQEldGTuPn_BGW8LZMCkisLHCA4yXAioBljrFEvqL3WC1S3M31QJHb606zq-3iUzBso4ABlOcji-obYA-f8kOTOjsR1bT9IHyGjwZ2CF_iE8Nm6HdheISnY_-R8QtnUOoiTzOUXlCL-vJa-Rgfj43BgeeEu8R87MLZJ0y9uo8niYqeS52k6X_iZwnb9Rau3h4avDgIh5sMp-jbDbh0ChUnHxAj-8T5iANCiOEVPY4XaklCZNjURAFGZA35nZkxlmFYnpssqqVyXl3NF2fHNXVDyxdyt7AbsU9_7i29_vDmL6QgQjOrAgAA&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6A) /
Resource Hash
848c2b11a39d6af4a9cb08e516faaa87f05227446e5af4e2a1b7634e929806d4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 21:43:55 GMT
server
ECAcc (nya/1C6A)
age
62268
etag
"261452876"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
5891
expires
Tue, 01 Feb 2022 16:33:59 GMT
pixel
cm.g.doubleclick.net/ Frame A72F
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEO86itiiPzEHWFcutPOegc&google_cver=1&google_push=AYg5qPJ3ZdC1iJTvd7dXhDMdGGRa-GpGDHSoyGK4MkWjzF13OhbXykL...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4e112ec5c197121b&is_secure=true&networkId=14000&version=1&google_gid=CAESEEO86itiiPzEHWFcutPOegc&google_cver=1&google_push=AYg5qPJ3ZdC1...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGbf6wWgeAxwNAmdZ8AAAAAAA&expiration=1643733239&google_cver=1&is_secure=true&google_gid=CAESEEO86itiiPzEHWFcutPOe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGbf6wWgeAxwNAmdZ8AAAAAAA&expiration=1643733239&google_cver=1&is_secure=true&google_gid=CAESEEO86itiiPzEHWFcutPOegc&google_push=AYg5qPJ3ZdC1iJTvd7dXhDMdGGRa-GpGDHSoyGK4MkWjzF13OhbXykLUp7h4a6X_oBRb3NCdHrYOzXWpFz5ru9IwKeH3GQIUDGJwrcH4lzC5m3atA7DkkDY-0q-j8GxA3fFcrnKDFxiVF7Ni
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGbf6wWgeAxwNAmdZ8AAAAAAA&expiration=1643733239&google_cver=1&is_secure=true&google_gid=CAESEEO86itiiPzEHWFcutPOegc&google_push=AYg5qPJ3ZdC1iJTvd7dXhDMdGGRa-GpGDHSoyGK4MkWjzF13OhbXykLUp7h4a6X_oBRb3NCdHrYOzXWpFz5ru9IwKeH3GQIUDGJwrcH4lzC5m3atA7DkkDY-0q-j8GxA3fFcrnKDFxiVF7Ni
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame A72F
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEKef_mWqfgvVg0Mefo_QdVg&google_cver=1&google_push=AYg5qPJqDAExHW4NrbpVRq9UwdsI0R1mdSyOEo_T3VQ5MuEYByAa_f67BeqHdswVsOXlxyftEyziZrvuyeKsbbK099LaWYGzVt28...
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPJqDAExHW4NrbpVRq9UwdsI0R1mdSyOEo_T3VQ5MuEYByAa_f67BeqHdswVsOXlxyftEyziZrvuyeKsbbK099LaWYGzVt28Zs03QdMcbJWL4BhJZigVAu66hsc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPJqDAExHW4NrbpVRq9UwdsI0R1mdSyOEo_T3VQ5MuEYByAa_f67BeqHdswVsOXlxyftEyziZrvuyeKsbbK099LaWYGzVt28Zs03QdMcbJWL4BhJZigVAu66hscF5hDBCNx259Q7314&google_hm=UjFENTMxX0VBOTBERkVEXzZEODkwNjI5
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPJqDAExHW4NrbpVRq9UwdsI0R1mdSyOEo_T3VQ5MuEYByAa_f67BeqHdswVsOXlxyftEyziZrvuyeKsbbK099LaWYGzVt28Zs03QdMcbJWL4BhJZigVAu66hscF5hDBCNx259Q7314&google_hm=UjFENTMxX0VBOTBERkVEXzZEODkwNjI5
Date
Mon, 31 Jan 2022 16:33:59 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
381
Strict-Transport-Security
max-age=-326633639; includeSubDomains
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame A72F
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEAfc_ZmaBUhZj_uqb6bp994&google_cver=1&google_push=AYg5qPLu-U6pl922eOrM_Si5upebDXiIW5Gq8jou6erDQOxn7vrpXk1f35-xMhoWVSuDxoAteUIMkBiJp2Xj7QWqcbSFsnU04bKGdqCH...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEY0QjU5RjAwMzQxRENERQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEY0QjU5RjAwMzQxRENERQ==
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEY0QjU5RjAwMzQxRENERQ==
date
Mon, 31 Jan 2022 16:33:59 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame A72F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECAp3ZC-p9EBSbSlaKMp5_o&google_cver=1&google_push=AYg5qPLjLHn7ud4JHEbWkfgaAhDniRKfzLscEkCnX5THMuVhEMVG09FiQMErtl1oTt2lIPJD7R-jDEc1FUpT12h7xme9...
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=52638daa-6014-4119-b150-9bcba7f3100a&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLjLHn7ud4JHEbWkfgaAhDniRKfzLscEkCnX5THMuVhEMVG09FiQMErtl1oTt2lIPJD7R-jDEc1FUpT12h7xme9XS5BqZyFrlywOVMoNz_PAay2O127CcA3T5J7aS5HYA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLjLHn7ud4JHEbWkfgaAhDniRKfzLscEkCnX5THMuVhEMVG09FiQMErtl1oTt2lIPJD7R-jDEc1FUpT12h7xme9XS5BqZyFrlywOVMoNz_PAay2O127CcA3T5J7aS5HYANIeCN7pqU&google_hm=8JnjrkQMSLKYRR1LS5932A==
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLjLHn7ud4JHEbWkfgaAhDniRKfzLscEkCnX5THMuVhEMVG09FiQMErtl1oTt2lIPJD7R-jDEc1FUpT12h7xme9XS5BqZyFrlywOVMoNz_PAay2O127CcA3T5J7aS5HYANIeCN7pqU&google_hm=8JnjrkQMSLKYRR1LS5932A==
Date
Mon, 31 Jan 2022 16:33:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A72F
Redirect Chain
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEI1O1naYn38eXjhrBgvc4fg&google_cver=1&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKf...
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=35cc591c-f543-4cfd-9cb0-2c2dcf2b0b91&ccid=35cc591c-f543-4cfd-9cb0-2c2dcf2b0b91&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuid...
  • https://a.clickcertain.com/px/li/?ccid=35cc591c-f543-4cfd-9cb0-2c2dcf2b0b91&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEI1O1naYn38eXjhrBgvc4fg&google_cver=1&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyV...
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEI1O1naYn38eXjhrBgvc4fg&google_cver=1&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnw...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY-xgIGBOtvAM0IEs6SCjtx8NTXwnXdU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY-xgIGBOtvAM0IEs6SCjtx8NTXwnXdUCrhjGAl1qKsxQrJEyc&google_hm=MzVjYzU5MWMtZjU0My00Y2ZkLTljYjAtMmMyZGNmMmIwYjkx
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 16:33:59 GMT
x-frontend
cc-nginx-588445b6b9-tjdpz:cc-nginx-588445b6b9-tjdpz
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
eff7dd97-9967-9882-89bc-fbd2bcfeef9b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHr0xAj0UZqPPkZSJ%2Fq9Rw%2BFtJtkY5Tcx0GdsVwSvv5rHSGHYgvU6pVqmWq%2FaWt33DbNOTQIt%2FZywD8BHc9ehAV1gA1fnX%2Bh97CQIn%2FJXhpBHKeRrnFsV9KdOJAzo62p3TJt3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AYg5qPLBk5aJ1l8BBnoQmvwU5NfP9Yb_Pf_W6523pB0qHUGj7FyVZ1qmxrifW0kMQStAC39nUae4lM7PskJnwLD6JySeLKfY-xgIGBOtvAM0IEs6SCjtx8NTXwnXdUCrhjGAl1qKsxQrJEyc&google_hm=MzVjYzU5MWMtZjU0My00Y2ZkLTljYjAtMmMyZGNmMmIwYjkx
x-envoy-upstream-service-time
49
cf-ray
6d64584bfb681795-EWR
pixel
cm.g.doubleclick.net/ Frame A72F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESENdoKSKXrbInG9ahiMxCGhI&google_cver=1&google_push=AYg5qPLz3kJ1GFDfWiAcjW_fTNeZz9ZK5n7oiajXlnt_pmvN-vRSYNxQhxXYIoGkY7z9As6HbgxOGAwr-W1PRXA...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=e9R6m-r0nkCvvkPkvfybzg&google_push=AYg5qPLz3kJ1GFDfWiAcjW_fTNeZz9ZK5n7oiajXlnt_pmvN-vRSYNxQhxXYIoGkY7z9As6HbgxOGAwr-W1PRXAwjTBp_7vCM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=e9R6m-r0nkCvvkPkvfybzg&google_push=AYg5qPLz3kJ1GFDfWiAcjW_fTNeZz9ZK5n7oiajXlnt_pmvN-vRSYNxQhxXYIoGkY7z9As6HbgxOGAwr-W1PRXAwjTBp_7vCMBW-Srqnd8T73Om7MpfuZfJ92j064GlmeNyoMgjeiNlgX3cbBg
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=e9R6m-r0nkCvvkPkvfybzg&google_push=AYg5qPLz3kJ1GFDfWiAcjW_fTNeZz9ZK5n7oiajXlnt_pmvN-vRSYNxQhxXYIoGkY7z9As6HbgxOGAwr-W1PRXAwjTBp_7vCMBW-Srqnd8T73Om7MpfuZfJ92j064GlmeNyoMgjeiNlgX3cbBg
date
Mon, 31 Jan 2022 16:33:59 GMT
server
Kestrel
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame A72F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKXycu_6DJkJqgXJoGhe7kAYvO59dz7j4wOiu9Yz298x7KkTqLe_cC7yy9nRBOc7Y
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame EB25 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
6d314ac02b2152fc1fe7e334c28b0968c7136c3f96c98bb7a846e4e1ede68b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:30:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22887
x-xss-protection
0
server
cafe
etag
17106819053595883683
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 17:30:20 GMT
78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4.m3u8
vam-streaming.imds-cdn.com/4c/72/wibbitz/ Frame 5376 		818 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/4c/72/wibbitz/78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C1E) /
Resource Hash
5fe8aaea5a3a7941bfcf5e1b32f8a6663f0bc586da8f1f9155c8e6a51ae7ad8f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
last-modified
Wed, 26 Jan 2022 15:44:28 GMT
server
ECAcc (nya/1C1E)
age
433755
x-cache
HIT
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
content-length
818
csi
csi.gstatic.com/ Frame EB25 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kz2ww1sx&e=21060099&ctx=2&qqid=CMHp0s-13PUCFQ55DAod4ZMESQ&met.4=fb.v~lb.3g~cmrload.5z~ol.60~idt.a5~dt.-ai&met.3=733.3j~742.3j~749.4m_2~735.5m_1~740.5n~113.6d_4~112.6c_5&met.1=1.kz2ww1ml~6.0~7.0~8.0~9.0~10.0~12.1~13.5~14.6~15.a~16.3w~17.3w~18.3w~19.5z~20.5z~21.60&met.7=CBsQCBgBKAEwBjjYAWgBcAZ40BqAAaQYiAHOL7ABAbgBAw~CCEQBBgBICIoIjBfODw~CBsQCiAkOCc~CB4QChgBICQoJDAqOAVoJXApeOELgAG1CYgB4RGwAQG4AQM~CBwQChgBICUoJTAqOAZoJnAqeJcygAHrL4gBpW-wAQG4AQM~CBEQChgBICUoJTArOAZoJnAqeJo5gAHuNogB47MBsAEBuAED~CCoQChgBICUoJTBAOBs~CBsQBiAmOFc~CBsQBiAnOBk~CBwQBRgBIHgoeDCAATgIaHxwf3iACIAB1AWIAZYJsAEBuAED~CCgQChgBINoBKNoBMN8BOAVo2wFw3gF4k7UBgAHnsgGIAe3YA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s37-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ct
ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ Frame 6D14 		46 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=lxssa4KzEeywYj6elZ3eVw.1-1.MB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f6.1e100.net
Software
cafe /
Resource Hash
6913d0d7f118ff5eaa320dfd08b9e150dd6a4fe5f3b067ae0b2569b28f5bfaec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jan 2022 16:33:59 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
23546
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 52C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_cm&google_sc&google_hm=WWZnUGNnQUN2YVB0NWdCSA%3D%3D
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_gid=CAESEMtvt2zDelIhan8x6SfjGmk&google_cver=1
85 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_gid=CAESEMtvt2zDelIhan8x6SfjGmk&google_cver=1
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
3451
x-served-by
cache-lga21923-LGA
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1643646839.221105,VS0,VE0
content-length
85
x-cache-hits
30358

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_gid=CAESEMtvt2zDelIhan8x6SfjGmk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
renderstart
statsf-tm.everesttech.net/stats/1/ Frame 52C6 		85 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/renderstart?psId=NDvDYv7j52tWqoUbsWqn&PG=F&env=site&adKey=mnf9OiZY5a9ehwqTmbsU&conn=ethernet&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&auth=040d0e3ac9eefa5e4972ea5dd0957296&s=H4sIAAAAAAAAAAEAAf_-UMXMPuUOqebaToHpHhKKwYQ3TpCtu4GIVyhkI9RClnuEcWFel5PTCu9ZugnhCELYiuOTuLgiijgR_qRHynWJVFsCNWGluj1Tu-lV9JPhd5z-bNVevgxWmTKEe2GTAGbayIJTb6gQ7GhHFPGCyLsZPfBFLSHAfE5GXAXEUCQGU_xEeOfceRuzWypTDVZreGqShzOOA4eiEsXGEf8Bv83vBlp4NtC3f_e_Nl65nXHuLYVfWowpYH2poz2vpBxOLi363W9s9XW5D52Uc4zy931CmzPQviYyrESLcjGdZ1tycJNO8hyQN8fv15YEYqLdXbGwG0jYIeu27qlHLv3NoXV6qxs_MqMAAQAA&did=&date=1643646838912&seller_id=pub-6718426237615610&mpKey=Xf6e2yqPYRavegdigOp6&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&didtype=UNK&rt=HTML5&vinst=t&price=&cpKey=tCZ2RAg45SZ4lCrdoDw1&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.kokomotribune.com&astv=20201012&apv=B20201012
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
via
1.1 varnish
x-pt
P=174
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-lga21923-LGA
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:59 GMT
rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame 52C6 		85 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/rendercomplete?psId=NDvDYv7j52tWqoUbsWqn&PG=F&env=site&adKey=mnf9OiZY5a9ehwqTmbsU&conn=ethernet&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&auth=040d0e3ac9eefa5e4972ea5dd0957296&s=H4sIAAAAAAAAAAEAAf_-UMXMPuUOqebaToHpHhKKwYQ3TpCtu4GIVyhkI9RClnuEcWFel5PTCu9ZugnhCELYiuOTuLgiijgR_qRHynWJVFsCNWGluj1Tu-lV9JPhd5z-bNVevgxWmTKEe2GTAGbayIJTb6gQ7GhHFPGCyLsZPfBFLSHAfE5GXAXEUCQGU_xEeOfceRuzWypTDVZreGqShzOOA4eiEsXGEf8Bv83vBlp4NtC3f_e_Nl65nXHuLYVfWowpYH2poz2vpBxOLi363W9s9XW5D52Uc4zy931CmzPQviYyrESLcjGdZ1tycJNO8hyQN8fv15YEYqLdXbGwG0jYIeu27qlHLv3NoXV6qxs_MqMAAQAA&did=&date=1643646838912&seller_id=pub-6718426237615610&mpKey=Xf6e2yqPYRavegdigOp6&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&didtype=UNK&rt=HTML5&vinst=t&price=&cpKey=tCZ2RAg45SZ4lCrdoDw1&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.kokomotribune.com&astv=20201012&apv=B20201012
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
via
1.1 varnish
x-pt
P=229
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-lga21923-LGA
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:59 GMT
aac_viewability-ab8b7a.js
playtime.tubemogul.com/ud/prod/pullins/ Frame 52C6 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=lxssa4KzEeywYj6elZ3eVw.1-1.MB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79B4) /
Resource Hash
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 01:39:46 GMT
server
ECAcc (nya/79B4)
age
30365
etag
"1983306799"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
4789
expires
Tue, 01 Feb 2022 16:33:59 GMT
pixel
uat-net.technoratimedia.com/ Frame AEB6 		0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/pixel?rid=17238329700260926&id=9&mpos=0&apos=0
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
865973701
access-control-allow-origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4+0.ts
vam-streaming.imds-cdn.com/4c/72/wibbitz/ Frame 5376 		353 KB
353 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/4c/72/wibbitz/78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4+0.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78F6) /
Resource Hash
0f1af209799961bb3d3ac9d9a122b012bc766720d0dd6d88562920b3820238b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
last-modified
Wed, 26 Jan 2022 15:44:28 GMT
server
ECAcc (nya/78F6)
age
433752
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
360960
3a6cb24c-0368-440e-8025-9c6da9dbadd3
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/ Frame DFB3 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/3a6cb24c-0368-440e-8025-9c6da9dbadd3
Requested by
Host: ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
URL: https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75ae82973872a4e10d12bf025fc17c12830f9f1723e32dcbbc6de6b6770a2015

