urlscan.io logo urlscan.io
SecurityTrails logo

fortune.com Open in urlscan Pro
99.84.37.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/fRis76bQtN
Effective URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Submission: On September 19 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 11 countries across 110 domains to perform 365 HTTP transactions. The main IP is 99.84.37.96, located in United States and belongs to AMAZON-02, US. The main domain is fortune.com. The Cisco Umbrella rank of the primary domain is 6343.
TLS certificate: Issued by Amazon on January 17th 2022. Valid for: a year.
This is the only time fortune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.244.42.69 13414 (TWITTER)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 28 99.84.37.96 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
13 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.154.227.38 16509 (AMAZON-02)
1 104.112.11.4 16625 (AKAMAI-AS)
1 13.224.214.53 16509 (AMAZON-02)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 15.204.162.61 16276 (OVH)
2 13.224.214.65 16509 (AMAZON-02)
1 69.195.148.66 19969 (JOESDATAC...)
2 13.82.218.135 8075 (MICROSOFT...)
1 35.172.65.165 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 146.75.36.157 54113 (FASTLY)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.85.131.58 16509 (AMAZON-02)
1 3 18.164.96.18 16509 (AMAZON-02)
2 18.164.116.69 16509 (AMAZON-02)
2 104.18.23.230 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 23.64.60.212 16625 (AKAMAI-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
3 13.224.205.195 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.194.161.83 14618 (AMAZON-AES)
1 104.244.42.67 13414 (TWITTER)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.100.194 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
3 8 68.67.161.208 29990 (ASN-APPNEX)
6 34.107.254.252 15169 (GOOGLE)
12 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 184.29.193.239 16625 (AKAMAI-AS)
2 2a03:2880:f11... 32934 (FACEBOOK)
11 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 13.224.202.36 16509 (AMAZON-02)
2 2620:1ec:27::... 8075 (MICROSOFT...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 104.36.115.111 62713 (AS-PUBMATIC)
2 2602:803:c002... 26667 (RUBICONPR...)
1 9 104.18.19.126 13335 (CLOUDFLAR...)
2 17 209.54.182.161 16509 (AMAZON-02)
2 52.167.85.21 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
2 104.112.10.99 16625 (AKAMAI-AS)
8 173.223.72.70 16625 (AKAMAI-AS)
2 151.101.193.108 54113 (FASTLY)
1 104.126.73.161 16625 (AKAMAI-AS)
4 5 34.171.234.26 396982 (GOOGLE-CL...)
2 54.225.63.11 14618 (AMAZON-AES)
2 4 104.18.18.126 13335 (CLOUDFLAR...)
4 9 52.45.176.143 14618 (AMAZON-AES)
4 4 52.45.33.138 14618 (AMAZON-AES)
2 5 35.244.159.8 15169 (GOOGLE)
6 6 2606:ae80:147... 26762 (CNVR-US-EAST)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
5 8.28.7.81 62713 (AS-PUBMATIC)