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
53569_-_300x250.png
s0.2mdn.net/9935087/ Frame 6D14 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9935087/53569_-_300x250.png
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
sffe /
Resource Hash
e6694208cd9da351fb0db83a9a78f8450ac817fe7f49f1aaf0363f4c38098112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 03:10:04 GMT
x-content-type-options
nosniff
age
48235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43449
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 23:02:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Feb 2022 03:10:04 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/xfa/ Frame 6D14 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
806b4ea1a35d9a0327df2f3423b2792713d96cf9b2cafd5b3e0bc0b624eaaffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 18:21:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4150
x-xss-protection
0
server
cafe
etag
7197913981456707621
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 18:21:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 6D14 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 16:28:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D14 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6D14 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRRtvu5niS10mKBo1VimObH2TnQQvTvFbaSGIhgnIoZo3bgNRZ5YCEzMZT4kP6Qcj_4mQ4hJp3KgZk1Khed2zkkOWok5db_Lpg6GTgUcTfxQQEHChWZj7w1ZhZUg&sig=Cg0ArKJSzJcupv21TiemEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220126.70769&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tag169502
ads.revjet.com/ Frame 6D14 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.revjet.com/tag169502?_key=55e&_cb=2572972505
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
74.217.31.246 Secaucus, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
server
nginx
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
must-revalidate, no-cache, no-store
x-server
ip41627
content-type
image/gif
content-length
43
expires
Sat, 01 Jan 2000 12:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6D14 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 04:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Jan 2023 04:37:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6D14 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
dbe505f6a583667f81dc7892dbed9e568142818948ccd2216dc7ab76ba8f5ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4790
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 45CB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 29 Jan 2022 04:37:49 GMT
expires
Sun, 29 Jan 2023 04:37:49 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
215770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 45CB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
521347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:44:52 GMT
78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4+16666.ts
vam-streaming.imds-cdn.com/4c/72/wibbitz/ Frame 5376 		183 KB
183 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/4c/72/wibbitz/78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4+16666.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/790C) /
Resource Hash
dc05e68cbaa65421a62bdae2d92ca510a658d87f7ada82bd81481214d8f1d67f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
last-modified
Wed, 26 Jan 2022 15:44:28 GMT
server
ECAcc (nya/790C)
age
433740
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
187060
autoplay-font.c4fe1a1a.woff
engage.imds-cdn.com/dist/ Frame 5376 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/autoplay-font.c4fe1a1a.woff
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C31) /
Resource Hash
c4fe1a1a66f1724b40262a880ac9d2a22dd5005e8c0e770cc781b58d0c6a0a56

Request headers

Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
Origin
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
via
1.1 varnish
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C31)
age
28074131
etag
"a88-5bc7bb10d6e40"
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-varnish
464807572 645904458
accept-ranges
bytes
content-type
application/font-woff
content-length
2696
expires
Wed, 15 Jun 2022 17:03:38 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame E505 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f10.1e100.net
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 28 Jan 2022 21:57:26 GMT
expires
Sat, 28 Jan 2023 21:57:26 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 24 Jan 2022 19:11:17 GMT
content-type
text/html
age
239793
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6540 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 31 Jan 2022 16:33:59 GMT
integrator.js
adservice.google.com/adsid/ Frame 6540 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
SPug
simage4.pubmatic.com/AdServer/ Frame 3483 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156344&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0533 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://engage.imds-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 15:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:35:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6D14 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRRtvu5niS10mKBo1VimObH2TnQQvTvFbaSGIhgnIoZo3bgNRZ5YCEzMZT4kP6Qcj_4mQ4hJp3KgZk1Khed2zkkOWok5db_Lpg6GTgUcTfxQQEHChWZj7w1ZhZUg&sig=Cg0ArKJSzJcupv21TiemEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=292&vt=11&dtpt=291&dett=2&cstd=0&cisv=r20220126.70769&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N636.137922.TUBEMOGUL/B26068444.307856938;amo=ef_id=YfgPcgACvaPt5gBH:20220131113358:d;sz=300x250;click=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=tCZ2RAg45SZ4lCrdoDw1&mpKey=Xf6e2yqPYRavegdigOp6&adKey=mnf9OiZY5a9ehwqTmbsU&sessId=lxssa4KzEeywYj6elZ3eVw.1-1.MB&seller_id=pub-6718426237615610&psId=NDvDYv7j52tWqoUbsWqn&sId=0&dur=0&date=&auth=&did=&didtype=UNK&stch_id=YfgPcgACvaPt5gBH&conn=ethernet&env=site&bi=B093kIgZsvGfqdFRPo5Cw619Wb3x3QWhnHMQFsJjJ2KOS6Breh1pPZRO_871Y3ILQMKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqpCroRBo_dnb6818yd_Gi-RR90jSY9gXnNr_zzQW7Q8UprV0R-fyPYVKNfHH0al-uSg1bbaggRCfF0GAQXupze7_6OfCibRp0bWFk_pyHQAiw&PG=F&s=H4sIAAAAAAAAAAEAAf_-FPQarbkVCfEF3yPY5kTkjj-SjYXdZ6OftiC10xsH_AOaxvsezngAbktNkk4AkTuLWjC1Tp8b9GOg9KfhggeNm14xxOBJYB3Y-c0NpyefYO80uJbig0VYZl94NmQK1_BLi3k6zXYYfnNAzuS4eYI4bQTeYefRTgiOQpyCsZ9reXOwtjzeVsid_QrM2qS1z6VWane__YS79ySXouNp2_yopRoSAXs8X2RRYBTGbME9Y9j-4GIpCWjaY5Bian0lYCjAW66XYBAdf99R7XTW_eEA5h7Y88rhSdW60iM5Sz_AO4a09yDopi27eo-Ljb254E5v1FMkd8WhUKkoTgs8t_9xAXI0iD4AAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-Ct9dg_4YcHWKY7yMeGnksgEvN-c9FyugtuXUsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTCgAZ7fyuoDyAEJ4AIAqAMBqgSjAk_QDqqF4ZWvoHvqzEBGiPmtHrTYHZ5dG4672u_tYLFotDknLIXziDBs6RFNMZv3foDF3FANrhzIABicwmuLOZ7qoetxviGXHQ96c9eyigRpFfZ8ZdxP9Ski5EfxlTyi_9YqHxkMUtMJ_Z5s44bgVXzfGJ1EjcN-O4c0NPUrriqBkQbeQ6abQ2DA3X_bMqRGNfXv5KG4T1NWi-QE6CLw9LHJQupcarYqy1VtF-VYc2iidZAkM8OI-xXJEqzNTnKTFZQmPWU0siXqz8zWnAvJgqZQCFsnF72BYa4yBbA6vjbdvvPgDSsmE_PnGwoV52POxz-k0QpgCWh95Mj9h9r_Dx9ZT_6TOb8q2S-MjYjWNG5-A4wIVXY5Kflu459RWIf0nCbMLuAEAYAG8uCx8a6bz8irAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMTQ5NjcwOTM4MDg2ODA2MfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OT24vTUzaOJQKNkcBQSfvR5B-7Q%26client%3Dca-pub-6718426237615610%26adurl%3D;ord=1643646838912;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:33:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6D14 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:33:59 GMT
78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4+25000.ts
vam-streaming.imds-cdn.com/4c/72/wibbitz/ Frame 5376 		136 KB
136 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/4c/72/wibbitz/78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4+25000.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D6) /
Resource Hash
524857a098e0fb4323aece41b20aa791742553ecceb4cca73962218960688fb4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:33:59 GMT
last-modified
Wed, 26 Jan 2022 15:44:28 GMT
server
ECAcc (nya/79D6)
age
433740
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
139496
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame C8EC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
521347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:44:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45CB 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVZRFdw_4YeetCdD9zwW2iZXQAgAAAAA4AeAEAg&bg=!6Oul66_NAAY6OBv_Ojg7ACkAdvg8WqdsLacFMTMz2xRoIsxudibZ0WsjSFMT8vcPWDifzuqgD3j6mQIAAAE1UgAAAAhoAQeZA8Efvflc3kEXoVz8azG7CVzxhR6oH9Mxd9058_nF4AueXECoKqpylZJ9U_1OyQthM2GoZqIf5WWXFohF6BgEAJexgCM42oftdvppfYrsDzs0e_TEprQ8areUP2lHUF8Li3w1pVDWNr0rABOP5fcVJd2pTy51qU2CXYFihS_cdyI4w3EQwmMJNr2drMJZdl74v15aHIT8TdFJDnfpsdNWGxk3oEK8dnz2VAWY_brV3uzA5Nkj3v4RkN2TL0mQ-0-bxPYBOBJqCznv1Yd6aPyx2w_jWCngl0VCj5Nd4o4ZCBuv0TGJxUcQogLnp42kB0S9P_LiWa5tHsgS_zzv5SurEwS6Ej25s_WGrhrs78F8y90t8HEobLe2T1ylhMM9KrUkJ10Q6UqKs0kTu7WaTEqrvSrmF7XED9TCqGYymOVvfGvl_qkBZ11Yzy0y0QrtMXScTXgMbcD3l1hHb4gVlmIVCIULzkLOFVnAC7zt9mTmLAdgGJXCgMtdTbPsuQ3mBa7tgatK23dQ_Mb790hQz-HEhUDBKDxg6RBEKsXq7TlHZxmmNSuuIX53x06ZJZKwfXWJBNHaBSQywYxf_o4cNvaEY1Dt0Ury8CA-OKw8P6hN1LmAFB-qBTCqrMlar31FtrtfM0Rc-SJmgUOTQTr2rnRLkKTzDz2xalzaoploOLgVlVu_Wxtl1ev7mreeX84LFRl9E3zL6uVulo_qPy0sUz7OgHr83BB5bh6tX3BfdHrX1LfV8d6BuTUpWbVM4MSi15uFtEAMMNyrlKPLXeuJfbFFTm4xfKSf4VeGehjANsnf51XKFFJpr6HfVprECbMjtppJ8NYeUsi8WnEZvztnlNLU7rZQmSr-P8Rrqwtaa7JPY-O_1KAdzof3VnUcnwQS8VJn2SxITl9zttFq2mlFV5Q2QDKSQimwjKAzb5EPaHxnrJRisA9N5-yjnHbhb9qS7aAQLze0TZ92VVMmQHji4qLM1ixdfVV6yqMdsmwtG8xogf63R0iQFSLpKh27lYpCbddczcysG9IHsBBzVmLwPjJK-PyRapjl8RcUqdPWklXODMjUdhlxPfknx6oNX1nvUeYbjnwEsew9CLyCjfYkI4Z7IT3ZeWqEIU8iw3FfG3G62VixlSmUSsxcOkfyjtAgru06XrRVy_NMEIw5YkmS6_-OLg35O3hGMFL67forPxDvoTH8clJjytPNKnEufx9mGyA5xLSgcK7MNmdHeF7JTTcZ48F_92_EiF1R2kmhAZMiGGvB9QNrJkVfq8fof90063Psg6Kw
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E505 		156 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x383&iu=%2F5284%2Fsyn.synacorengage&description_url=https%3A%2F%2Fwww.kokomotribune.com%2F&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1098647085649211&ord=1643646837769&url=https%3A%2F%2Fwww.kokomotribune.com%2F&cust_params=dfpcid%3D138343928427%26dfpadunit%3D%2F5284%2Fsyn.cnhi%2Fcnhi_engage_reflex_ron_payload%26sizebucket%3Dsmall%26dfpclient%3Dsyn.cnhi%26autoplaydomain%3Dkokomotribune.com%26browserclass%3Dchrome%26autoplaybucket%3D90&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.496.0%2Fvpaid_adapter&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=p&ctv=0&sdki=44d&adk=3773976752&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=D5D284B0-4167-42D9-883D-C8EDECB918B4&nel=0&eid=420706098&dt=1643646839869&scor=109165867138615&ged=ve4_td1_tt0_pd1_la1000_er0.0.421.1_vi0.0.0.0_vp0_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455420248101649
49 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455420248101649
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-29
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455420248101649
Date
Mon, 31 Jan 2022 16:33:59 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
um
sync.teads.tv/
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
  • https://us-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=5c10855d-f720-40bb-9d9a-71c7d26af1fd
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=5c10855d-f720-40bb-9d9a-71c7d26af1fd
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Server
23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:33:59 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 31 Jan 2022 16:33:59 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

date
Mon, 31 Jan 2022 16:33:59 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=5c10855d-f720-40bb-9d9a-71c7d26af1fd
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6a6661f8-0f72-4100-92ed-e1893d6cb49c
49 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-22
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 16:33:59 GMT
Server
MT3 4133 baa842e master iad-pixel-x23 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6a6661f8-0f72-4100-92ed-e1893d6cb49c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 16:33:58 GMT
155.gif
id5-sync.com/k/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4bd1642a73&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=f7b60080-53d0-4379-88f3-81d8f68637b7&pubid=4bd1642a73
  • https://id5-sync.com/s/434/9.gif?puid=8bac0724-2036-44e9-8d74-32f1a715d54a&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=8bac0724-2036-44e9-8d74-32f1a715d54a&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/2/8/2.gif?puid=4909702476009743137&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOANbkxMn-i3tTatmqzwVXq1Csnht_z35-tACREw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/3/7/3.gif?puid=6a6661f8-0f72-4100-92ed-e1893d6cb49c&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=f7b60080-53d0-4379-88f3-81d8f68637b7&ttl=%%TTL%%
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOFZF2wiw7HzONgIr7eNNGA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4909702476009743137&opid=apx&ops=&utidl=tech:goo:CAESEOFZF2wiw7HzONgIr7eNNGA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A24888306587&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOANbkxMn-i3tTatmqzwVXq1Csnht_z35-tACREw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F4%2F6.gif%3Fpuid%3...
  • https://id5-sync.com/cq/434/916/4/6.gif?puid=7551d5a1-6701-484c-855b-a0261d33ce27&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD-x07D8B8AAAY-sIC1wQ
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8bac0724-2036-44e9-8d74-32f1a715d54a&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Wjk0UkI1dXFxLVAzbjc5djFqYTNOdw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEIZVlXNWG8RjN3gZhFymNhE&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=voXcyPVxQiGh
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=voXcyPVxQiGh
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:33:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-29
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=voXcyPVxQiGh
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-c97897cf6-4bnvn
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=f099e3ae-440c-48b2-9845-1d4b4b9f77d8&google_hm=ZjA5OWUzYWUtNDQwYy00OGIyLTk4NDUtMWQ0YjRiOWY3N2Q4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENvZv7c4KYc859jSTTiJ7VM&google_cver=1&ssp=sonobi&bsw_param=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 16:34:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-29
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=f099e3ae-440c-48b2-9845-1d4b4b9f77d8
Date
Mon, 31 Jan 2022 16:34:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 083E 		157 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.22.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-22-214.compute-1.amazonaws.com
Software
/
Resource Hash
a26b4d366444b5d5a323b72688d7696829b5913fede770b02487f57413cad5f6

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:00 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://engage.imds-cdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
153
expires
0
i
vid-io-cle.springserve.com/vd/ Frame 083E 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=f1fd57d2&ps_id=623035&batch=1
Requested by
Host: engage.imds-cdn.com
URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.190.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-190-206.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://engage.imds-cdn.com
date
Mon, 31 Jan 2022 16:34:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4.m3u8
vam-streaming.imds-cdn.com/b4/3b/wibbitz/ 		820 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/b4/3b/wibbitz/b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C04) /
Resource Hash
d3ee5e10a667f3df49b626868c8cc65deb1bbb40a925406f03ae4810741fc8d8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:00 GMT
last-modified
Wed, 26 Jan 2022 15:40:39 GMT
server
ECAcc (nya/1C04)
age
433774
x-cache
HIT
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
content-length
820
b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4+0.ts
vam-streaming.imds-cdn.com/b4/3b/wibbitz/ 		211 KB
211 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/b4/3b/wibbitz/b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4+0.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C73) /
Resource Hash
8f702e3dc72507b7be62c7a00ed3f867f9fc699c277380baf791203d15820182

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:00 GMT
last-modified
Wed, 26 Jan 2022 15:40:39 GMT
server
ECAcc (nya/1C73)
age
433765
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
215636
c0ba4b49-0e32-466b-b261-2cf012a862ac
https://www.kokomotribune.com/ Frame 6181 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kokomotribune.com/c0ba4b49-0e32-466b-b261-2cf012a862ac
Requested by
Host: blank
URL: about:blank
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75ae82973872a4e10d12bf025fc17c12830f9f1723e32dcbbc6de6b6770a2015

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4+10500.ts
vam-streaming.imds-cdn.com/b4/3b/wibbitz/ 		300 KB
300 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/b4/3b/wibbitz/b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4+10500.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C0B) /
Resource Hash
b0ad4223c32eb41ed4e463e956842ed8486847f2a4fae8a9d478eb5fadde3805

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:00 GMT
last-modified
Wed, 26 Jan 2022 15:40:39 GMT
server
ECAcc (nya/1C0B)
age
433763
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
307004
autoplay-font.c4fe1a1a.woff
engage.imds-cdn.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://engage.imds-cdn.com/dist/autoplay-font.c4fe1a1a.woff
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C31) /
Resource Hash
c4fe1a1a66f1724b40262a880ac9d2a22dd5005e8c0e770cc781b58d0c6a0a56

Request headers

Referer
https://www.kokomotribune.com/
Origin
https://www.kokomotribune.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:00 GMT
via
1.1 varnish
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (nya/1C31)
age
28074132
etag
"a88-5bc7bb10d6e40"
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-varnish
464807572 645904458
accept-ranges
bytes
content-type
application/font-woff
content-length
2696
expires
Wed, 15 Jun 2022 17:03:39 GMT
b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4+23666.ts
vam-streaming.imds-cdn.com/b4/3b/wibbitz/ 		139 KB
139 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/b4/3b/wibbitz/b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4+23666.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7919) /
Resource Hash
7a5c211f74ac107b20487a5b1bc71e8f692570a8d654e9f321261df8e67a8744

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:00 GMT
last-modified
Wed, 26 Jan 2022 15:40:39 GMT
server
ECAcc (nya/7919)
age
433763
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
142316
78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4+32433.ts
vam-streaming.imds-cdn.com/4c/72/wibbitz/ Frame 5376 		185 KB
185 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/4c/72/wibbitz/78465eed91d240e89983b8e8977e3022_100k_32k_302x0.mp4+32433.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/798B) /
Resource Hash
293e9d345a6ab9af1199b21a61b7e4d7c379c7a89f6118b58c18a6827d07e1e7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:01 GMT
last-modified
Wed, 26 Jan 2022 15:44:28 GMT
server
ECAcc (nya/798B)
age
433740
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
188940
b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4+32000.ts
vam-streaming.imds-cdn.com/b4/3b/wibbitz/ 		183 KB
183 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.imds-cdn.com/b4/3b/wibbitz/b6da91a030f64740800bf0661cd0bc62_100k_32k_302x0.mp4+32000.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C5E) /
Resource Hash
e54923c81690dcda2126db64cccd7c49e2b43bf6a4fb1a4612c5a7f78012ad87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:02 GMT
last-modified
Wed, 26 Jan 2022 15:40:39 GMT
server
ECAcc (nya/1C5E)
age
433763
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
187060
/
adspsp.com/pt/1710310/18/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/18/1/?a=2,a2kz2wvw36yq42Khs5VW,EfVfO0SYcQ&aa=01CkjceRyugh.gN.u11---&b=&e=&c=https%3A%2F%2Fwww.kokomotribune.com%2F&d=&f=1.kz2wvtot.1Tof.2T263&g=2Tbc4&u=aa8cfc56:kywwpi91:2gp&v=18g.xc.0.6rq&m=z&zi=ahm_widg_id_3,kokomotribune.com,0,ahm_widg_id_7&z=0,1,2,2:.,,2,s7,21ot.0,rh,00pd&z=3,1,2,2:.,,2,sl,232h.0,255,00pr&rnd=1643646843249
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.126.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-126-69.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cnhi.com&p=%2F&u=Q2pGAByeZ72DD7jUs&d=kokomotribune.com&g=34377&g0=kokomotribune&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=9382&o=1610&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3058&t=DV5eM_DT1dhdg1V_TC_Em-VB1SseT&V=129&tz=0&sn=2&sv=DPEFOWCr0IThB2mZKjDwvEiBCjwJR8&sd=1&im=061b2ffa&_
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.74.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-74-135.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:06 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
dc_oe=ChMI4cLXzbXc9QIVHTO3AB3PqAf_EAAYACDrkoNMQhMItu7nzLXc9QIVZAloCB2PXQad;met=1;&timestamp=1643646847120;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 3A4E 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4cLXzbXc9QIVHTO3AB3PqAf_EAAYACDrkoNMQhMItu7nzLXc9QIVZAloCB2PXQad;met=1;&timestamp=1643646847120;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rt=ifr
bcp.crwdcntrl.net/5/c=6893/rand=365624566/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20kokomotribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_... Frame DB59 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=6893/rand=365624566/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20kokomotribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22local%20news%2C%20crime%2C%20weather%2C%20breaking%2C%20sports%2C%20weather%2C%20traffic%2C%20breaking%20news%2C%20kokomo%2C%20howard%20county%2C%20miami%20county%2C%20tipton%22%7D/rt=ifr
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-43-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
47f6d831080dee4d96d96e737346c9c50c85f90a4ce151477688c97a7287cb75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

date
Mon, 31 Jan 2022 16:34:09 GMT
content-type
text/html;charset=utf-8
content-length
1197
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.40.33.86
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
1.js
kokomotribune.com/content/tncms/ads/_popup/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kokomotribune.com/content/tncms/ads/_popup/1.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tcx-ping.php
japfg-trending-content.appspot.com/ 		205 B
190 B 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=kokomotribune.com&h=www.kokomotribune.com&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.180 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f20.1e100.net
Software
nginx /
Resource Hash
f5ca8fb42b36eae3e8cc3c1773b8b1a0d81a3190b132889b2b6393e5f1770de1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:09 GMT
via
1.1 google
server
nginx
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012505&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
28bf06b1bfcefd89af837eb732a2a40d479e1c90395a4f14c5d1da3a97f05ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9089
x-xss-protection
0
syncframe
gum.criteo.com/ Frame A269 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kokomotribune.com
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2092
date
Mon, 31 Jan 2022 16:34:09 GMT
content-length
5180
strict-transport-security
max-age=31536000; preload;
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1591636544&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.kokomotribune.com%2F&ul=en-us&de=UTF-8&dt=kokomotribune.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aHHAAUABAAQCAG~&jid=2018951382&gjid=473733507&cid=368398424.1643646830&tid=UA-2313981-47&_gid=1807568385.1643646830&_r=1&gtm=2wg1q0KKH5QP&cd1=368398424.1643646830&cd4=false&cd5=false&z=62612326
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kokomotribune.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kokomotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 16:34:09 GMT
pixel
cm.g.doubleclick.net/ Frame DB59 		170 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2MwNzY2NDI4NmVkNmNkNTEyNGQ2ODkxOGUwZjM3YjI
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=365624566/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20kokomotribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22local%20news%2C%20crime%2C%20weather%2C%20breaking%2C%20sports%2C%20weather%2C%20traffic%2C%20breaking%20news%2C%20kokomo%2C%20howard%20county%2C%20miami%20county%2C%20tipton%22%7D/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=fb1c0273-2b53-4da7-8aa2-bd4048893eef
sync.crwdcntrl.net/map/c=194/tp=OPNX/ Frame DB59
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=fb1c0273-2b53-4da7-8aa2-bd4048893eef
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=fb1c0273-2b53-4da7-8aa2-bd4048893eef
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=365624566/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20kokomotribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22local%20news%2C%20crime%2C%20weather%2C%20breaking%2C%20sports%2C%20weather%2C%20traffic%2C%20breaking%20news%2C%20kokomo%2C%20howard%20county%2C%20miami%20county%2C%20tipton%22%7D/rt=ifr
Protocol
H2
Server
52.73.153.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-153-177.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.39
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Mon, 31 Jan 2022 16:34:09 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=fb1c0273-2b53-4da7-8aa2-bd4048893eef
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
382416.gif
idsync.rlcdn.com/ Frame DB59 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=3c07664286ed6cd5124d68918e0f37b2&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=365624566/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20kokomotribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22local%20news%2C%20crime%2C%20weather%2C%20breaking%2C%20sports%2C%20weather%2C%20traffic%2C%20breaking%20news%2C%20kokomo%2C%20howard%20county%2C%20miami%20county%2C%20tipton%22%7D/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 16:34:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
g.json
aa.agkn.com/adscores/ Frame DB59 		124 B
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=365624566/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20kokomotribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22local%20news%2C%20crime%2C%20weather%2C%20breaking%2C%20sports%2C%20weather%2C%20traffic%2C%20breaking%20news%2C%20kokomo%2C%20howard%20county%2C%20miami%20county%2C%20tipton%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-85.ewr52.r.cloudfront.net
Software
AAWebServer /
Resource Hash
29238a235ae8f32ad573d8b78d4c0c35978eb4c65e63542e4f1a604648892555

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR52-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
124
x-amz-cf-id
y836bguNp-ranpe0-S0h7TbuOy-bp1fQBs-UiuNQhis-wR6nVlKmQg==
expires
0
json
gum.criteo.com/sid/ Frame A269 		430 B
534 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=kokomotribune.com&sn=ChromeSyncframe&so=0&topUrl=www.kokomotribune.com&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kokomotribune.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
97d75c87b76e6a97ad53ffedccbbfaa1133f817a202a0c0592a5cbb702b836ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kokomotribune.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
4710
strict-transport-security
max-age=31536000; preload;
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0748 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 04:30:58 GMT
expires
Mon, 30 Jan 2023 04:30:58 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
129791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 40DF 		783 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.kokomotribune.com
URL: https://www.kokomotribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
GSE /
Resource Hash
386665dc42e0a4e6d6cbe499e0c550eeb08a78a057d5bc95aaed76615d632c84
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xy/n6nkAbUPABlk0FJGVpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 16:34:09 GMT
date
Mon, 31 Jan 2022 16:34:09 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-xy/n6nkAbUPABlk0FJGVpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 0748 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
521357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:44:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 40DF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012505&jk=2973852823683421&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tpid=163850504048006765284
sync.crwdcntrl.net/map/c=368/tp=TARG/ Frame DB59 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=368/tp=TARG/tpid=163850504048006765284
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=365624566/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20kokomotribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22local%20news%2C%20crime%2C%20weather%2C%20breaking%2C%20sports%2C%20weather%2C%20traffic%2C%20breaking%20news%2C%20kokomo%2C%20howard%20county%2C%20miami%20county%2C%20tipton%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.153.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-153-177.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.39.246
content-type
image/gif
content-length
49
expires
0
generate_204
tpc.googlesyndication.com/ Frame 0748 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?izFiig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:34:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012505&jk=2973852823683421&bg=!mZqlmt7NAAY6OBv_Ojg7ACkAdvg8WmhBK6V881QiqWiT2LrAIgL-ln_sRpgbsQHGOjSL7JmN3dFXZAIAAABpUgAAAARoAQcKAM2Ty_DD9sPv_NcPvog1Qsgl072eK_ymgTxzGQXCEzXWCQjcKrSe5QlJz9WZgA8ZdanXbn4RxES7PpYCN9qT9orH7kapcqHx-Wj0s6oevTcPmn9TUOSyDeIg3F0P2BbOyzUdFcnuoTY94VeKpnQI6trkBV-Pc1Ps5BBrLBhG-uVk_WM6w7l_mWH70ZngLAElSqKIwL8j4h4fVyAv1M-2ruE5EED2H11ZVA68Mp0mH7Fu8fBDty7sfX5w_ABEJAJh2BRGpu7lI3szwftgXGvMmQLC2TDW8NVSKT_HChKMHye6MGs65vde4zYfoVyoTF1WGHwogBffgme-SjLicVDzkSgGVfNUDDRAyrlp-clCAAEJr1yM2ktXnWURmIAowEaKXMcPDow5SP897QZXdH7PJH-1OZZ7j4m5pK4GJR7DBif0WifbxMFHmxi5-F1tF5nJzDVtSFKfwG6g0b5GCNRbMFwaf39ChpNwO3iRVrEwfVmhBs_JgfYb2Pb1eFtu0Jwv22Q26OIJmEtsbhKq5hCWN1-CtyZsS25krEgCFuw-beyvZGHk7iP_eGrYJZWCTK_jqXxw6kB60huSghpmB-ZuXEoW-JlRTPnn9x93NkvvtYncJbAPbb_R1M_rhElAoQxWv9QtjvidLO6v1kt7dAW5BEuQm9i_FyCjeD_Gzt7uLeiLmYcVox4DxBfieY10bw5ZTiUcjtIjEUUMZ6abv6MGgXPrgL6QayS2MvTn6Z57qKUydMj0-NQhoIJxEzEgXWs-XEy_tnzpkRyWDM8EMIIAy1TkIdxELrUPTCxuE3-pX-V-7sJ4P8Ve4EHgj4qmHBBScG7ENCHaYMKxElidxpM0wvHIvFoVQXgA8TLxuy-0Qgh29phEF_0D_rexzZn0pERnjCg0clx_Woel4R51XXDrYOcGZmfFkCQncQJ7BWBkPkAaSxZn2g3c_oFPA7tLpUqjhh9McLDYDLVp65sw3ua5Ql6OjDn6Yg8iGEUdniBSY4RT8Wbm7uHJ9dWyf9AqbTPiyHk8Ql7H83eex_2TB_-dTN0ANPjD9sx-hNTZ2TQsA3Bgrh1ivhks_Nyy83YIFKBcPDfEhIBohVxxIo4F--YkHLlXzgQQn7_Zkuk5plkkZ-CSVT7dbDgSxmibmOPmB6EZrjxl4BJr8jcp3qDmg1NqEJ2brJCSmw-U-U8H_-5QIesFNVPWj1DY_IbEnEN_6CxL_R4O_g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.kokomotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 16:34:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627232/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1;misc=1643646832010;us_privacy=1---;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627228/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2;misc=1643646832011;us_privacy=1---;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627233/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3;misc=1643646832011;us_privacy=1---;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627231/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4;misc=1643646832011;us_privacy=1---;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627234/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5;misc=1643646832011;us_privacy=1---;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627229/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6;misc=1643646832011;us_privacy=1---;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955987/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=7;misc=1643646832011;us_privacy=1---;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955988/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=8;misc=1643646832011;us_privacy=1---;
Domain
sync.hgrtb.com
URL
https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DZo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb%26uid%3D%7BUSER_ID%7D
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?mMWlOA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4
Domain
id5-sync.com
URL
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD-x07D8B8AAAY-sIC1wQ