3 3 68.67.160.26 29990 (ASN-APPNEX)
1 20 35.172.99.217 14618 (AMAZON-AES)
7 7 35.211.178.172 15169 (GOOGLE)
2 2 3.232.202.111 14618 (AMAZON-AES)
3 4 70.42.32.223 13789 (INTERNAP-...)
3 3 44.209.207.157 14618 (AMAZON-AES)
2 2 3.82.84.88 14618 (AMAZON-AES)
3 5 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 18.208.53.138 14618 (AMAZON-AES)
2 2 129.159.70.95 31898 (ORACLE-BM...)
1 2 169.197.150.7 398989 (DEEPINTENT)
4 4 64.202.112.63 23352 (SERVERCEN...)
2 3 23.208.216.233 16625 (AKAMAI-AS)
2 2 52.23.113.215 14618 (AMAZON-AES)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 1 199.187.193.181 47043 (SMARTADSE...)
3 3 74.121.140.14 30419 (MEDIAMATH...)
3 151.101.2.49 54113 (FASTLY)
17 21 142.250.64.98 15169 (GOOGLE)
12 12 3.33.220.150 16509 (AMAZON-02)
1 1 124.146.215.50 2514 (INFOSPHER...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2 23.50.66.244 16625 (AKAMAI-AS)
3 4 185.167.164.42 198622 (ADFORM)
5 5 18.215.210.133 14618 (AMAZON-AES)
10 104.36.115.109 62713 (AS-PUBMATIC)
2 19 8.28.7.83 62713 (AS-PUBMATIC)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
7 8.28.7.84 62713 (AS-PUBMATIC)
3 3 69.173.151.100 26667 (RUBICONPR...)
3 3 207.198.113.87 13768 (COGECO-PEER1)
2 3 3.223.247.87 14618 (AMAZON-AES)
3 4 107.178.246.49 15169 (GOOGLE)
2 3 72.44.36.54 14618 (AMAZON-AES)
6 23.221.200.79 16625 (AKAMAI-AS)
2 23.63.77.163 20940 (AKAMAI-ASN1)
9 23.200.168.23 16625 (AKAMAI-AS)
8 104.112.12.25 16625 (AKAMAI-AS)
5 104.81.240.21 16625 (AKAMAI-AS)
2 74.119.119.150 19750 (AS-CRITEO)
2 2 35.207.24.140 15169 (GOOGLE)
7 10 8.43.72.97 26667 (RUBICONPR...)
1 52.95.122.74 16509 (AMAZON-02)
2 23.63.77.202 20940 (AKAMAI-ASN1)
2 104.36.115.121 62713 (AS-PUBMATIC)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 173.231.178.85 32475 (SINGLEHOP...)
3 3 141.94.170.77 16276 (OVH)
2 2 34.229.3.43 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 8.28.7.109 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
1 18.165.98.81 16509 (AMAZON-02)
1 52.204.150.196 14618 (AMAZON-AES)
1 1 2620:116:800b... 14618 (AMAZON-AES)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 54.211.117.205 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 2 35.171.38.224 14618 (AMAZON-AES)
1 2 38.67.14.233 174 (COGENT-174)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.102.163.6 15169 (GOOGLE)
2 2 184.86.229.123 16625 (AKAMAI-AS)
1 1 172.104.64.149 63949 (LINODE-AP...)
1 5.161.47.120 213230 (HETZNER-C...)
1 1 2a04:4e42::300 54113 (FASTLY)
1 151.101.1.44 54113 (FASTLY)
1 195.5.165.20 44968 (IPROM-AS)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 74.222.140.158 35908 (VPLSNET)
1 1 159.65.196.12 14061 (DIGITALOC...)
365 104
2    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
28    99.84.37.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-96.ewr52.r.cloudfront.net
fortune.com
1    2607:f8b0:4006:80b::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a04:fa87:fffd::c000:4254 (Ireland)

ASN2635 (AUTOMATTIC, US)
content.fortune.com
3    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tinypass.com
buy.tinypass.com
id.tinypass.com
2    2606:4700:20::681a:d56 (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
1    18.154.227.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-38.iad55.r.cloudfront.net
consent.truste.com
1    104.112.11.4 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-11-4.deploy.static.akamaitechnologies.com
s.ntv.io
1    13.224.214.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-53.phl50.r.cloudfront.net
public.profitwell.com
1    2606:4700:e6::ac40:c60b (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    15.204.162.61 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns1015635.ip-15-204-162.us
api.queryly.com
2    13.224.214.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-65.phl50.r.cloudfront.net
consent.trustarc.com
1    69.195.148.66 (United States)

ASN19969 (JOESDATACENTER, US)
related.queryly.com
2    13.82.218.135 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
data.queryly.com
1    35.172.65.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-65-165.compute-1.amazonaws.com
jadserve.postrelease.com
6    2607:f8b0:4006:820::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    52.85.131.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-131-58.iad50.r.cloudfront.net
cdn.parsely.com
3    18.164.96.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-18.jfk50.r.cloudfront.net
sb.scorecardresearch.com
2    18.164.116.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-69.jfk50.r.cloudfront.net
trustarc.mgr.consensu.org
2    104.18.23.230 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
1    2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
7    23.64.60.212 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-60-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2607:f8b0:4006:822::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    13.224.205.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-195.phl50.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    104.18.100.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    2606:4700::6810:4fa5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
6    2607:f8b0:4006:81d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.prmutv.co
8    68.67.161.208 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
6    34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
12    2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
1    2607:f8b0:4006:806::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    184.29.193.239 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-193-239.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
11    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:823::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.224.202.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-202-36.phl50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    2620:1ec:27::cafe:1539 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2607:f8b0:4006:816::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2602:803:c002:200::115 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
dsum.casalemedia.com
17    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
i.clarity.ms
1    2607:f8b0:4006:80e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:807::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2607:f8b0:4006:809::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    104.112.10.99 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-10-99.deploy.static.akamaitechnologies.com
js-sec.indexww.com
8    173.223.72.70 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-72-70.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.126.73.161 (Chicago, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-73-161.deploy.static.akamaitechnologies.com
www.aaxdetect.com
5    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
2    54.225.63.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-63-11.compute-1.amazonaws.com
rtb.gumgum.com
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
9    52.45.176.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-176-143.compute-1.amazonaws.com
match.sharethrough.com
4    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
6    2606:ae80:1471:12::410 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
5    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    68.67.160.26 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
20    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
7    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    3.232.202.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-202-111.compute-1.amazonaws.com
t.pswec.com
4    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    44.209.207.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-207-157.compute-1.amazonaws.com
cs.emxdgt.com
2    3.82.84.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-84-88.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    2600:1f18:4e9:5a05:bd6e:9687:3c8c:35dc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    18.208.53.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-53-138.compute-1.amazonaws.com
sync.ipredictive.com
2    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    64.202.112.63 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    23.208.216.233 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-233.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
2    52.23.113.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-113-215.compute-1.amazonaws.com
ad.360yield.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
3    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
21    142.250.64.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net
cm.g.doubleclick.net
12    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    23.50.66.244 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-66-244.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    185.167.164.42 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    18.215.210.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-210-133.compute-1.amazonaws.com
match.prod.bidr.io
10    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
19    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
7    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    3.223.247.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-247-87.compute-1.amazonaws.com
sync.crwdcntrl.net
4    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
3    72.44.36.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-36-54.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
6    23.221.200.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-79.deploy.static.akamaitechnologies.com
hblg.media.net
2    23.63.77.163 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-63-77-163.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
9    23.200.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
8    104.112.12.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-12-25.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
5    104.81.240.21 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-240-21.deploy.static.akamaitechnologies.com
hbx.media.net
cs.media.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
10    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    23.63.77.202 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-63-77-202.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
2    104.36.115.121 (United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
2    2607:f8b0:4006:80f::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    173.231.178.85 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
3    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loada.exelator.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    8.28.7.109 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    18.165.98.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-81.iad55.r.cloudfront.net
aa.agkn.com
1    52.204.150.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-150-196.compute-1.amazonaws.com
rtb.adentifi.com
1    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    54.211.117.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-117-205.compute-1.amazonaws.com
pm.w55c.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    35.171.38.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-38-224.compute-1.amazonaws.com
io.narrative.io
2    38.67.14.233 (Fernandina Beach, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    184.86.229.123 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-229-123.deploy.static.akamaitechnologies.com
px.owneriq.net
1    172.104.64.149 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1674-149.members.linode.com
gocm.c.appier.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    74.222.140.158 (United States)