Verdicts & Comments Add Verdict or Comment

464 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| dataLayer object| _cc6893 object| LOTCC function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| pageLoaded number| TNCMS_DotConnect_Tile object| TNCMS_Used_Ad boolean| TNCMS_PAGE_LOADED object| oReq object| aTemp string| sTemp string| regionType function| bizmarquee object| promo_design_config function| admiral object| googletag function| __uspapi object| AdBridg function| TNStats_Tracker object| TNTracker string| adType function| iFrameResize object| ggeac object| google_js_reporting_queue object| pbjs string| exp_string number| window_x string| href object| apstag undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| sifi_att_42656 function| 4dm1r11545242527 undefined| google_measure_js_timing function| ta_getPaywallDomain function| ta_isMachineIdValid function| ta_createCookie function| ta_createCookieInDomain function| ta_readCookie function| ta_eraseCookie function| ta_eraseCookieInDomain function| ta_checkCookie function| ta_setValue function| ta_getValue function| ta_getCookiesByMatch function| ta_catchEscKey function| ta_releaseEscKey function| ta_onStop function| ta_showContent function| ta_resetInterrupted function| ta_resetInterruptedTimeout function| ta_loaded number| ta_interrupted string| ta_mac_id number| keepSubDomainInCookiesDomain undefined| ta_mac_id_cookie object| ta_mscript string| paywallScriptSrc string| ta_rnd object| body boolean| apstagLOADED function| postscribe object| google_tag_manager_external object| google_tag_manager string| ahm_tvx_placeId string| ahm_tvx_templateId string| ahm_tvx_contentId number| cbuster string| puburl string| ahm_sChain string| ahm_sURL object| d string| s object| sParent boolean| ahm_tvx_oldLoaded number| ahm_spx undefined| sPlayer object| _snup object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents object| _sf_async_config function| ta_popupCallback object| FB undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent string| ta_MACHINE_ID string| ta_sessionString string| ta_postMessageLog boolean| ta_supportStorages object| ta_configJSON object| ta_rulesJSON object| ta_productTypesJSON object| ta_subscriptionTypesJSON boolean| ta_showWelcomePopup boolean| ta_showWelcomePopupJustOnHomepage boolean| ta_showFirstPopup boolean| ta_showPeriodPopup number| ta_periodToShow string| ta_showCustomPopup boolean| ta_showLatestPopup boolean| ta_showPaywallPopup number| ta_protectArticle number| ta_truncateArticleInAdvance boolean| ta_isFreeProduct number| ta_validateRequestStatus boolean| ta_firstPageIsNotFree string| ta_productType boolean| ta_userLoggedIn boolean| ta_isFromAllowedIp string| ta_userSubscriptions string| sKValue string| pSKValue string| challenge object| ta_MIN_THRESHOLDS undefined| ta_focus boolean| ta_shouldReopenAccountPopup boolean| ta_willReopenAccountPopup boolean| ta_delayCheckUserRefresh string| ta_externalLoginDomain string| NO_COOKIES_POPUP_TRACK_NAME string| PRIVATE_MODE_POPUP_TRACK_NAME string| WELCOME_POPUP_TRACK_NAME string| FIRST_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PRODUCTS_LEFT_POPUP_TRACK_NAME string| ONE_PRODUCT_LEFT_POPUP_TRACK_NAME string| NO_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PAYWALL_POPUP_TRACK_NAME string| ACCOUNT_POPUP_TRACK_NAME string| CLICK_EVENT_TRACK_NAME string| OPEN_EVENT_TRACK_NAME string| CLOSE_EVENT_TRACK_NAME string| LOGIN_EVENT_TRACK_NAME string| LOGIN_SUCCESS_EVENT_TRACK_NAME string| LOGIN_FAILED_EVENT_TRACK_NAME string| LOGOUT_EVENT_TRACK_NAME string| FORGOT_PASSWORD_EVENT_TRACK_NAME string| LOGIN_LINK_TRACK_NAME string| LOGOUT_LINK_TRACK_NAME string| FORGOT_PASSWORD_LINK_TRACK_NAME string| TOKEN_AUTOLOGIN_NAME string| CHANGE_PASSWORD_EVENT_TRACK_NAME string| CHANGE_PASSWORD_LINK_TRACK_NAME number| passInMd5 undefined| pubkey_e undefined| pubkey_m string| hex_chr function| ta_rhex function| ta_str2blks_MD5 function| ta_add function| ta_rol function| ta_cmn function| ta_ff function| ta_gg function| ta_hh function| ta_ii function| ta_calcMD5 function| retry function| isIE10OrLater function| detectPrivateMode function| ta_isIE function| ta_isIE7 function| ta_isIE8 function| ta_isIE11 function| ta_setClass function| ta_appendClass function| ta_getComputedStyle function| ta_truncateArticle function| ta_getPreservedImages function| ta_removePreservedImages function| ta_elementThresholdExempt function| ta_fillThreshold function| ta_articleTextCount function| ta_refundArticle function| ta_allowEscapeKeyIfBlocked function| ta_setClickAction function| ta_setForgotPasswordClickAction function| ta_setChangePasswordClickAction function| ta_isUserLoggedIn function| ta_checkUser function| ta_openEedition function| ta_getTrackingParams function| ta_openCookiesNotEnabledPopup function| ta_showCookiesNotEnabledPopup function| ta_hideCookiesNotEnabledPopup function| ta_openPrivateModePopup function| ta_showPrivateModePopup function| ta_hidePrivateModePopup function| ta_openWelcomePopup function| ta_openPaymentAlertPopup function| ta_showPaymentAlertPopup function| ta_openProductsLeftPopup function| ta_openPagesLeftPopup function| ta_showPagesLeftPopup function| ta_showPaywall function| ta_showPopup function| ta_hidePopup function| ta_hidePaymentAlertPopup function| ta_hidePagesLeftPopup function| ta_hidePaywall function| hideAllPopups function| ta_pageReload function| ta_resetUserStatus function| ta_logout function| ta_callAfterLogoutCallback function| ta_stripToken function| ta_appendURLParam function| ta_getCallBackHome function| ta_appendBackground function| ta_appendInvisible function| ta_getLoginTable function| ta_fixIFrameHeight function| ta_getForgotPasswordTable function| ta_getChangePasswordTable function| ta_removeWrongLoginText function| ta_appendCookiesNotEnabledPopup function| ta_appendPrivateModePopup function| ta_appendPagesLeftPopup function| ta_appendPaywall function| ta_appendPaymentAlertPopup function| ta_loadNMUrlInIFrame function| ta_getExternalLoginLink function| ta_getExternalLogoutLink function| ta_openExternalLoginLink function| ta_openExternalLogoutLink function| ta_showLoginFormInPopup function| ta_refreshButtonsActions function| ta_showLogoutLinkInPaymentAlertPopup function| ta_showForgotPasswordFormInPopup function| ta_showChangePasswordFormInPopup function| ta_account function| ta_showAccountPopup function| ta_showSingleCreditButton function| ta_showPeriodCreditButton function| ta_createCORSRequest function| ta_hideForgotPasswordSubmitButton function| ta_showForgotPasswordSubmitButton function| ta_forgotPassword function| ta_forgotPasswordRequest function| ta_hideChangePasswordSubmitButton function| ta_showChangePasswordSubmitButton function| ta_changePassword function| ta_changePasswordRequest function| ta_hideLoginSubmitButton function| ta_showLoginSubmitButton function| ta_login object| lastLoginPopupTrackName function| ta_makeLoginRequest function| ta_checkToken function| ta_sendPostMessageLog function| ta_reloadWithoutToken function| ta_loginSuccess function| ta_makeLogoutRequest function| ta_makeAutoLogoutRequest function| ta_makeUserValidateRequest function| ta_makePagesRequest function| ta_validateContent function| ta_validateContentWithProductType function| ta_isHomepage function| ta_readMetaTag function| ta_getProductType function| ta_getMAX_THRESHOLDS function| ta_getMIN_THRESHOLDS function| ta_getFirstTimeNotFree function| ta_isAlreadyVisited function| ta_appendPageURL function| ta_isLocalStorageSupported function| ta_updateAccountButtonText function| ta_paywallSetup function| ta_storeLocally function| ta_getLocalValue function| ta_removeLocalValue function| ta_paywallRefresh function| ta_makeDoubleDelegate function| ta_openPaywall object| popups_style string| text string| text_in_article_default string| text_in_article undefined| popups_corners_fix undefined| popups_ie7_fix undefined| popups_shadow_fix boolean| ta_isPrivate function| ta_externalLoginIFrameOnLoad function| getIFrameByEvent object| externalIFrame string| params boolean| msgData object| gaplugins object| gaGlobal object| gaData object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| page_ready number| ap_set_scroll number| ap_scroll_distance boolean| ap_scroll_reverse object| ap_popup_img function| ap_scroll_div function| ap_stop_scroll function| ap_create_popup_img function| ap_link_hover function| ap_get_popup function| ap_move_popup function| ap_hide_popup function| ap_show_popup function| detectUserAgent function| getEnv function| isExists function| takeKeysFromObject function| initSessionStorageSequenceId function| getSessionStorageSequenceId function| increaseSequenceId function| updatePlaceHolderAndEncode function| encode_params function| getCampaignId function| generateAndEncodeUrl function| getRandomString object| _window object| _document undefined| windowHref undefined| iframe object| testChannelIds object| envs object| PLACE_HOLDER object| NON_ALPHANUMERIC undefined| AVRO_ANALYTICS_URL object| avroDefaultData object| avroSchema object| wishabi object| ui object| premium_text_ads function| shuffle string| backgroundColor string| primaryColor string| secondaryColor string| tertiaryColor string| moreText number| numberToDisplay string| headerText string| headerGraphicUrl boolean| boldFirstLine boolean| showWrapper string| accordionHTML object| cswidgetoverR function| hideFbBlock function| hideFbBlockMob object| _vfP object| core boolean| vfLoaded function| setImmediate function| clearImmediate object| regeneratorRuntime object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| _cb_shared object| tncms_siteaud function| initActiveTab object| activeTab object| ahm_config object| ahmpb object| pubgroup_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart object| 95be6cd9a28b98671c1cb95f366258c8 object| vfQ object| viafoura object| vf object| audiences boolean| debugit object| Criteo function| ahmpbChunk object| _pbjsGlobals object| mnet object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| encoded_unit object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| synLib function| insertSynacorAdProduct number| syndTS1643646834719-46868477461210367 object| _clrm number| ahm_stacktime