ASN35908 (VPLSNET, US)
PTR: 74.222.140.158.CUSTOMER.VPLS.NET
match.bnmla.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
53 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 462
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
image6.pubmatic.com — Cisco Umbrella Rank: 648
image2.pubmatic.com — Cisco Umbrella Rank: 883
simage2.pubmatic.com — Cisco Umbrella Rank: 690
image4.pubmatic.com — Cisco Umbrella Rank: 835
t.pubmatic.com — Cisco Umbrella Rank: 3839
simage4.pubmatic.com — Cisco Umbrella Rank: 1191
aud.pubmatic.com — Cisco Umbrella Rank: 4381
247 KB
41 fortune.com
fortune.com — Cisco Umbrella Rank: 6343
content.fortune.com — Cisco Umbrella Rank: 58890
878 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
160 KB
28 media.net
hblg.media.net — Cisco Umbrella Rank: 1563
contextual.media.net — Cisco Umbrella Rank: 559
warp.media.net — Cisco Umbrella Rank: 2230
hbx.media.net — Cisco Umbrella Rank: 1441
lg3.media.net — Cisco Umbrella Rank: 3643
cs.media.net — Cisco Umbrella Rank: 1318
456 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 796
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
51 KB
23 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
65 KB
22 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1053
usersync.gumgum.com — Cisco Umbrella Rank: 2162
7 KB
15 tinypass.com
cdn.tinypass.com — Cisco Umbrella Rank: 5533
buy.tinypass.com — Cisco Umbrella Rank: 4532
id.tinypass.com — Cisco Umbrella Rank: 13031
559 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
r.casalemedia.com — Cisco Umbrella Rank: 849
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
9 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com — Cisco Umbrella Rank: 432
44 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
6 KB
11 googlesyndication.com
2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
42 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
98 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
4 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
4 KB
7 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 2981
l3.aaxads.com — Cisco Umbrella Rank: 4197
123 KB
6 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4676
casale-match.dotomi.com — Cisco Umbrella Rank: 2448
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2956
2 KB
6 permutive.com
api.permutive.com — Cisco Umbrella Rank: 1902
2 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
www.linkedin.com — Cisco Umbrella Rank: 623
px4.ads.linkedin.com — Cisco Umbrella Rank: 6198
4 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
101 KB
6 queryly.com
www.queryly.com — Cisco Umbrella Rank: 10360
api.queryly.com — Cisco Umbrella Rank: 38810
related.queryly.com — Cisco Umbrella Rank: 80502
data.queryly.com — Cisco Umbrella Rank: 60595
15 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
2 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 650
us-u.openx.net — Cisco Umbrella Rank: 396
1 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
1 KB
4 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1527
res-a.akamaihd.net — Cisco Umbrella Rank: 6345
63 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
770 B
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
3 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 823
1 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 557
i.clarity.ms — Cisco Umbrella Rank: 5269
25 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3161
1 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1348
1 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 725
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 331
570 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
276 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
2 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 501
tags.bluekai.com — Cisco Umbrella Rank: 511
2 KB
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 985
744 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
1 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 8529
adservice.google.ca — Cisco Umbrella Rank: 13421
1 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 40
33 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
115 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
13 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
132 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 697
match.taboola.com — Cisco Umbrella Rank: 2758
656 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 973
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4415
965 B
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 3394
643 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4590
751 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1084
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3868
625 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23045
2 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1407
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
832 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 688
725 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 734
718 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 660
700 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 683
622 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 860
593 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1190
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 919
1019 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
876 B
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 3449
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
426 B
2 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 6595
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 492
465 B
2 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 5488 Failed
2 consensu.org
trustarc.mgr.consensu.org — Cisco Umbrella Rank: 46250
64 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2822
p1.parsely.com — Cisco Umbrella Rank: 2187
24 KB
2 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3160
57 KB
2 t.co
t.co — Cisco Umbrella Rank: 489
757 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2520
534 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 2657
900 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3386
347 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3623
463 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5718
282 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6007
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2373
395 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1896
290 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
332 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1333
674 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
540 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1186
35 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
659 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4108
392 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
838 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 873
302 B
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 5809
342 B
1 prmutv.co
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.prmutv.co — Cisco Umbrella Rank: 114365
223 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 538
354 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4225
4 KB
1 permutive.app
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app — Cisco Umbrella Rank: 102200
87 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 613
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 769
3 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1218
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 5750
3 KB
1 profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 5112
9 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3145
137 KB
1 truste.com
consent.truste.com — Cisco Umbrella Rank: 5505
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
91 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5004
273 B
0 1rx.io Failed
sync.1rx.io Failed
365 110
Domain Requested by
28 fortune.com 1 redirects t.co
fortune.com
buy.tinypass.com
cdnjs.cloudflare.com
21 cm.g.doubleclick.net 17 redirects rtb.gumgum.com
u.openx.net
fortune.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
ads.pubmatic.com
19 simage2.pubmatic.com 2 redirects ads.pubmatic.com
fortune.com
s.amazon-adsystem.com
rtb.gumgum.com
17 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
rtb.gumgum.com
u.openx.net
eus.rubiconproject.com
ssum-sec.casalemedia.com
match.sharethrough.com
fortune.com
ads.pubmatic.com
13 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
fortune.com
cdnjs.cloudflare.com
13 content.fortune.com fortune.com
buy.tinypass.com
cdnjs.cloudflare.com
12 match.adsrvr.org 12 redirects
11 cdnjs.cloudflare.com buy.tinypass.com
10 image2.pubmatic.com ads.pubmatic.com
fortune.com
9 contextual.media.net 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
hbx.media.net
contextual.media.net
fortune.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
8 eus.rubiconproject.com ads.pubmatic.com
s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
hbx.media.net
8 ib.adnxs.com 3 redirects e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
ads.pubmatic.com
acdn.adnxs.com
7 x.bidswitch.net 7 redirects
7 ads.pubmatic.com fortune.com
ads.pubmatic.com
s.amazon-adsystem.com
rtb.gumgum.com
c.aaxads.com
6 pixel.rubiconproject.com 3 redirects fortune.com
6 lg3.media.net 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
contextual.media.net
fortune.com
6 tpc.googlesyndication.com 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
6 hblg.media.net t.co
2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
fortune.com
6 c.aaxads.com t.co
fortune.com
c.aaxads.com
ads.pubmatic.com
6 api.permutive.com e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
t.co
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
t.co
5 simage4.pubmatic.com ads.pubmatic.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 match.prod.bidr.io 5 redirects
5 pr-bh.ybp.yahoo.com 3 redirects fortune.com
u.openx.net
5 image6.pubmatic.com ads.pubmatic.com
5 um.simpli.fi 4 redirects ads.pubmatic.com
4 cs.media.net contextual.media.net
4 token.rubiconproject.com 4 redirects
4 pixel.tapad.com 3 redirects s.amazon-adsystem.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 b1sync.zemanta.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 ups.analytics.yahoo.com 4 redirects
4 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