318 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1643646836831
ad-cdn.technoratimedia.com/html Name: tads_choc_bidi
Value: 1643646836832
.3lift.com/sync Name: sync
Value: CgoIgQIQ-cDxh-svCgoI4gEQ-cDxh-svCgoI5gEQ-cDxh-svCgoIhwIQ-cDxh-svCgkICRD5wPGH6y8KCQgLEPnA8YfrLwoKCIwCEPnA8YfrLwoKCM4BEKfB8YfrLwoKCI4BEKfB8YfrLwoKCJECEKfB8YfrLwoKCJICEKfB8YfrLwoKCJgCEKfB8YfrLwoKCJkCEKfB8YfrLwoJCDkQp8Hxh-svCgkIOhD5wPGH6y8KCgibAhCnwfGH6y8KCgicAhCnwfGH6y8KCgieAhD5wPGH6y8KCQhfEPnA8YfrLwoJCB8Qp8Hxh-sv
.mrtnsvr.com/sync Name: userId
Value: UipM9w5fp
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQvREyBgiSARCuEQ
kokomotribune.com/ Name: TNNoMobile
Value: 1
.simpli.fi/ Name: suid
Value: 72F68BF5CAC442F6A9C7DDC6AF708C4C
.kokomotribune.com/ Name: ta_MACHINE_ID
Value: fdc9e3eda6379554b14e0ffcff52d38e
.postrelease.com/ Name: visitor
Value: 57f301c0-dab5-45c9-b258-7eabc5b436ff
.postrelease.com/ Name: status
Value: 0
.simpli.fi/ Name: uid_syncd_secure
Value: true
www.kokomotribune.com/ Name: ntvSession
Value: {"id":3642092,"placementID":1091317,"lastInteraction":1643646829885,"sessionStart":1643646829885,"sessionEndDate":1643673600000,"experiment":""}
www.kokomotribune.com/ Name: _ntv_uid
Value: 57f301c0-dab5-45c9-b258-7eabc5b436ff
.postrelease.com/ Name: ver
Value: 1
.kokomotribune.com/ Name: adbrgn
Value: USNY
www.kokomotribune.com/ Name: ta_cookiesTest
Value: 1
www.kokomotribune.com/ Name: ta_vl
Value: 1
www.kokomotribune.com/ Name: ta_interrupted
Value: 0
.tapad.com/ Name: TapAd_TS
Value: 1643646830142
.tapad.com/ Name: TapAd_DID
Value: 131a2ce2-e10b-4246-8be8-cd21cd382fed
.advertising.com/ Name: APID
Value: UP91fa012b-82b3-11ec-9212-0e2d0ba359af
.3lift.com/ Name: tluid
Value: 1502065925210657286796
.agkn.com/ Name: ab
Value: 0001%3A%2FpG6xPXWqWvdu28yWnh4LWZw9WTNIHrp
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:72F68BF5CAC442F6A9C7DDC6AF708C4C
.pubmatic.com/ Name: PUBMDCID
Value: 2
.lijit.com/ Name: ljt_reader
Value: 1da497eb4b4e340f36ac8aee
.exelator.com/ Name: EE
Value: "d95a69f978de66c2ce24ac49506e7ed3"
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: laymcpWfEK
.adnxs.com/ Name: uuid2
Value: 4909702476009743137
.yahoo.com/ Name: A3
Value: d=AQABBG4P-GECED-RZ1Esg4cUMRNSI-ee_O4FEgEBAQFg-WEBYgAAAAAA_eMAAA&S=AQAAAsijN2XUHdGEtNYlP5big90
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHF0jTRzDLN0twiJdXMLNkoOdXIJDHZxNLUwCzVPDXFeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvqi0ODFRSlpDItKik8F74%252BoAwCZYyps"
.kokomotribune.com/ Name: _gid
Value: GA1.2.1807568385.1643646830
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 3c07664286ed6cd5124d68918e0f37b2
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME42MDczMzGyMEtNMUtOMTU0Mkkxs7A0tEg1SDM2TzJiAILEH%2Fx5IBoKAEJNCjM%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2FMGfB6SgAAAXZgHX"
.kokomotribune.com/ Name: _dc_gtm_UA-2313981-47
Value: 1
.kokomotribune.com/ Name: _dc_gtm_UA-2313981-1
Value: 1
www.kokomotribune.com/ Name: _cb_ls
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk8qPooeap64TIgJZTE6PlfwZx_mQwrYxeBl1E53LRDhvc9lyWjcqSTcT-qJ3M
www.kokomotribune.com/ Name: ta_ss
Value: c73a34250ee07b506742bd9b8a2b76c8
.spotxchange.com/ Name: audience
Value: 926f08b8-82b3-11ec-929d-1ee132960503
.openx.net/ Name: i
Value: 3ac6e039-b82a-4416-b63e-8653bf080236|1643646830
ads.stickyadstv.com/ Name: UID
Value: 6672957554fc0ac407eb2aef5f77d68
ads.stickyadstv.com/ Name: uid-bp-26865
Value: 72F68BF5CAC442F6A9C7DDC6AF708C4C
ads.stickyadstv.com/ Name: sessionId
Value: b462604c24617cc4d4c5e9aba846c66d
.bfmio.com/ Name: __141_cid
Value: 72F68BF5CAC442F6A9C7DDC6AF708C4C
.agkn.com/ Name: u
Value: C|0AAAAAAAAKYrL7gAAAAAA
.intentiq.com/ Name: intentIQCDate
Value: 1643646830939
.intentiq.com/ Name: IQSimplifi2CookieSync
Value: 1643646830941
.intentiq.com/ Name: ASDT
Value: 0
.pippio.com/ Name: did
Value: RzPG_UxqeDwRrS1g
.pippio.com/ Name: didts
Value: 1643646830
.pippio.com/ Name: nnls
Value:
.kokomotribune.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 97A641CF-0105-4E75-A3D1-DE931CED0425
.kokomotribune.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.rubiconproject.com/ Name: khaos
Value: KZ2WVVLY-V-AYRH
.pippio.com/ Name: pxrc
Value: CO+e4I8GEgQIAhAAEgYI3awrEAA=
.quantserve.com/ Name: mc
Value: 61f80f6f-1eddc-f0236-99c99
.kokomotribune.com/ Name: _ga_NFTGWT90ER
Value: GS1.1.1643646830.1.0.1643646830.0
.kokomotribune.com/ Name: __qca
Value: P0-1899493760-1643646831096
.a.wishabi.com/ Name: gid
Value: "BJtdEwAAhC1tjj7EAJBVGg=="
.pro-market.net/ Name: anProfile
Value: "-149nyfh1gh3tt+1+1f=1+1g=1+1j=57:1+rs=s+rt=25788AC3+s2=(r6l20e)+vm=24-72F68BF5CAC442F6A9C7DDC6AF708C4C"
.pro-market.net/ Name: anHistory
Value: "-149nyfh1gh3tt+2+!#7%/!B!'iH"
www.kokomotribune.com/ Name: usprivacy
Value: 1---
www.kokomotribune.com/ Name: _cb
Value: Q2pGAByeZ72DD7jUs
www.kokomotribune.com/ Name: _chartbeat2
Value: .1643646831392.1643646831392.1.DPEFOWCr0IThB2mZKjDwvEiBCjwJR8.1
www.kokomotribune.com/ Name: _cb_svref
Value: null
.krxd.net/ Name: _kuid_
Value: OooSEyaN
.intentiq.com/ Name: IQPubmaticCookieSync
Value: 1643646831662
.kokomotribune.com/ Name: _adb
Value: a2kz2wvw36yq42Khs5VW
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1643646831815
.intentiq.com/ Name: IQOpenxPrimisCookieSync
Value: 1643646831850
www.kokomotribune.com/ Name: _ga
Value: GA1.1.368398424.1643646830
www.kokomotribune.com/ Name: _gid
Value: GA1.1.1807568385.1643646830
.kokomotribune.com/ Name: _awl
Value: 2.1643646832.0.5-a4935aee2be87c3e1a83c3c02364f035-6763652d75732d6561737431-0
.viafoura.co/ Name: VfSess
Value: v08h5hmtrbimo9ercuepml5lci
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.amazon-adsystem.com/ Name: ad-id
Value: A0bAY6pHqEJXvq5aOj0WKhw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.kokomotribune.com/ Name: _ga
Value: GA1.2.368398424.1643646830
www.kokomotribune.com/ Name: _vfb
Value: www%2Ekokomotribune%2Ecom.00000000-0000-4000-8000-e01999b3c6ff.1.10.1643646834....
www.kokomotribune.com/ Name: _vfz
Value: www%2Ekokomotribune%2Ecom.00000000-0000-4000-8000-e01999b3c6ff.1643646834.1.medium=direct|source=|sharer_uuid=|terms=
www.kokomotribune.com/ Name: _vfa
Value: www%2Ekokomotribune%2Ecom.00000000-0000-4000-8000-e01999b3c6ff.f74e4c06-e9b7-49f9-8bf1-1d980f9b0f25.1643646834.1643646834.1643646834.1
.gumgum.com/ Name: vst
Value: u_a7ee7147-1d45-40a7-a404-e5682ca1d3b2
.sharethrough.com/ Name: stx_user_id
Value: 51a2fb5d-978b-4d69-bc71-425e97e37d16
.casalemedia.com/ Name: CMID
Value: YfgPcVN.dLfCtiUyYqeTcwAA
.casalemedia.com/ Name: CMPS
Value: 3791
.yieldmo.com/ Name: yieldmo_id
Value: g9f162d0eb07679cbfe0%7C1643646833632%7C0%7C
.viafoura.co/ Name: vfDeviceId
Value: 5b83c1bf-c165-49be-8e61-bb953c2500b1
.casalemedia.com/ Name: CMPRO
Value: 989
.outbrain.com/ Name: obuid
Value: 722921f3-7182-40e8-97ba-3c99daffe562
.zemanta.com/ Name: zuid
Value: bE3P6EoNpRikArLZ6rOk
.adsrvr.org/ Name: TDID
Value: f7b60080-53d0-4379-88f3-81d8f68637b7
.mathtag.com/ Name: uuid
Value: 6a6661f8-0f72-4100-92ed-e1893d6cb49c
.technoratimedia.com/ Name: tads_uid
Value: 23648134860141EF92D2E2886F7673DB
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220131113354-0500
.contextweb.com/ Name: V
Value: voXcyPVxQiGh
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7ee0ac6ae9e0dfae
.deepintent.com/ Name: CDIUSER
Value: di_c4178cd4398a43e0b5321
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-092ba77f-e703-4f2b-6627-0162fca27e08.UGF3DBmL4UdXiEAws%2FYZp4CkFSmKJljQ8P%2BZQTf3RXg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-092ba77f-e703-4f2b-6627-0162fca27e08%24ip%2437.120.138.195.aAqitpa3%2BwlvvEGJk4yRdcn5VKHc4n6zi8u7At9hyyA
.emxdgt.com/ Name: uid
Value: 64401643646834070633ad
.taboola.com/ Name: t_gid
Value: 26a94e58-3000-46ba-b05a-3d16faf5595f-tuct8f194f2
.360yield.com/ Name: tuuid
Value: 7551d5a1-6701-484c-855b-a0261d33ce27
.360yield.com/ Name: tuuid_lu
Value: 1643646834
.33across.com/ Name: 33x_ps
Value: u%3D117487727574175%3As1%3D1643646833981%3Ats%3D1643646833981
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 9b7ad47b-f4ea-409e-afbe-43e4bdfc9bce
.emxdgt.com/ Name: apn_id
Value: 4909702476009743137
.turn.com/ Name: uid
Value: 3949519880991651774
.tynt.com/ Name: uid
Value: Fz+9X2H4D3LkSE0afnjV5g==
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwfGYOSHh44GJ1CB8XA45QyyIUNwRz5oCPfEqvhMmGZRnPKqJGr24Q_Zm5QC4TM1
.smartadserver.com/ Name: pid
Value: 3721647956072104407
.ipredictive.com/ Name: cu
Value: 946cd5fe-82b3-11ec-a9bf-a10e15a78249|1643646834256
.creativecdn.com/ Name: u
Value: bcnkGZITNXiKo3lkzC0B
.creativecdn.com/ Name: ts
Value: 1643646834
.bidswitch.net/ Name: c
Value: 1643646834
.bidswitch.net/ Name: tuuid_lu
Value: 1643646834
.smaato.net/ Name: SCM
Value: 0d5a1267
.smaato.net/ Name: SCMaps
Value: 0d5a1267
.ads.yieldmo.com/ Name: ptrpp
Value: voXcyPVxQiGh
.bidswitch.net/ Name: tuuid
Value: f099e3ae-440c-48b2-9845-1d4b4b9f77d8
.ads.yieldmo.com/ Name: ptrstk
Value: CSunf-cDTytmJwFi_KJ-CCV4isM
.ads.yieldmo.com/ Name: ptrt
Value: f7b60080-53d0-4379-88f3-81d8f68637b7
.openx.net/ Name: univ_id
Value: 537072971|f7b60080-53d0-4379-88f3-81d8f68637b7|1643646834447020
.kokomotribune.com/ Name: __gads
Value: ID=374a31865e245bd0:T=1643646832:S=ALNI_MaeqgkYwMwf51rW-gt6jIMLq1OKeA
.mathtag.com/ Name: mt_mop
Value: 9:1643646834
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfgPcgACvaPt5gBH
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4969829177705457557
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjAysTA0MDQzsRTiM9QtLtfNzwj19Tf3MDUGABZcsJUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjAysTA0MDQzsRTiM9QtLtfNzwj19Tf3MDWW4gWKGpuZmFkYm5gaGQEAamU4oDQAAAA
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YfgPcgACvaPt5gBH&KRTB&22978-YfgPcgACvaPt5gBH&KRTB&23194-YfgPcgACvaPt5gBH&KRTB&23209-YfgPcgACvaPt5gBH
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c&KRTB&16736-uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c&KRTB&23019-uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c&KRTB&23208-uid:6a6661f8-0f72-4100-92ed-e1893d6cb49c
.socdm.com/ Name: SOC
Value: YfgPcsCo8XoAAFYfHGMAAAAA
.sitescout.com/ Name: ssi
Value: 70da80ac-8ecc-416d-833b-d9e15a60c3ac#1643646834581
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-f7b60080-53d0-4379-88f3-81d8f68637b7&KRTB&22918-f7b60080-53d0-4379-88f3-81d8f68637b7&KRTB&23031-f7b60080-53d0-4379-88f3-81d8f68637b7
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOl3p0bIGsdj7r51MyLlb58&KRTB&16514-CAESEOl3p0bIGsdj7r51MyLlb58&KRTB&23025-CAESEOl3p0bIGsdj7r51MyLlb58
.sportradarserving.com/ Name: zuuid
Value: eefa9ad8-4158-46bb-92a1-aaef01e03c3c
.sportradarserving.com/ Name: c
Value: 1643646834
.sportradarserving.com/ Name: zuuid_lu
Value: 1643646834
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3949519880991651774
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1643646834
.ads.yieldmo.com/ Name: ptrbsw
Value: f099e3ae-440c-48b2-9845-1d4b4b9f77d8
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2JlQWJJR0d6STBWRVp1Uld4dFJGZFVUV3N4T1UxdmVUZGphV3hHVjFKNFJib0dOd2lSVGhJeU56QmtZVGd3WVdNdE9HVmpZeTAwTVRaa0xUZ3pNMkl0WkRsbE1UVmhOakJqTTJGakxUWXhaamd3WmpjeUxUVTFOVE82QmlBSWwwNFNHMEZCUVVkaVpqWjNWMmRrWDNwM1RuWjVja1l4UVVGQlFVRkJRYm9HRlFpZ1RoSVFXV1puVUdOblFVTjJZVkIwTldkQ1NMb0dJQWlxVGhJYlExTjFibVl0WTBSVWVYUnRTbmRHYVY5TFNpMURRMVkwYVhOTnVnWVpDS3RPRWhSaVkyNXJSMXBKVkU1WWFVdHZNMnhyZWtNd1Fyb0dBd2l1VHJvR0F3aXdUZz09IiwiaWF0IjoxNjQzNjQ2ODM1fQ.IK1uGFBc1EuuP3TXzWdeimRo8ioThMuC6pEVnxJU1906Iv4p7CREJO_oVhQxUPp5bDbjBltZUuKS1LmZWbuRxQ
.blismedia.com/ Name: b
Value: 61F80F73F62361D0E9ADC514BLIS
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005%22%7D
.eqads.com/ Name: EQUser
Value: UID=b9945a85-3bbb-49e0-98bc-294bcf0d021a
.rlcdn.com/ Name: pxrc
Value: CO6e4I8GEgUI6AcQABIFCOhHEAASBgi16gEQBRIGCLrqARAEEgYIuOsBEAI=
.creative-serving.com/ Name: tuuid
Value: 2df56434-c37a-4e45-ad98-ed466aaab7de
.creative-serving.com/ Name: c
Value: 1643646835
.creative-serving.com/ Name: tuuid_lu
Value: 1643646835
.casalemedia.com/ Name: CMRUM3
Value: 4961f80f7305a0&2861f80f732760b9945a85-3bbb-49e0-98bc-294bcf0d021a&3361f80f742760f099e3ae-440c-48b2-9845-1d4b4b9f77d8&c361f80f7105a0&ce61f80f7305a0&e661f80f712760&5861f80f7305a0&3961f80f7227605134455420248101649&f161f80f7105a0&2e61f80f7327604909702476009743137&5a61f80f73276072F68BF5CAC442F6A9C7DDC6AF708C4C&1a61f80f7105a0&2d61f80f722760CAESEHB4bjdv9D3_eamXMdPy6pI&2761f80f722760f7b60080-53d0-4379-88f3-81d8f68637b7&0361f80f7327606a6661f8-0f72-4100-92ed-e1893d6cb49c&0861f80f7227609b7ad47b-f4ea-409e-afbe-43e4bdfc9bce
.intentiq.com/ Name: IQSpotXPrimisCookieSync
Value: 1643646836160
.go.sonobi.com/ Name: __uis
Value: 8bac0724-2036-44e9-8d74-32f1a715d54a
.go.sonobi.com/ Name: _usd_kokomotribune.com
Value: e25a61d4-e4d5-4d3a-903f-7ba976cb21a3
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s8591|YfgPd
.adnxs.com/ Name: icu
Value: ChgI0cFAEAoYASABKAEw8J7gjwY4AUABSAEKGAjp3nIQChgBIAEoATD0nuCPBjgBQAFIARD0nuCPBhgB
.technoratimedia.com/ Name: tads_uidp_46
Value: 4909702476009743137
.aralego.com/ Name: gdpr