4 www.google.com fortune.com
2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
4 px.ads.linkedin.com 3 redirects fortune.com
3 pixel.onaudience.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 sync.crwdcntrl.net 2 redirects s.amazon-adsystem.com
3 pixel-sync.sitescout.com 3 redirects
3 pixel-us-east.rubiconproject.com 3 redirects
3 idsync.rlcdn.com 2 redirects fortune.com
3 sync-tm.everesttech.net rtb.gumgum.com
ads.pubmatic.com
u.openx.net
3 sync.mathtag.com 3 redirects
3 us-u.openx.net 1 redirects u.openx.net
3 cs.emxdgt.com 3 redirects
3 secure.adnxs.com 3 redirects
3 ad.turn.com 3 redirects
3 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com t.co
c.amazon-adsystem.com
3 www.googletagservices.com fortune.com
2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
3 sb.scorecardresearch.com 1 redirects t.co
fortune.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
fortune.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 px.owneriq.net 2 redirects
2 pmp.mxptint.net 1 redirects s.amazon-adsystem.com
2 io.narrative.io 1 redirects s.amazon-adsystem.com
2 pm.w55c.net 2 redirects
2 pool.admedo.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects fortune.com
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 cm.adgrx.com 2 redirects
2 pagead2.googlesyndication.com www.googletagservices.com
2 t.pubmatic.com ads.pubmatic.com
2 res-a.akamaihd.net contextual.media.net
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com hbx.media.net
ads.pubmatic.com
2 warp.media.net 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
2 qsearch-a.akamaihd.net t.co
2 casale-match.dotomi.com 2 redirects
2 image4.pubmatic.com fortune.com
2 pippio.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 stags.bluekai.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 t.pswec.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 rtb.gumgum.com s.amazon-adsystem.com
fortune.com
2 acdn.adnxs.com ads.pubmatic.com
2 js-sec.indexww.com ads.pubmatic.com
2 i.clarity.ms www.clarity.ms
2 htlb.casalemedia.com ads.pubmatic.com
2 fastlane.rubiconproject.com ads.pubmatic.com
2 hbopenbid.pubmatic.com ads.pubmatic.com
2 www.google.ca fortune.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 stats.g.doubleclick.net www.google-analytics.com
2 fonts.googleapis.com buy.tinypass.com
cdnjs.cloudflare.com
2 www.facebook.com fortune.com
2 www.lightboxcdn.com t.co
fortune.com
2 p.adsymptotic.com 1 redirects fortune.com
2 www.dianomi.com fortune.com
2 trustarc.mgr.consensu.org t.co
consent.truste.com
2 data.queryly.com fortune.com
2 consent.trustarc.com consent.truste.com
trustarc.mgr.consensu.org
2 www.queryly.com fortune.com
2 t.co fortune.com
1 match.adsby.bidtheatre.com 1 redirects
1 match.bnmla.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ads.playground.xyz 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 rtb.adentifi.com fortune.com
1 aa.agkn.com fortune.com
1 aud.pubmatic.com fortune.com
1 tags.bluekai.com fortune.com
1 aax-eu.amazon-adsystem.com fortune.com
1 hbx.media.net c.aaxads.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 tags.rd.linksynergy.com 1 redirects
1 tg.socdm.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 l3.aaxads.com fortune.com
1 www.aaxdetect.com fortune.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 ajax.googleapis.com t.co
1 e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.prmutv.co e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 analytics.twitter.com fortune.com
1 p1.parsely.com fortune.com
1 c2.piano.io cdn.tinypass.com
1 e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app fortune.com
1 cdn.parsely.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 jadserve.postrelease.com s.ntv.io
1 related.queryly.com www.queryly.com
1 id.tinypass.com cdn.tinypass.com
1 api.queryly.com www.queryly.com
1 www.npttech.com t.co
1 public.profitwell.com t.co
1 s.ntv.io t.co
1 consent.truste.com www.googletagmanager.com
1 cdn.tinypass.com fortune.com
1 www.googletagmanager.com fortune.com
1 bit.ly 1 redirects
0 sync.1rx.io Failed rtb.gumgum.com
ads.pubmatic.com
365 164
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
fortune.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
content-develop.fortune.com
R3		 2022-08-13 -
2022-11-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-12		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.profitwell.com
Amazon		 2022-07-03 -
2023-08-01		 a year crt.sh
www.queryly.com
Go Daddy Secure Certificate Authority - G2		 2022-04-03 -
2023-05-05		 a year crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-29 -
2022-09-27		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
trustarc.mgr.consensu.org
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2022-05-03 -
2023-05-03		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
ssl1029400.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2022-06-01 -
2022-12-08		 6 months crt.sh
*.prmutv.co
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
api.permutive.com
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.gumgum.com
Amazon		 2022-09-14 -
2023-10-11		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
truffle.bid
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 72 frames:

Primary Page: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Frame ID: 13F7268FFEF42385D802458C195A7575
Requests: 127 HTTP requests in this frame

Frame: https://trustarc.mgr.consensu.org/asset/cmpcookie.v2.html
Frame ID: FD9AA0AA0655175BE26B55F4D4C3901A
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=4953
Frame ID: 2037EE9283190F606AA508E414E522CF
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=4953
Frame ID: 321DD72C336A68C9ABF11BB5381AA462
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Frame ID: 43C63483F33EFE3DA39F63BBF7C8F099
Requests: 35 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&dcc=t
Frame ID: 20011768C403234DFB1E2357C8F661DD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5043530FB88CA526AA820569EF0A53D1
Requests: 1 HTTP requests in this frame

Frame: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D11AB06898D28BE7D76D08F04CBA63E4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 48BCD98D5B48241B063A13331AC62E1C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Frame ID: E3C168F2BB009E52929C3EABCD3CF97E
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9453AD39E089BCD5ED4148E7DB64355E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Frame ID: AC4BD9BE3F8A4EDF50BB452E7C4F6F8E
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 10197D233962F6F94B3C6E193A0A623B
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D8CA67F2D2F8E966D9ED350E831D6F13
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 835E56F2E683270A5F86B93E7AE07045
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 9B17DA0B51C5512ABCD5C8878685A9E9
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: F98984B72758518F909687A88CA709D8
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Frame ID: 15B4D941358EE62FD2FC91F7F3E2191B
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: B3B92D144D7064C9A1C73451965A4129
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 2D96F02AB15B2E0637BDE77F2227DFAD
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: C21D0B745096C66011A724E9AFF86A3E
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS12amQ5TVVCRTJ1SWJCZkJRSld5eFA1NHV5ZHVRY0g2SX5B&gdpr=0&gdpr_consent=
Frame ID: 0E99907A7455CA7E881AB5D2E4A84B26
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: C903535A52C5CC8C9D3B5F4725AF1659
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJN7x6F5-LjAMqD5cjAAAAAAA&expiration=1663698978&is_secure=true&gdpr=0
Frame ID: AD1EE9CD7FFCC265A4F51A97120F10DD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6120805245256493692&ex=appnexus.com&gdpr=0
Frame ID: B064ED8A120EE26842376FEB16FD28B1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3200019522267894042
Frame ID: 935F33A146A82AA884615E18C94E3089
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAXT2MIP9&fv=1&fy=37&ke=1&suylg=271%2C272%2C295%2C203%2C175%2C159%2C79%2C108%2C356%2C97%2C310%2C201%2C3007%2C368%2C29%2C291%2C241%2C267%2C141%2C265%2C229%2C209%2C292%2C251%2C282&yvVbqf=1&uhiXuo=https%3A%2F%2Ft.co%2F&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 16CD1CD4636CD41AC1E0A46872C491F6
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=958e6328-b6a2-4500-9f16-c30e64ff363f&gdpr=0&gdpr_consent=
Frame ID: 299F97196DAAC543A443470EABA24DE1
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 4C387CC3FFE86F4826B3175063E51B63
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80OTU5NmU0Ny04OTc2LTQwMzctOTMwYS1lMTExNDI2NzQxMWI=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 8B1C158808E33F693C2E0422EFDDFDFC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7A3E500D87C38D53FFCD70FCBE1D5CD5
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Frame ID: 982DA0B4F318F21474B5EAA4C3733FDE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=6120805245256493692brt53591663612578109748b7
Frame ID: 3B33C33CA60CEE8CE37EF4891EA7D594
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Yyi2osCo8XoAAIjLQqYAAAAA
Frame ID: 734B79D2B5BADBDB062717C547B3A117
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Yyi2oRn-d19SCE-bk5iq7gAA%26475
Frame ID: 0CEA1605F8BF9D1C34CC5AC58974CC50
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=GKxsg7NdO6Ulj0UQfSvt&pi=gumgum&tc=1
Frame ID: 44BA7838CF91FE992E6179BD5004CF37
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 9C1E30B4D10907F0CF7AADAE785C3E28
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Frame ID: 60BF8A11E9B6E39D728E6782698CFD3C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: AFDF6AE2B6A6269A7D40AF0487418AB6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAQU7GUW0AAA6vShhBhQ
Frame ID: 68E4CEE5FDE4CD4020DDA0670781AAE1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5a0a6328-b6a2-4400-8bd0-562584635c9b&gdpr=0&gdpr_consent=
Frame ID: FCF6C68D017DF22F3407ADDBAABCF931
Requests: 1 HTTP requests in this frame

Frame: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 02F83098DCF9FC88D7F42E791EF60249
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dpb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3DPM_UID
Frame ID: E2D3EF436E317659775B2DB684650F20
Requests: 5 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXT2MIP9&cmode=1&cv=35&prvid=29,97,109,175,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1
Frame ID: 8282079F89A181152ED3E4698733618E
Requests: 4 HTTP requests in this frame