Value: 1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22af668bdd51%22%2C%22f%22%3A1%2C%22ts%22%3A1643646836822%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1643646834529%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1643646836822%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1643646836822%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1643646834529%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1643646836822%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1643646834529%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1643646834529%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1643646834529%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1643646836822%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1643646834529%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1643646836822%7D%5D
.technoratimedia.com/ Name: tads_uidp_72
Value: 926f08b8-82b3-11ec-929d-1ee132960503
.technoratimedia.com/ Name: tads_uidp_7
Value: f7b60080-53d0-4379-88f3-81d8f68637b7
.technoratimedia.com/ Name: tads_uidp_79
Value: 7551d5a1-6701-484c-855b-a0261d33ce27
.technoratimedia.com/ Name: tads_uidp_82
Value: YfgPcVN.dLfCtiUyYqeTcwAA&989
.technoratimedia.com/ Name: tads_uidp_80
Value: y-ZlTi5YxE2uEsGDKCwx3HlOtdZd_iJTlF~A
.technoratimedia.com/ Name: tads_uidp_83
Value: voXcyPVxQiGh
.media.net/ Name: data-sy
Value: 23648134860141EF92D2E2886F7673DB~~3
.media.net/ Name: visitor-id
Value: 2866484375683580000V10
.technoratimedia.com/ Name: tads_uidp_37
Value: UCFUID
.technoratimedia.com/ Name: tads_uidp_52
Value: y-s4nrwxRE2uHwxvAjLD6hVbUfLT9FIcyf~A~UP91fa012b-82b3-11ec-9212-0e2d0ba359af
.technoratimedia.com/ Name: tads_uidp_47
Value: UP91fa012b-82b3-11ec-9212-0e2d0ba359af
.bfmio.com/ Name: __106_cid
Value: f7b60080-53d0-4379-88f3-81d8f68637b7
.bfmio.com/ Name: __bfio_sync
Value: CAC5AFF172A0B54F1CE83209D10CAA2E
.bfmio.com/ Name: __io_cid
Value: f7b60080-53d0-4379-88f3-81d8f68637b7
.technoratimedia.com/ Name: tads_uidp_50
Value: d40690de-76fa-43d2-8628-50dbefcf0f2d
.technoratimedia.com/ Name: tads_uidp_62
Value: 2866484375683580000V10
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 156344:3
.pubmatic.com/ Name: DPSync3
Value: 1643673600%3A174%7C1644796800%3A236_201_197_219_221_228%7C1644192000%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1644796800%3A104_231_13_54_7_21_166_3_178_22_220_71_8_165_233%7C1644192000%3A2_15_223%7C1644883200%3A35
.mookie1.com/ Name: id
Value: 10604851223583558621
.mookie1.com/ Name: mdata
Value: 1|10604851223583558621|1643646837146
.mookie1.com/ Name: ov
Value: 67bef45043c84c312bc46d79d82c5403
.technoratimedia.com/ Name: tads_uidp_88
Value: 1502065925210657286796
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAGblmjalQplgN_qHOxAAAAAAA
.rlcdn.com/ Name: rlas3
Value: 3OjXHRAv6nxcpW1DJV/0O5wIVyIiNxWjO5xu76ykgVI=
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005%22%2C%22nxtrdr%22%3Afalse%7D
.adhaven.com/ Name: uid
Value: 4c_1427b725-9b38-4a38-9318-cf926914d839
.rubiconproject.com/ Name: audit
Value: 1|5JMO6m1o5XuZs9CjWi5WCGAOsklFL4+N6qLQssbJYxp3VTvB6ouZN/sO47QYB67DTDEmhdpHsS9w0S94mtzOHxX1ClJMS060s8vYM4pkAiksH0lpk7M1TN2555J46HoZoxiGZuYlN7KRMtR7mhArP3kdO4VgV1MqwP3NzD435qNZYr2f2sSAEVDfv570ZGhx
.media.net/ Name: data-o
Value: 2146b6ff-baad-4101-8fa7-30d569c0a317~~3
.w55c.net/ Name: wfivefivec
Value: Wwci36GL1NezCR5
.owneriq.net/ Name: p2
Value: oxc
.owneriq.net/ Name: si
Value: Q6969332371368871870P
.owneriq.net/ Name: oxc
Value: 1
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_96358712-82b3-11ec-823f-125e5676ad8d
.adnxs.com/ Name: anj
Value: dTM7k!M4.wfm^c0ghqdmU(7TLmC6Du#?nGoNW9UcR^^+82Q:6N/@'Gi0XAy>:v[NO.T^?ql#fUhl!'ollvcj`e-+%WbIjGS(j'kI-5f]Q@7Wkv-J7?)M9J1/?Gl5s/H+y>ltC?fbt7Oyo%Rz991C+r9skrhI.FB-I2BM%+EoC_V=GQx+EwXoJ!H(OJ'a@C^:Uxf@I7bT)jw_E!!%JE5'twn
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxNTAyMDY1OTI1MjEwNjU3Mjg2Nzk2IiwiZXhwaXJlcyI6IjIwMjItMDUtMDFUMTY6MzM6NTdaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMTUwMjA2NTkyNTIxMDY1NzI4Njc5NiIsImV4cGlyZXMiOiIyMDIyLTA1LTAxVDE2OjMzOjU3WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTAxLTMxVDE2OjMzOjU3WiJ9
.liadm.com/ Name: lidid
Value: de4c7605-675e-481e-9994-7aee106728ca
.bidr.io/ Name: bito
Value: AAD-x07D8B8AAAY-sIC1wQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.rqtrk.eu/ Name: browser_id
Value: 1:4bb37fd4-3755-4663-ada6-7c6a650c21ed
.technoratimedia.com/ Name: tads_uidp_44
Value: KZ2WVVLY-V-AYRH
.technoratimedia.com/ Name: tads_uidp_61
Value: 117487727574175
.sitescout.com/ Name: _ssuma
Value: eyI0IjoxNjQzNjQ2ODM3NDE5LCIxNyI6MTY0MzY0NjgzNTU3NiwiMzkiOjE2NDM2NDY4Mzc0MTksIjYwIjoxNjQzNjQ2ODM3NDE5fQ
.casalemedia.com/ Name: CMST
Value: YfgPcWH4D3UA
.mookie1.com/ Name: syncdata_TAP
Value: 1
.w55c.net/ Name: matchopenx
Value: 5
pool.admedo.com/ Name: tuuid
Value: 1f612897-dbf9-4d3c-b640-ec045dee66c8
pool.admedo.com/ Name: c
Value: 1643646837
pool.admedo.com/ Name: tuuid_lu
Value: 1643646837
.analytics.yahoo.com/ Name: IDSYNC
Value: "176k~22z4:190u~22z4:175w~22z4:18za~22z4:18yi~22z4:18va~22z4:18z8~22z4"
.quantserve.com/ Name: d
Value: EDEBGwGqJYEO-TCJiTDsroEA
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-8beedfc7-374e-480e-b331-3f80ef61d4f1-005
.technoratimedia.com/ Name: tads_uidp_45
Value: 97A641CF-0105-4E75-A3D1-DE931CED0425
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_c4178cd4398a43e0b5321
.technoratimedia.com/ Name: tads_uidp_48
Value: f099e3ae-440c-48b2-9845-1d4b4b9f77d8
.adgrx.com/ Name: ADGRX_UID
Value: 965dc45a-82b3-11ec-b646-6a23e1f7cedc
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-CSunf-cDTytmJwFi_KJ-CCV4isM
.bing.com/ Name: MUID
Value: 2E22480392A7657E3814593E938E6402
.c.bing.com/ Name: MR
Value: 0
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.cpx.to/ Name: cpSess
Value: a9cd388c8498def
.cpx.to/ Name: dsp_OPENX
Value: a957f373-2d05-47ee-8e7e-b617dab82e49#1643646837482
io.narrative.io/ Name: io.narrative.guid.v2
Value: 965f0810-82b3-11ec-b070-0a4515f2e365
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-965dc45a-82b3-11ec-b646-6a23e1f7cedc
.fiftyt.com/ Name: fifid
Value: a349f40d-39cb-428c-754f-4a6ce251d7c8
.fiftyt.com/ Name: cs
Value: MTY0MzY0NjgzN3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fCixqve9fqQP3KIJg-3J4n7qnFS_DP7Bn-AClgNbgK1r
.linkedin.com/ Name: li_sugr
Value: 948f0aba-53ad-47e6-a358-37114db0f5ed
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c52df5f3-6301-4db0-8ebf-908af83a3576"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2213:u=1:x=1:i=1643646837:t=1643733237:v=2:sig=AQFyvXdk2bsctpejP4mXhBtwJd4600O-"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-AXolYQctdT8aeiY9UyhuPwd5cG8acno6DnJ62YuR&KRTB&19420-AXolYQctdT8aeiY9UyhuPwd5cG8acno6DnJ62YuR&KRTB&22979-AXolYQctdT8aeiY9UyhuPwd5cG8acno6DnJ62YuR
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4909702476009743137&KRTB&23339-4909702476009743137
.pubmatic.com/ Name: KRTBCOOKIE_964
Value: 20918-cuid_96358712-82b3-11ec-823f-125e5676ad8d
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-946cd5fe-82b3-11ec-a9bf-a10e15a78249&KRTB&23011-946cd5fe-82b3-11ec-a9bf-a10e15a78249
.technoratimedia.com/ Name: tads_uidp_55
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMTc2OSwidXNyIjoicWdZZXNnWWJNalJVUm01RmJHMUVWMVJOYXpFNVRXOTVOMk5wYkVaWFVuaEYifQ.hPreT-4qtODoqsd_2h_fgygrbqlRZzjPlwMKjIDc8H4nT-IX3qbyrFaGdd9kC4QehaxHv02tykmY6TNS_TDjHA
.fiftyt.com/ Name: fppm
Value: 20220131163357
ads.stickyadstv.com/ Name: uid-bp-23409
Value: 95f67a7f-6a67-4f11-ba56-4db76b4e16ad
.lijit.com/ Name: _ljtrtb_76
Value: 858401a0-fb19-41ec-ab54-f81da39e0e99
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGblmjalQpsgNpfT7pAAAAAAA&KRTB&22713-AAAGblmjalQpsgNpfT7pAAAAAAA&KRTB&22715-AAAGblmjalQpsgNpfT7pAAAAAAA
.pubmatic.com/ Name: PugT
Value: 1643624164
.mookie1.com/ Name: syncdata_NEU
Value: 1
.justpremium.com/ Name: jpxumaster
Value: um-5ab58f38-6e61-4473-aaca-294a2d9a4b75-1643646837
.justpremium.com/ Name: jpxumatched
Value: ox
.dyntrk.com/ Name: dyn_u
Value: 06030002_61f80f75af97e
.sundaysky.com/ Name: sskyu
Value: d6.26b5ee0a76404927b0a0c5ea9275e162
.sundaysky.com/ Name: sskyCreationTime
Value: 1643646837726
.acuityplatform.com/ Name: auid
Value: 643924338726
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjL6jXVzZXJNYXRjaGluZ0lkJKyRbGFzdERyb3BUaW1lTWlsbGlzJQE/LB9GHraYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBPywfRh62j3RoaXJkUGFydHlVc2VySWRjOTc4YTkyZGQtYmQyYS00ZGZiLWI2MjYtYTQyNjZiOGIwOWNj+/uGdmVyc2lvbsL7
.adsymptotic.com/ Name: U
Value: ad6ca8002cc51a54575ea3bb91b0e025
.sundaysky.com/ Name: sskya
Value: "e294Ont0czoiMzZjM2NsIix0OiJuaSJ9fQ=="
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22108%22%3A%2220220131%22%2C%22141%22%3A%2220220131%22%7D
.onaudience.com/ Name: cookie
Value: e4cb6d0de85c98aa
.onaudience.com/ Name: done_redirects104
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: a2nr6iP3rT6CiAyPrWjpZccQlyKyXVOKtN9oTNAiHLIJC34t9bwbCZaxCUUkylAcWabRkPO0vA
.brand-display.com/ Name: _knxq_
Value: 44a9aa08-e1fe-3e2d-3d82c194.1643646837.0.1643646837.1643646837
.onaudience.com/ Name: done_redirects147
Value: 1
.onaudience.com/ Name: done_redirects219
Value: 1
.technoratimedia.com/ Name: tads_zora
Value: 2
.zeotap.com/ Name: zc
Value: 36bdcfee-fa91-429b-7bb0-88f8b1b87b3e
.zeotap.com/ Name: zsc
Value: .%0E%D4%82e%1D%15Aj%2A%7C%B6g%07%AF%E2%A8%EA%E7%B9%09%5B%3EL%7B%89%9F%85%40%FE%06%E5%0Ej2%15%B4s%F3%5E%86%C7t%9C%08%F8%BCt%97%B4%C0L%D4%1B%E9%132-%FC%D5%9E%3F%8A%89%E7%9EgY%5E%F3%86V%93%A7%A7xP5%1A%A5%2A%07%EE
.dotomi.com/ Name: DotomiTest
Value: 4e112ec5c197121b
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 4bmu5ZGG%2BP5jQlM%2FVxHigEpixKt2DxPisVFXTOp4I0ZhiPvJ7eG7PVaICOELWuCqHkU3F7%2BnPqJWh8ddvtCUQg%3D%3D
fksnk.com/ Name: AWSALBCORS
Value: GPKHmcVc484nTMcq2AsjBrOgxTbiodWFZvrY2NZ4RluQUAR+IW45Du74rXxoE/XAWI1xIOfD5+9jrOUoX2lS7l7TJosxQaqWxKvhL2hMxSfo3nZdsuB95AvrjAwM
.fksnk.com/ Name: f_001
Value: 0F4B59F00341DCDE
.fksnk.com/ Name: g_001
Value: 1
.mxptint.net/ Name: mxpim
Value: R1D531_EA90DFED_6D890629.1.61F80F770000000000000000000000000000000061F80F75
.revjet.com/ Name: track_trx_tag169502
Value: 7666815872634365148
.revjet.com/ Name: ads
Value: 39ae1c325b81599c2a7087eff86e2284
.revjet.com/ Name: trx
Value: 4977841011401976321
.volvelle.tech/ Name: ouuid
Value: 52638daa-6014-4119-b150-9bcba7f3100a
.volvelle.tech/ Name: c
Value: 1643646839
.volvelle.tech/ Name: ouuid_lu
Value: 1643646839
a.clickcertain.com/ Name: _ccpx_u
Value: 35cc591c%2df543%2d4cfd%2d9cb0%2d2c2dcf2b0b91
.pubmatic.com/ Name: SPugT
Value: 1643646839
.openx.net/ Name: pd
Value: v2|1643646833.2.1.1.2|iKvMgakWgy.mmbwuYvPeShEgKg2f8ke.hMg6s7vIfYvVhAn8lwvZmKvJnovDf4csvUvuoqvR.t1vofIrZvstCtpeDsvv5vE.fs
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1bwz|4is.0.CAESEIZVlXNWG8RjN3gZhFymNhE|7bq.0.1|7TZ.0.1|7LJ.0.8bac0724-2036-44e9-8d74-32f1a715d54a|7dN.0.AAD-x07D8B8AAAY-sIC1wQ
.go.sonobi.com/ Name: __uin_td
Value: f7b60080-53d0-4379-88f3-81d8f68637b7
.go.sonobi.com/ Name: __uin_mm
Value: 6a6661f8-0f72-4100-92ed-e1893d6cb49c
.teads.tv/ Name: tt_viewer
Value: 164deeb6-45f9-448a-bf00-8610d1d6882d
.go.sonobi.com/ Name: __uin_pp
Value: voXcyPVxQiGh
.go.sonobi.com/ Name: HAPLB8S
Value: s8529|YfgPd
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAANvFyGtoZmJsZmJmYWxuZGz4C4lvYmpktIoFSd7ExGyVKIJvaWlkAgCcntuZQAAAAA
.go.sonobi.com/ Name: __uin_zt
Value: 5134455420248101649
.go.sonobi.com/ Name: __uin_bw
Value: f099e3ae-440c-48b2-9845-1d4b4b9f77d8
.intentiq.com/ Name: IQMediaMathCookieSync
Value: 1643646840314
.lijit.com/ Name: ljtrtb
Value: eJyrVjI3U7JSsjC1MDEwTDTQTUsytNQ1MUxN1k1MMjXRTbMwTEk0tkw1SLW0VKoFAP2NC54%3D
.lijit.com/ Name: _ljtrtb_8101
Value: laymcpWfEK
.id5-sync.com/ Name: callback
Value:
.intentiq.com/ Name: IQSovernCookieSync
Value: 1643646840358
.intentiq.com/ Name: IQadv
Value: 1643646840358
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMjBfMCZTdzc0Y1RJIzEwMjExXzAmU3c3NGRabiMyM18wJlN3NzRkWjAjMjRfMCZTdzc0YklrIzEwMDQzXzAmU3c3NGI3NyMxMDEzOV8wJlN3NzRiTEQjMTUxMTVfMCZTdzc0YkxtIzEwMTQwXzAmU3c3NGRZSQ
.intentiq.com/ Name: IQPData
Value: 628656835#1643646840407#0#1643646830938
.id5-sync.com/ Name: id5
Value: c7318338-ca08-4329-8d8c-a1b436713569#1643646840294#2
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFb3BlbngSCwick9WNsLiyOhAFEhYKB3J1Ymljb24SCwj8wryUsLiyOhAFEhYKB3N2eDl0NTASCwi-2pqtsLiyOhAFGAEgASgCMgsIuJWS_sa4sjoQBTgBWgc4aDl1MTFoYAI.
.mediarithmics.com/ Name: mics_vid
Value: 24888306587
.mediarithmics.com/ Name: mics_uaid
Value: web:1:88016837-8462-4c7b-9270-4a0f4a38ee1f
.mediarithmics.com/ Name: mics_lts
Value: 1643646842538
.360yield.com/ Name: um
Value: !313,d2GaQGFjpxmlsXlqSpvZi1-WqlTsh-cAZqL820mVTlc-LY6BTD-V6RM6wD9tXwn9g3XYecc39G3CUjwb,1651422842
.360yield.com/ Name: umeh
Value: !313,0,1705854842,-1
.id5-sync.com/ Name: 3pi
Value: 434#1643646840394#1966524129|2#1643646840518#-1517181360#4909702476009743137|18#1643646842655#1249926699|3#1643646840641#306418067#6a6661f8-0f72-4100-92ed-e1893d6cb49c|916#1643646842771#-613005521|264#1643646840762#-713675269#f7b60080-53d0-4379-88f3-81d8f68637b7|155#1643646842908#-487137837#AAD-x07D8B8AAAY-sIC1wQ
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:

33 Console Messages

Source Level URL
Text
javascript warning URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202112060/js/advertiserwidget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.kokomotribune.com
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202112060/js/advertiserwidget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.kokomotribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627229/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6;misc=1643646832011;us_privacy=1---;' from origin 'https://www.kokomotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627229/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6;misc=1643646832011;us_privacy=1---;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kokomotribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627234/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5;misc=1643646832011;us_privacy=1---;' from origin 'https://www.kokomotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627234/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5;misc=1643646832011;us_privacy=1---;
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://www.kokomotribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627232/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1;misc=1643646832010;us_privacy=1---;' from origin 'https://www.kokomotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627232/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1;misc=1643646832010;us_privacy=1---;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kokomotribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627233/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3;misc=1643646832011;us_privacy=1---;' from origin 'https://www.kokomotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627233/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3;misc=1643646832011;us_privacy=1---;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kokomotribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627228/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2;misc=1643646832011;us_privacy=1---;' from origin 'https://www.kokomotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627228/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2;misc=1643646832011;us_privacy=1---;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kokomotribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955987/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=7;misc=1643646832011;us_privacy=1---;' from origin 'https://www.kokomotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955987/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=7;misc=1643646832011;us_privacy=1---;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kokomotribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627231/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4;misc=1643646832011;us_privacy=1---;' from origin 'https://www.kokomotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627231/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4;misc=1643646832011;us_privacy=1---;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kokomotribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955988/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=8;misc=1643646832011;us_privacy=1---;' from origin 'https://www.kokomotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955988/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=8;misc=1643646832011;us_privacy=1---;
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=4909702476009743137&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DZo2OeftS36_BLjVzTYT4QEeeWHWZOzjZx9p3W_hhUmZxxtId55EaTk23yZcpR5tb%26uid%3D%7BUSER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4&google_push=AYg5qPL50-Zr5qqaWzEoUlLmDh2uAoJJsZOCD3ahtI6FzyfblWU0uI8FBpxYk-oHrB2Z-4pSqxzoLT_n9F_PLp-kQV3GZRGhoOp4
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=UipM9w5fp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfgPcVN-dLfCtiUyYqeTcwAAA90AAAAB&google_push=AYg5qPJhc0gHHHCbk4JprM-T2eJn3dUyTTBpygtn-Ssg0rfkueNlUGpXdeI3BVwjfuDc5fLc5LE_EaTPGj4zqRw6GA5FVBXx0PS0s0WztMMl56YhN-dwQQS6-Fkat8qw60uLvUz_3iU80g&google_cver=1&google_gid=CAESEItaiIXsHSiEe2MtuYvsYU4
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
other warning URL: https://engage.imds-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Message:
Unrecognized feature: 'ambient-light-sensor'.
network error URL: https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD-x07D8B8AAAY-sIC1wQ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://kokomotribune.com/content/tncms/ads/_popup/1.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d1b37fe53721e3efb41e50d4b65092a.safeframe.googlesyndication.com
33across-match.dotomi.com
6358cc6f43e096b69013ca8fbe8a0fa0.safeframe.googlesyndication.com
64079d933a1814e8a7c3237fb16b6abd.safeframe.googlesyndication.com
6868765e4117553c807c0d618fa43454.safeframe.googlesyndication.com
a.clickcertain.com
a.sportradarserving.com
a.tribalfusion.com
a.volvelle.tech
a.wishabi.com
aa.agkn.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.crwdcntrl.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.creative-serving.com
ads.pubmatic.com
ads.revjet.com
ads.stickyadstv.com
ads.us.criteo.com
ads.yahoo.com
ads.yieldmo.com
adserver-us.adtech.advertising.com
adservice.google.com
adspsp.com
adtag.technoratimedia.com
aep.mxptint.net
ajax.googleapis.com
am4.imds-cdn.com
amazon-tam-match.dotomi.com
ampcid.google.com
ap.lijit.com
apex.go.sonobi.com
api.circularhub.com
api.viafoura.co
aud.pubmatic.com
b1sync.zemanta.com
bandborder.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bids.concert.io
bloximages.chicago2.vip.townnews.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
casmp.adperfect.com
cat.va.us.criteo.com
cdn-resources.prfct.cc
cdn.ampproject.org
cdn.cityspark.com
cdn.concert.io
cdn.districtm.io
cdn.jsdelivr.net
cdn.viafoura.net
cdnjs.cloudflare.com
ce.lijit.com
citysparkstorage.blob.core.windows.net
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
cms.quantserve.com
cnhi-d.openx.net
code.jquery.com
connect.facebook.net
content.cdntwrk.com
contextual.media.net
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
csi.gstatic.com
csm.us.criteo.net
csp.azureedge.net
csync.loopme.me
d.agkn.com
d1gzrgn7m19oq9.cloudfront.net
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
dclk-match.dotomi.com
de.tynt.com
digitalservices.ap.org
dis.criteo.com
displayf-tm.everesttech.net
districtm-match.dotomi.com
dmp.brand-display.com
dmx.districtm.io
dmx.us-east-31.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
ef3c2bca5413b5bd7ff8e29137f03052.safeframe.googlesyndication.com
engage.imds-cdn.com
eu-u.openx.net
eus.rubiconproject.com
f.wishabi.net
fei.pro-market.net
fksnk.com
flipp.com
fonts.googleapis.com
fonts.gstatic.com
geo.adspsp.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i.simpli.fi
i.viafoura.co
i.w55c.net
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.wishabi.net
imasdk.googleapis.com
io.narrative.io
jadserve.postrelease.com
japfg-trending-content.appspot.com
js-sec.indexww.com
justapinch-com-d.openx.net
kokomotribune-cnhi-pw.newsmemory.com
kokomotribune.com
lh3.googleusercontent.com
loadm.exelator.com
mapi.associatedpress.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
mwzeom.zeotap.com
nep.advangelists.com
notifications.viafoura.co
ntvcld-a.akamaihd.net
odr.mookie1.com
onetag-sys.com
openx-ums.acuityplatform.com
openx.adhaven.com
openx2-match.dotomi.com
oxp.mxptint.net
p.adsymptotic.com
p.cityspark.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pix.us.criteo.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playtime.tubemogul.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod.adspsp.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.turn.com
reflex-engage.imds-cdn.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rtb.va.us.criteo.com
rules.quantcount.com
s-jsonp.moatads.com
s.ad.smaato.net
s.amazon-adsystem.com
s.cpx.to
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
shop.cnhi.com
simage2.pubmatic.com
simage4.pubmatic.com
simplifi.partners.tremorhub.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.cnhionline.com
static.criteo.net
stats.g.doubleclick.net
statsf-tm.everesttech.net
synacor-match.dotomi.com
synadproducts.synacormedia.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.hgrtb.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
tag.simpli.fi
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uat-net.technoratimedia.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
usermatch.krxd.net
vam-streaming.imds-cdn.com
vid-io-cle.springserve.com
vid.springserve.com
visitor.fiftyt.com
vop.sundaysky.com
vpaid.springserve.com
wintergames.ap.org
ws.rqtrk.eu
www.americanhometownmedia.com
www.flipp.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ifoldsflip.com
www.justapinch.com
www.kokomotribune.com
x.bidswitch.net
z.moatads.com
adserver-us.adtech.advertising.com
cm.g.doubleclick.net
id5-sync.com
sync.hgrtb.com
tpc.googlesyndication.com
104.100.146.176
104.118.8.25
104.16.19.94
104.16.190.66
104.16.87.20
104.18.13.5
104.18.131.43
104.18.98.194
104.21.192.116
104.22.24.87
104.36.115.109
104.36.115.113
104.36.115.114
107.178.240.89
107.178.246.49
107.178.254.65
107.21.225.177
107.23.85.233
124.146.215.46
13.107.42.14
13.225.214.15
13.225.230.118
13.225.70.28
13.226.31.35
13.226.31.96
13.33.46.101
13.33.46.109
13.33.46.120
13.33.46.33
13.33.46.54
13.33.46.77
130.211.10.17
135.148.122.24
141.226.224.48
141.94.170.77
142.250.176.193
142.250.176.200
142.250.182.130
142.250.199.67
142.250.65.162
142.250.65.170
142.250.65.202
142.250.65.225
142.250.65.228
142.250.72.102
142.250.80.66
142.250.80.74
142.250.81.226
142.250.81.232
142.250.81.238
142.251.35.162
142.251.35.180
142.251.4.155
142.251.40.110
142.251.40.130
142.251.40.134
142.251.40.162
142.251.40.193
142.251.40.195
142.251.41.2
143.204.137.197
143.204.150.110
143.204.150.5
143.204.150.85
143.204.150.88
15.235.11.22
150.136.222.2
151.101.193.108
151.101.194.49
152.195.19.97
152.199.4.100
152.199.5.184
159.127.42.140
162.210.196.208
162.248.18.10
162.248.18.11
169.197.150.8
169.44.76.89
169.55.1.118
173.223.72.70
173.231.184.20
18.197.240.17
18.223.14.89
184.50.205.90
185.167.164.49
185.184.10.30
185.184.8.65
192.104.182.209
192.132.33.46
192.184.68.213
192.229.210.241
192.35.249.120
193.0.160.129
193.122.174.27
198.148.27.139
199.127.204.142
199.187.193.182
199.232.196.124
20.60.81.197
204.2.255.224
204.79.197.200
207.198.113.169
209.54.176.128
216.17.34.108
23.1.193.230
23.215.130.232
23.215.130.97
23.41.168.244
23.41.169.149
23.41.169.60
23.50.66.244
23.50.75.217
23.52.161.180
23.52.164.7
23.88.75.186
23.92.190.74
3.19.190.206
3.208.105.70
3.210.68.57
3.212.61.226
3.215.60.8
3.218.90.66
3.224.251.175
3.226.102.122
3.228.147.119
3.230.217.116
3.98.63.202
31.13.71.7
34.102.163.6
34.102.227.237
34.107.222.173
34.117.126.186
34.117.239.71
34.117.86.81
34.120.58.62
34.195.162.159
34.197.52.200
34.199.204.104
34.229.3.43
34.232.192.101
34.236.180.141
34.236.20.32
34.237.173.244
34.237.23.137
34.238.175.171
34.75.117.5
34.96.105.8
35.165.126.69
35.190.39.246
35.190.60.146
35.190.90.30
35.201.96.126
35.210.53.219
35.211.119.26
35.211.233.246
35.212.101.174
35.227.252.103
35.244.159.8
35.244.216.234
35.71.139.29
38.27.122.126
38.67.14.232
44.194.225.67
44.198.222.213
46.228.164.11
50.116.194.21
51.222.39.187
52.116.221.248
52.12.81.72
52.16.87.205
52.160.40.218
52.200.22.214
52.200.245.104
52.223.40.198
52.23.146.219
52.45.237.203
52.73.153.177
52.86.150.190
52.86.210.192
54.147.104.104
54.147.68.28
54.161.185.0
54.164.74.135
54.165.130.110
54.173.43.128
54.226.129.154
54.226.209.67
54.234.88.163
54.236.214.209
54.237.31.67
54.243.106.181
54.71.105.208
54.82.174.208
54.85.150.31
54.86.119.171
63.251.28.219
67.202.105.23
67.202.105.34
68.67.161.205
68.67.179.77
69.147.92.11
69.16.175.10
69.166.1.10
69.166.1.14
69.173.144.138
69.173.144.139
69.173.151.100
69.90.254.78
70.42.32.95
72.21.81.64
74.119.119.129
74.119.119.130
74.119.119.131
74.119.119.137
74.119.119.139
74.119.119.145
74.119.119.147
74.119.119.149
74.119.119.150
74.121.140.14
74.217.31.246
75.101.168.201
8.28.7.83
8.28.7.84
99.84.42.126
99.84.42.129
99.84.42.42
99.84.42.95
00bc27952ca428c59c06d9766803b6b634190f9df1f3f97087f83d765e36ed19
01a5a90b9e567bef3e1bd1a7defbbdd5d3b135b21dce554783778ee825f9541f
029086d89d5b475ab8cb71cb223c502ba19980692d60958dcfd6571aed75d98f
0304020d555cd01e64c4a0aa6e52e16d829db28b917bb6abf54c6602a487cfb1
034ef92f58ef6d441066f15a2514f3dd65bab5b42ba776c1d071bd773f1fd45f
051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0
05d15b90d5d0083b16e9b9917566fc391a5d2822551f3047d0abedeb4b53ec62
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c2cd271841d970111ce4bdf05baf71f829e76d9a44fdb35ced1a94e1a6fb15
08f50c0aea90c1404e80f2281f96b66bb45c75b14feb9b0ec88ecdac73c25379
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
097f27605ca0d079486d606eb3ab573a5685710b4f6d9d906327bcbffa45bec5
09d33b8bf2b197f37094de12f70fbebf519aaa660cc5cfdec3f209c3897723cb
0a75a24eb7d1cb855611174482489741928526514df4e2a17eecde39c2cce489
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef
0aac2695cc7744360a48f34dc4020535516812bd66f8a805743b0d326f15a266
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0ace6ed2a0443e0ce6c8d2f0bada232e05efdf973b42020b8167591a383096d1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b193e9148db8d0686329a827b820586dc18f64f47a126980a9a4bb2f2f31ff6
0b6b46c64c54f443109ad9f87576521545e29e1dab013f5b0df1896b5fe768b2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
0da8990b2deaff73fd3a28b59f8afaf9a141cfc792f6700e3d4c9dcb4195d791
0df2aedfce5f1b1d0d549bdc24bac8ff8041df350bf45c0b225d4d84260150b9
0e39434c2eae87a64684f2952d8b95d9ba7f6ec76886027951af2b12a43f8f0e
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0ea7b10d47092c289c1c2cf5ce890521bb19b0fdf092af8c32478d88bfa01f58
0eade3746f17e9891967eae7c851822b3214419a56edf6d6498da2370da23e54
0f1af209799961bb3d3ac9d9a122b012bc766720d0dd6d88562920b3820238b3
0fd9714b9566c94b342426ea03fcf07265fd815e091caba812101d47adcca294
114ec1413a432ab8e953f6a9b3ec8e09aa458c5cf4b44939b5a64fb56a9e683c
1165bead2354eab83a4d6883fc2144fca8870a4d2454b4a5aa24e7e4a9239540
1192c820b840863b96f0d2c09c87d67bfb150db923ec218347ce30d15e9d9ef2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
16ecca79afaa9ff085d1e94da5633727316f4eb058e4b484423a58db6f10767b
17bb3786c165a2e201f712c8a9cdcb7313cddac82c910284aeccacfd8e8ba5c7
17e3295cd80573337b402a9e5266de82c451b52e934d011480c4c0bd6c6eb2ad
184a1b47ae9d07025bc17e6b05a1989808d1c6fd3db77e083957e4108c24b55c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188ea392d7637a2dbda8795724e0057b7417720204d19de055dddd0d0e41c9cf
18bbead0e363733f976cac3f20c102dc1db225e367e1a89cd43f9d70a15e1036
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
19a60c448ec2c26af27244a41eb8da427133182653be71ece5fbbdc4936fdd4e
1ade863fd803caacbf1659f8c6b95a9692c62c2a37c4e833ea9119511d5f2797
1bbabdc6a8165c49d6634ec2d8e562c97546f65094bee580704b7242e1c3e603
1d6c771d5a031898c49a43f646165414ca6cea0d2c24bbed59a3828d8641c0fe
1ddd466f2537ff1e7c620b9f5d3c50229baa530655c61abbdc412cf7b6c7fd5e
1e510c465c34d4783b2b547bd65e54a69ae7f17c44f0d29593de1471b19c85e2
1ecd62b677c9161fb94bd27207b10c8ee14483730c0d06747662042ff0ced983
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2014958457f9c77c4c253c58a3d7d0d44f87b6cbbb009a7c0b4d055b74bcdc7f
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
21a956bcf5c00db6c1347feed2290e4e1f3290cab567a1b8548c870f4f821441
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22b4bf26b9c79e0b28e89503a4de4f9153994acdf351d89fc46e3700b5fa7d7b
242fef2eb261b4818f86b0b830c3281a5d8ebf5080b47d7aa93d239dbb05b95a
245fa809aa43b27d3fe006d71779fe9ddbb79e0d1a566345f3bc480cb59cbe50
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
28bf06b1bfcefd89af837eb732a2a40d479e1c90395a4f14c5d1da3a97f05ebb
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29238a235ae8f32ad573d8b78d4c0c35978eb4c65e63542e4f1a604648892555
293e9d345a6ab9af1199b21a61b7e4d7c379c7a89f6118b58c18a6827d07e1e7
29c1ed9f153ac000ec2ec75b7a8e96354f694a73a455255e5315561d566bf5d7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0933d61dc2af9edae739c00779506763d9f23011d2cbe1a6e410a5710d5004
2b6a1cca626a1192f8480f43e4ba7425e8f5c5c3744bd30ecab5cea0e274b668
2bc87158139e11011129ae8bf843e030481ea97f9ce45797067bfc20880860a4
2d8f51299915ddd7c603568a0bb9f09e51131dc8ef68adab932f541bff05b24e
2df38c38b392acba9e07785efbd04f743269ae05c98628eb8279010912cfba5e
2e1138781e8e7bbfbd486a9b43ad0a5179db2fbd5a14ce5cdf65276f8346bfe9
2e4ec4a00706d33bd457b2fd9226730ffd6b8eda6ca34b15e093f0ea46714752
2ec855206935e32d9ad48b5919e4c66b5f4366e04ab07fdade79bab9ff58033c
2eeb7bb8e834d218b3e1439745d932596446ddebc85054532ba1c1e76e56a7fd
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fe9954eaeba447705b53b2a15d7e7e0eb5f368d5eb9ade97ab202e665e71dc7
31a97591328133bb55503ae04ccaaa5a65385d77a13dce3b67d2e4bf601bc1ca
3206fdc6e78c7dc5e95b43ad7cc459d965ff026e828a31612bc056eb839d0555
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3290a47b7591b700d705708ab09b138f5fb9d337e5546e92c33a5c2a9af7f4ad
339c6d769d8833c8d3012bd23e090f24d3419ea4d4b69855012e9c3271e38ffe
33ac5d23f6f7f0ce3ba0599df5b54284bb3a9a709dd700594be732480a5263d6
343c3f66452116621f20adc7eef6810649a590eeef134d8c791d8e97662e4e5c
34da1548a7fd8ece22234e8ae999b80b49dcfaa93c2979335ca5bd061e2f0355
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
373508ee6c05232068e322f2801b3b98c8ae642c437de11df9ac055686e812cc
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
386665dc42e0a4e6d6cbe499e0c550eeb08a78a057d5bc95aaed76615d632c84
387c9eebae04bce02e1ab7d9aef2dd386d5b9e243396ac3f3c1a202c6e82c551
39676c150e13bb22ce3b404fba7ec89598be4c62186ded2c74956a031060dbe4
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3a8a6ddab517274d30f7b11bb6cf8496bdf8821033f31810d451f8ea6f5d765a
3adaa4daf4886e87addc1d25cf0b421cd6ed149dcb621ad42011b681df46e07e
3b481d1a93f3dff7a490e5ddadc9cd6f3d71fdafbe446d368f9948be01353692
3c5dc62e6570d4f38388ab5e91d4f5c6ae09d7214bed826b569ad689668b4b2e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4099b5bdf9be49fcf654fac34b0b17aeb6fc365f3fbfc624735da28992c25de1
40d608a878688699c09b2399f1d15283184ab7c75c944bc5edbbbd9864e26764
40f188978634d504a536eecb89ef9799c76888a80e2ef6220e9f3b6e190a41da
40f3b375ce51b5862cf2bd6ed720107513cc2eff0db49c1e17cfff62d69707d6
4117ae8fa5f3ed1edaeea93087052e9b2cfa16548d7da093fdeb7c83558367e5
41e3d1818f931c982205673dcef9839c8970acc2f5528abe4fc86aece04ad647
4206c7ad97918376f10ea2887d6f73aba203c55f69099b790be043ee5f91f40c
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
4253b12ae46ca6eca976e38a55c18ec45d3ac55a6d3803e9ee3914bb0a09c145
4253eeffa7e2615ed928c93b3a121f78f5204a9d309b0f337a99df4e075c7f0c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42cb06e5da71ace9dea336071f06d9f9d5dc139cc9d368e3769ee8510fd41329
44bfb8039bf3a9b0f48967c9b5bdbc135c59706529cf9bafb9f56a67379e8b1a
44f04a39122978caf73851dc247fb50c8a1a04ece8dfee902b11ba74781fe810
4673ca96eb293a1b563b32442763103faffa1aebbb21a129d4403c3e9c54c400
46b5efe32423049467d41586b84962af93f154b542ca4e34ea0216ea7747f186
4754923e9872bb96e8a6cd0b84cd7cfb354129ed28f1d3edd8b5a492fb86afd5
47f6d831080dee4d96d96e737346c9c50c85f90a4ce151477688c97a7287cb75
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
493b0d1099fd2daaa943d3aa89c2bf03e7cc23b2963e98f5ca5b9ea5bbdfdee3
4af56ef950b2e57a1f574fe6323ecd810d0b95f8731dd7b6e98d4ad2e94631e5
4afd2c9d04c9aa1f10272ad36951f2e8fa743e0a7dde685cd481a04ab3cccce2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6274060eef1a89eca9814cd04b5f148a34f9cab47059edb703588f339717e2
4bb20c4898a27a3a52e6cb8f21cdddead8255a279e5c490e5aa82e0189581dd8
4c39f5d08e6fadde3ffd025fc835d15c28b51262f684b34b053543e882ac61c0
4cc6003cc098fd5b2bb57de84be137724be3cd84e588df5d06f4b143399272de
4d190eba56a70ceebc6f30127b9fc2e441601e159e6e6fc56eeaa47ee568670a
4df97bc7f23984214192023edaa2fe2c6868a0b58447c9f1a79ee5c96a0edfea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
4e629876f06e9131d30fa228f18833fec649e00e775e25187c167453cf2e68f1
4ede0b2e4a60c21d66737254c2a833c7d74cf8cc3096dcd98299aa005c62e37f
5056009a1b1450ba53675a5f438be1bdbd585db9468d2d81f50882b2c659ed07
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50db959d25940c24cdac17cec1c6784d8fc0d677c4e172bd241a7ca58e6d4f8d
5198ce706f1b96c34ddce2f3f337b6e9b9f4938a47f2be93c029a93341bed17f
524857a098e0fb4323aece41b20aa791742553ecceb4cca73962218960688fb4
52e00080a18c25ea403e7f2fd282bf52526d8efa6c56f1a5ba280c172eb5d80d
53f183385547d275506baad2ee19452845612da03ea555f18265f136ed9754b8
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54913bb21529a236f8d181d6dbd4ac21e241fb85bf11f3850087a0a83477a809
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004
55afb3ad4190adc79e7f90ee0640802905b5e794b9220401134babd8368b7589
55cd050874e30e1598e9f18f7e5eca36ba29c683f5f7bbadfb66a1116e28ccf5
560200d3df1251de2e33e73b5dc39c2d39227c9ec21528d3246428078cda9053
57a5acf7d0218070713c93807f7ebf6b49ef30342cad35704aea170cdaec596d
57e3c170fa4e9e75966f0570199c6e94aaf1e3fadf84ded37f8051f94b88283a
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
587db890b1ef5d6613769153c53a35f6347e85edf3fe5781339e3c79a838ac2b
5893bd080d50d15706acc7a4a216160ed89641c7f7ef286418a57ca2d684d744
5912c5a55569ea3ad9889a9e21fa23dd69ef3aa5e4a4c656158d5aac68734d5c
5a1534f0a982f9f46d3cf2ecb9858b79563feccce09bbd595ed98ea47d64fbcb
5ac0bbb7d70f87cd2e6ee7a62ce39d7aa6fe114d47e47bec8d50bb55759bbf85
5b876f20b70a708f8dba01ec3cfc7e4c1012c8fac2497228e88a00c4a366580c
5d4035628bdf4270cf7a15e47c77fd35dd1de4b03129172eabeae7bbddaac57c
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
5e943aba4b3dfeabd8cc7ed072796380457fca9b6dce20e94b4a31fbe818fa65
5ef34825751aeb2b81acd036304d68e62aecf1d9fdd564424296b95352ec9bb1
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
5f4f403543b0ab8398be19a68bd906e5b862f4bf3e1372798c0c84336075874f
5f73689219b6223082fe22414c9290fdaf4567608bf797a952e700ecae7ae75c
5fe8aaea5a3a7941bfcf5e1b32f8a6663f0bc586da8f1f9155c8e6a51ae7ad8f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
602781cab601ad026204f89aca5f318f6aa82391de2afc222720b47da3d30e4b
607ef34b880b6e52c03587ce7265f3633a45666b320ba1ff90b5128844799d3a
60a4b7df11899f4c2beadd6c42358b829739aef12cedd672a26839b1273a433f
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634f034f5522c3670f06116b2c75cbb4de31a9b17889b3a10f3431847d40597d
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
63b5fa6ea24b22d8bc890c231bcb9026f574774d4b128073742a3e23663152c0
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
64754f168a3b1f3fe4366208ef01c05a57681dc8e0be47377c8917b5fa1d415f
65663dee4751f568ca96f15471fdd2e9ed91725459a2ebb7473f6a50e2c87155
65f7738f8c4904125b6876b594ca6c2c7e8281c25ca626055b10d03e9b240ef2
661294bbaa1c90b3f755990ac024975d8553b8027eef08c0aed1dff19ac2ddf0
665ce6c74873963f7329ffb5d8998bc22a53e99b5663fb45042d08ac37f2e13b
66b93bcaadc33e7072b3fab6673a3771816936ede5145c2e0c5e8c15cb26f972
66c456b606231cd84cd7408994f7f80580788b94e8e82ef2110dbe3cff907f49
6766d4008bca215dab0c1a7391a36aee2c5adc6a4100245171feb938ab430d8e
677789b21eb1543f27cf7220da0b6f7c21a2fd207dcd1068c1b5e15a8d06ec62
687cd802179b4c19188239ae01422a277ac6cf5d80ce296f1b0ca7b109e5ae41
6913d0d7f118ff5eaa320dfd08b9e150dd6a4fe5f3b067ae0b2569b28f5bfaec
693983f446da22ec169ea1cda8e439bdb59297e211af86071e3dddaad1470a28
69b4096bc7c135dbf8d5ff7cbadbebd2c7a2cc1fa21dee1bd4f68bb49fc9694a
6a015445f2a03b0c7b4864804e25903bcc16ff7283b38b1ed3c8932396cdfacd
6a4b63c39d5a2746c94fe06cd2dd8ebc7f76b66c2bc423d5f0da630c9cd35090
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc2b8fea24fa1c8b174c7129eb2061dd61cb439252efcf3350a418ff38721dd
6d314ac02b2152fc1fe7e334c28b0968c7136c3f96c98bb7a846e4e1ede68b76
6eb4cf4c6d6b648863405c9b0ece8f08300639c4874d19841913b6b50dc12d03
6f561f6e0ea764db8e427994113b22c7a6023660e6107b1c92d9a58f6e20e9fd
6fee8b4efec9b0317fa9c53cffbda34f21dace30ad3104e5af3cadf6217fc354
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36
70473c8ac1784e732b6f939aacf1b7c7247968e94408fb7d0dbba9fab15a11cc
7062c71186c3d113954f7c16fa2a97ac412ec1f3567c643524e2ff3466b74450
71335c1634c214fcc859f2a029ac59c9d9e355c3523e5993b04b6cb8465a454d
72d00116ee3ae71d18dc323070d55ec036172e7c1ebbb7cd45a4c4c6dd1ef2f1
7361d0f700589a2c75a20699065577375cc67d1e38702cb6baef5dc8545bbe16
746ea217d97acf20cdc0b81fcbf171d21337861cb596446bfb9bba8582025507
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
75ae82973872a4e10d12bf025fc17c12830f9f1723e32dcbbc6de6b6770a2015
767d9851c852d14ed82f1851a578f5cd4e3e1ac99894b4cb954b93714ee471f0
7768a1c920f1a85bd1bf89c8a05b9c8ea7944745c9f02107dd851ef00b417acb
77ca84ae032abb3c76a97fff40f9fafd9ea69c665fb96f96b6a9b24e752935a3
79fd81f44308bea1a5f9134ad14851c0c7b520439085c4d92879ce17bf21538f
7a5c211f74ac107b20487a5b1bc71e8f692570a8d654e9f321261df8e67a8744
7b8ed82a957ce11b42b909e91f82dc310bf019fc087ac9c2e93dc978ed70ac2b
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e261eac2f55fbad96d40e3d22fb257b5988902863f951fa5cf746d4dff3f9b3
7e532c6667b369f30bf9705a22be3a86eaa889e73c0e21f024b37ad0d15fcc6a
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe9634ea990c141925ed37573193905716b93426033c92f9d8115732bb389ea
8052a24fb7595ce538f0d69f9f3c5c18d50407bb3a6e67615786338eb96870ce
806b4ea1a35d9a0327df2f3423b2792713d96cf9b2cafd5b3e0bc0b624eaaffa
80c3b0bb3843e2e6e04ae445d0096615e1d11172c1959e6b7c49094e25498238
82620a235ce91107a5c9dc947947a0b36f5646d951b072653bfd23929388a30a
82ef53af7ec7dddfddb14db5c2cb6b653316e1eb399672acc72fd8e8fb6c3717
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843970bb349e976ea74cbc5f9e3f8a90234926e7f6b36f8f0e3c59a492505657
8443264fddcb27457dabf11f679dfbfb658b3c85ebd0d9f8a255e0db465f3395
848c2b11a39d6af4a9cb08e516faaa87f05227446e5af4e2a1b7634e929806d4
84bf320b601516d189de410b529a86d05a7a0993751968b46edc9ceee192a454
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
85ff3f678e3f69d8cbb242f02666cb4bff9b944e72b44322dad7cfae320ffa96
8689b0e4dba0e36e5bf51c687d9068cb295664a558e2fc761ee4745b3a3668eb
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
86e1b92c04c3b93c5fff597c24357fc797135764b3f39cc6d2bbad62b15f61b3
86e8f74591cf79370f256d5fe6c85c2e8be27df5f2790b218b7e241a3c83f7c5
878e9c2b5145f22b737e83c3fe667b721d48cf7004563834c901db9c71137db5
8888b39fcef68347451a49b9c12fbd7f5af165a42f289fbeef6c4db2f8a33228
8893946596c44e71c6929907807cd4e70c2aee7bbaa16752d1e9996ea3b72bec
89b5f1bbabbec5d3e258d1644d8c4bf4f8b906c5c22995f6ea2a86671f91d6f9
89bdf4d47347587c1bc0642cef00f65a4783f395f4f982ae47768d22d74e18ab
8b8234cf8ab3052448812e8e8ecc975bd6f9bddccd84a8d2727fd606cd71af47
8bc46531a41b4ad6b5cb15ade0afebc3df9d789da57200727d05a32800fdc1aa
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8dfc0c9808fddc978295b6f61da8d7ec77c99c0d73e8985220c6fc3f62144d48
8e27d2f302138767c38690aab3c080156e9109cf01a196c24c197c1979dd350d
8e7af9d622fdec3950bda54d1ef4a7528f1aacc6df4a13622a5659b3206df16a
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f702e3dc72507b7be62c7a00ed3f867f9fc699c277380baf791203d15820182
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9004d4ff1ed09b144291fcf6fcaa0957a370976bf762fe634100f297effc9e9f
90857bc047b3996677f920f671a6e52242804623523910d8b6b5fec89370d61e
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91411b5954162a3763020415863fec17438020e287ec1822dd99bbf07e6cf991
9192cb6f6c6d382208a3392fc275f83d86be7c82079c9288baf0a1f59b24acb9
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
92678d0bac988e1eab55bf8261584fde04f55a04d920ac4567a367642f353ae9
9333093d62b2bdce025d4f2d10a2d3dcfb06efadc22cc4264e30915e6f2254b4
933629f4a68375cf93d1ba6f36b5b0d2ecd685400de8eac8f4772b87f41db788
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa
97d75c87b76e6a97ad53ffedccbbfaa1133f817a202a0c0592a5cbb702b836ef
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99762b0fe5da9809648a083071dcf3cde2776217ee4bde215976d6ee2cb25bcc
99b497da7b2a964997bd2ef1a7dc3ce14f962e6f11dfa21d7df25021beb3a879
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a3905be72bc6c9f36cbbcdf926ee9432fd182c16d173f677ab9cd3c1e5cd1b7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acb44dfb239f93eadbccb3479400814f8b55c65eee371f1cca85d8b4d21ffbc
9be504714f84fa58f25b9cad34552bc6d43bf33d35bc109780ab7bb566df9050
9d0b80262a33fa48a31314eed0bdbf568eb904f9df1a3a55d7036fca1d034935
9d44c04da1087e1be35a57ee5c975dc715c1aa92c31fd0233b3f7cd7014f1dcb
9dc0e651f622a4267e1d80928f816768b64bffff7db9118be29c1c1c4c3824a6
9e3318a328560cac567c76cc9df1b8395b50f066d1e8edd31ae2b15213bd3065
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55
9f6a73b8178f3cc6cea6cf7932c28b768bdc324fc55f2baf77f8d441d4497348
9f77d2b206ad096aaf6878347829c5bcddf2d245411fda33b4175dfe9b1a1894
9fb48084f1a7d8d8fc8d04196f50eca02e2de8a93332b91af55bf9cce37649bf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a13febd75abd3e9df3b14dbfd1f3d4ce260c5e3c8b13a608aa76c9f132cfa9d4
a16e154e8fb61d9a8cc79561fb5b26e52a933eff04cd4fc4243c9bc2cfae3395
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a26b4d366444b5d5a323b72688d7696829b5913fede770b02487f57413cad5f6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a335b1173687071484c2b20285ec59bf29f43afc9f07d71304647681bc34962c
a39dcd8a8301eced8c4825b72a4e737eea03205d2d21310b8bb6a6fde9690bea
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017
a41bd7159c8860f14829ed9beb02a24e7946983e5ab1ab81bf8924e87b341561
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a769d4bf461200d7c95adb57e300810ce0c5e61951f031755e91aad1329c4691
a881e8223e3183e51e0a116d08c2f519f3ba1422d154d50c1f11043e6f2387f5
a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c
a9b4cd2df07a37357e5673c5721c92f5e4e02388af416006d793c056febb7272
a9d030922966efac8bc7d2cf47756946383b523d9487d1a34e2babd7f7b59b66
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aea93cd57674c1df4ebbfe01b3de8f6b03ea7c793d520e4b504c73b22ea6cd64
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aec3194251c4426ec775266dece7f2f7cbabc62a57b8e8d1486df199ce8ede46
aee2dcedf551a2364801daf1384f60ea73d0a6a3ecdb21fbe138c9971e76ae66
b018ab4c2ffb1c6f58d78dedc038cab87b798c961c45881cd3363a9cd3bc0272
b0ad4223c32eb41ed4e463e956842ed8486847f2a4fae8a9d478eb5fadde3805
b0ba8579d179c6a2d5dd4d1363324226c9cf5378bc0b980890a01ff19117c78c
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b188229e8c0766a7306bc7290eb8f91f7b91b1b504b5beecb51043480b9fd5d1
b291343ec5c69808a3049c3483423a2f01e7c27b2643a3f9a7bcc5675b018d22
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
b5683bbd63409ac9da7ca876364fd5e0e88b53adaa98b7c95fe2ce448a217ac5
b5ff7ce5d36fa56a72f6fe5982cdc9e2f02c54f23a3e921caeaaa25e0850764c
b63dd180f0c0b259626b93a87ec7575d5f748d1fcb83acd728cbd0104110262f
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b9776264e5012834a4d0f2aa3318bc454a83a1411da9836b00f5ef2ca96398da
b9c0a5060a57f27056c3c91233b6171a086fbedfdd16630da8a34a96612fcdba
b9d1505716feb1343be02437a313be73dd35a8cc9af3f5545e7f6460bcbf531d
ba3aa391c0d6393747b1250f4a11a0c6d27baae084794058d6b0ca3b1055fdd2
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bc5659878681c2cfd30d8d38093f1c48f76da8b9dad30d9e1341a8f0febedc98
bcbaa75591909d554336f09e7aaea5b0590ed18566527cd51f063071a6553fca
bdade4e5d5794e5e6ad8c8b5cf82eb64921f30aa9fffcb6c0b51a5009ddb2488
be210deb440885f06dafbb7ea741e0eb7f15a8d3a8b1b8ad3c778709fbac2aa2
be7759cbab7e32fdeb8c48657500073ba211724abfc2da6845064ca229dfc69d
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bfcdc5bb514538c16b96948274609c06a933ee0f19dd90e3086f887a7df0e79b
c15de2b5340a556c099e0154a767d50bd42c3713fe89bd5c2369def7d93767bf
c1f8a3e56ff16c98b2a45444de34cc9082c8e43715c6118ad36a54a1620a4f37
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a66ad54e44a9a5e77657406bceaf92a9563e0bdf4aca96033d569d75cdd73b
c2c09b0ac927ec0bacd68659899c7babd73d2eab22d2961e63698a8b0a2b10c9
c34f4b2926b04bf089af27b7c1dde78082327f65a3f9eb6342e65a9f2e422540
c394ec2ee93af879865739c69caad59161b8b8e6e83746769b33c42ec3242121
c4fe1a1a66f1724b40262a880ac9d2a22dd5005e8c0e770cc781b58d0c6a0a56
c60d1063c74ade5dacbd166ae119e9d688db02715841e21ae826b9d62564ebe2
c644c113c77dc425f7bf2ea31cead0b9ef453e60e54c539f516956329a4688c9
c71d7d49487186b449a04e523d982c033c9c6a6bb29a12b20044700775931246
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc
c837b1dfaf16175200c1abbb9a3eda039b3d1543d5866ae1eaa41eeee71b4251
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
c9d920ca022c8a5bb6dcd90e540f3f5d402b41cafa552d2c8f344d843d8ae62d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caaee24e77e651e2ab22df93ca029110656a63d4cf16aeeedd468e6cb4c5f3af
caf523362238fb40fef75372c56e8354af12ad15c8fa7ec2107afe0af532a92d
cb8c40a86a8bd756124b36ff0f15b72e0d7bc315d4bb21857554d75a69ca20aa
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc765c2c6c219c6082e91d06ddf23142ebe46f856560a0deda8f04f1c7f03691
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00
cdff629c56e20c89535f897b3bc13ead99e858fee93cefc0fe899d4f1009709a
cf0d37e848249a0ccda1d363a821f986d6ec0166edeac408117fb5f0c4987de1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d041889b54d1c0bdb0b6b9b4d20c4f87b95e12d2ad04b138bae6038ab647b24e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0caf6ce9f9dcab483bbd5f2b916786afa4765b0e4eca7f6dcd9f98c6d1e7e0d
d0e9ef1f62d757a9cc35d52d7c73f4b879a1f1014da711583cfd93f6f0bf381f
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
d2140486d3c88d558fba14ed3d9bb8a9909d274dd8d4387710024b8437c77f9f
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520
d25dbc0640fbf7248585a5bd5dc63d920bb4a79e530e68b479ec49b0e2e43282
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
d3ee5e10a667f3df49b626868c8cc65deb1bbb40a925406f03ae4810741fc8d8
d3fbe78511419c2baf03068451bfa72db481bc04adffa189237f98e567b4e567
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d5dc4d6c11899ddcfb81847e2689d945558fba7a3c9b85750dd93f07890509a9
d5defa6e00a7546f37691873bb86fe20b5fae1f6ca84d40e031e95fd244f6d22
d7334e3058fafd087fd49936884e71a6581aa51b2c2333fb4bc005cf79ecdee0
d73a9ef42ce935d5eec29ddae519788aaa5512d7f6ad0480a5211b6ae458fa04
d7ab4e45d7758f6c07ddf9d3609c8f188b3341e7635aa0ff019e7b4be2889980
d7ff38ea460ae85369bd6b231f50383eb1a78dda3d1bacaa0f04282f68dc6a8f
d820f07de3581d48a6d0abc35ec099dc89baa01ab930c8962288566f98c06ae1
d8559b6fee01bd9d4c586c5f3b297d816305880a200d8e68aa382b01382866d6
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
dabb7a364d98701c4715933cb35deab6445b8413697d3d3fa63e73c49de252d7
dbe505f6a583667f81dc7892dbed9e568142818948ccd2216dc7ab76ba8f5ca9
dc05e68cbaa65421a62bdae2d92ca510a658d87f7ada82bd81481214d8f1d67f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd72d3c7c8b7ab50347cdbbc88bf2b7976f73c091f647a15b66b055e9566614b
ddc558b378e80259b76862aa50dacf9182374a66418211c9870dcdff3f6cf387
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
dde67688a28aa1b5d4c0b25ad4e8123df01add0b6dd1ccac7c98e1c65c8a0709
e0a142521c963aa85dcb971035ff05ddff5cc56cbce2b56dac1ee5d43e219b24
e0a8acb414380f461d6702f380f64c72ff9ae8d68a1d89222cb504033567869a
e0df112ab3c2afb89895e654c8678a8302d0a833061f9d0bc412af6fc77ebc2c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e10a7643601b9ae48195f155cec4ab03854c5d2c11d6df55eba63a28055f91f9
e1c6e9e95c1b611e5213a25808ffc0c16b7872830e6fc2aef92fe751af18a248
e1f6f93d995771ca388da54dd27a57b33c7bae3f5cf489b4eb38b73ac64e7e04
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e338b0b79b03854702967c55919a317044f9d99466ae80cfea24ce755eb482ca
e37c205e491eb6ddb7cac766424efebf45f052f983117549cc204d026a01e68f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54923c81690dcda2126db64cccd7c49e2b43bf6a4fb1a4612c5a7f78012ad87
e567c23b372048e9986d3fe03b8496b5c8b1f4092fe84ff548539bb0d4212451
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6694208cd9da351fb0db83a9a78f8450ac817fe7f49f1aaf0363f4c38098112
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951
e75ef61d7f41b0ee9bc53811014fa06409661291349700a6d57d3bc1cf69c312
e7895114aa728b735f8f273d152a17cc554834eac54526dba5b8633213049933
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7e4b3d7efe78244f34fba52d30b8344520df9e430b1103c5768de912fb90148
e81cb9a20f10b69a3628a037de8a91d025dc3b1ffbae0d29afea5e2cc10d6644
e885da579684e0f5edd18d83f0dc5d249faa8f2b74b10c4b859409ec4d956cb4
e90c68eeb9f340c373b9831bcbc751894e09f773121af629881af1c98f65951f
e93f5b5f25752fba3d101f0b48884bcdf1b2c4d2771c617642f5253f17c58e07
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec2fd857bd50cf6ac06233a474655306a0fafbc1d7f6102d0bd52400f36f0d21
ee0bcd415200ddbcd72eed2a0d73378c164d74ff8c85c396bca00210aaf6c199
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef852aeb7f2795abec2dea2a79492ad843579c0ff531d68c47d6ec5ab58cd19b
efd556b4480cce52ec0164c1171df9fd7bba0a1bd08d41d2f2c53dd65fc38ca6
f09d1406692657e3a2651e0f7f46fac3f3d3ecdb7f5061d2edbaed1600db0622
f0e3fba3d9af9592260ccaaa757fc83019a38ebc1a2648382ddcdad6880921b1
f168ef9bdd8418038ab23c299f7827b462d1dca9a63e8dff586e63a305608a20
f1f7b44bca6fa1be603ce2616c3a100f43ad9c5bbb2527a645326065b43c3dfa
f282abe4ca6b9f4326859008e162ea0f9ed268872de724a14f5135a2fe8ad6b8
f28f410c7a2df9fc3b0ce33b819bcc7ee59537e85ce9c3ece2c78f9fe19c7a2c
f2b56a0633deb0afff95a7242062134c704d6782a10f2345be43fb3fe65a3ab2
f37dfeeefda3f99d6663c824de1584be0b34e27f999a6f9b72e4409635ce41bc
f413f76885dc0997d51df48269f92427ce8b98ba17d47816027d944aa1e6ecc7
f47e06777dd204f0ed53289bd2d16935dc9b16825f835ba37a52f6e4bbf1f4cf
f4ecff17da0c2dba7a9dbb44194633791f97ca6c5aececd277191d4798f2877d
f4fd771eec52660fba576989381168a5537a7a70ef63390902f0b3be1bb98b38
f52e9002abc398d96cb4903116e78cbb295184cdc9749851ac7f1923e8e9c0a2
f5568372f539f814a9c247e2331531406a7b3df2515863deebf383ab8f5aa9f3
f5ca8fb42b36eae3e8cc3c1773b8b1a0d81a3190b132889b2b6393e5f1770de1
f5ec567cf8be00ed763cfe83ec5d8729a3287e4139897df9644fd261c6ca1bed
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7db615fa861c49ffd2bfbee29f3f352c0ebb4cf7194b02cf0ed1ca9bebcad42
fa33a91f3d8f5d44090b4ea55057a033e51aba7a1ff8768e9155d00633e894f2
fb5498d21f05b86228749f53929d60ab329754c9a3566b926723a78ea9fdf570
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371
fe569d4719ebc67d1722edb851df1cf3a18429ef5e4ef436722a69fcf5882333
fe87433fa1130af12f23ff8ecc0fc3dd20d3d3f82bacbaca450b708467965cda
ffcf8ff348caa8dbbb2f24d2d9471a8f1b5a9b331a735bcf5b1de3fc0c8de8a2
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4
fff904c8a9728a12e497be2f9971c8e43c1c301578dadfa44ba0f926f681b7b6