Frame: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 08510E0AC84B27988408E176F729180D
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 22A22AA293DE7C85A5F2610A6846EE08
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=824385419&size=970x250&cc=CA&chnm=HARMONY&pid=8PO1RKFI1&tpid=TD14426&https=1&vif=2&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&nse=5&vi=1663612578256011760&ugd=4&adt1=8CU1PUZJN&adt2=117812387&bae=B44/4B/Bxx&bcpf=B44%2F8fOnRrolnfOur84B%2FBxx&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808128967&kapc=10&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjv9%7C%7C77OvW&kata=aton&ekalog=%3DVvfWfX%7C%7CPPVrvwW%20rklBZQ1k7_lire%7C%7C_TVrvF%7C%7Cc0_rvFH9%7C%7CbVrvW%7C%7CcVvfWf9%7C%7CbVvfWf9%7C%7C_0_rvhhWWAff9FHihfWH%7C%7CqVrvH&pgid=p1483169743t202209191836&goent=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=QC&tcf_cmp=1
Frame ID: E64EFCBB42DDD8E76EFCDB1B1CFA4326
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1PUZJN&prvid=99%2C77%2C20000%2C2033%2C293%2C294%2C241%2C132%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C307%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: BA2A1F24C5B50642A3AC22505CADF3B4
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=821747664&size=300x250&cc=CA&chnm=HARMONY&pid=8PO7E3CC0&tpid=TD14426&https=1&vif=2&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&nse=5&vi=1663612578521477274&ugd=4&adt1=8CU1PUZJN&adt2=117812387&bae=B44/4B/Bxq&bcpf=B44%2F4B%2F8fOnRrolnfOur8Bxq&bdrId=319&ntv=0&matchstring=bcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808128967&kapc=5&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjv9%7C%7C77OvW&kata=aton&ekalog=PPVrvwW%20%3D5GF_9Ih_06Lmh%7C%7CbVvfWf9%7C%7C_0_rvhhiuHuHAXhWFhXF%7C%7CbVrvW%7C%7CqVrvX%7C%7C%3DVvfWfX%7C%7C_TVrvF%7C%7Cc0_rvFH9%7C%7CcVvfWf9&pgid=p1483169743t202209191836&goent=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=QC&tcf_cmp=1
Frame ID: 911A8DCA970CA94026A35111B758BA6F
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1PUZJN&prvid=99%2C77%2C20000%2C2033%2C293%2C294%2C241%2C132%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C307%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 0530AA7465A0EC7456435A9F83CD6050
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f4d611c6-3849-11ed-8789-f3ed13a1c250
Frame ID: CA3D19A4470076FCAB3385FADA681E06
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_70e1ce8e0ca3452f87ee3
Frame ID: 1FA71BD9CD0B39CE06BD75BFB2B5EA95
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F325FBDAD40962EEA0EB6FF755AE3389
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PH7o0YwTTxxV0DRxJPtyuZU4mbo
Frame ID: F0891BE8E6D07407903D1CABE05BABC9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K6Qj15lZ1OAlCZ5&gdpr=0&gdpr_consent=
Frame ID: 4D2FA7BFDE2DF24E51FDA0208C6CEE85
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: E676388A347D3708EC015525077682F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693982020361
Frame ID: 3B52D116E0DD442833D18047A69F9BBB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC4825E74-51C8-4BA3-85B8-BD302DBB49EC
Frame ID: F0A985567F5CE2C7F2C2EC1796EBAB26
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: FB25B7931F3A7A2CA2E1B5A0F49F8E89
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Frame ID: 68153C130976797CCA8625935EED68E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: E4659F730F1C2E7970CA102C8B1EF50E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=xEt6934aM
Frame ID: 8EF1209C546D20D0322877E24C2EC46A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168989811529430770
Frame ID: C62839DEBC6D589CC0CCE3D8EB874C3B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LAwq4uHZCv-C5jN2pbYoYw
Frame ID: 3745F746AF3086290C714E3E0A967979
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 304B526685B61816B4AD99910E85B5DD
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a9f94b7-a964-4c7a-87d8-44b2cb3f9e19-tucta223c25&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 3EA02DD50E429A74D038BD288AF872E9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 8ECB2BFF35E8544FC4713604D7230C75
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Frame ID: 7038AB540B21C50A9EEC854B6680566B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=025157ac-781b-4d21-8e49-bd20ff420fca
Frame ID: 7BCF9982E78A921E05F9A3ED31B840B4
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/epx
Frame ID: 57091F426984ECE8EB9E29C712C6DA7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
Frame ID: CB5934773B82C8E7B73FDAF023FA90DE
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxc.php?fv=1&yvlg=3066141781455402000V10&wbsh=pb&uhiXuo=&ylg=36125783473066141781455402000V10&ryvlg=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Frame ID: D7D24711CEF808F0D5092CC74D91D96E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber employees are being taunted with obscene images in a devastating hack | Fortune

Page URL History Show full URLs

  1. https://t.co/fRis76bQtN Page URL
  2. https://bit.ly/3BtdBb4 HTTP 301
    https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack HTTP 308
    https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • public\.profitwell\.com/js/profitwell\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

365
Requests

79 %
HTTPS

24 %
IPv6

110
Domains

164
Subdomains

104
IPs

11
Countries

3741 kB
Transfer

10409 kB
Size

210
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/fRis76bQtN Page URL
  2. https://bit.ly/3BtdBb4 HTTP 301
    https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack HTTP 308
    https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1545442&time=1663612576589&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1545442&time=1663612576589&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1545442%26time%3D1663612576589%26url%3Dhttps%253A%252F%252Ffortune.com%252F2022%252F09%252F16%252Fuber-employees-barraged-with-obscene-images-in-major-hack%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1545442&time=1663612576589&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1545442&time=1663612576589&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ9DeGaUwPuEwAAAYNXCWUiE37DY9Yr45M1yfIWQdGrppz29ux04wRFT27ZC-DDyg8SItgn5Q HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7ad6e964-207c-4e77-bacd-e58a402730b9 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7ad6e964-207c-4e77-bacd-e58a402730b9&_expected_cookie=ca4cd6dae0ec7b1a412f57fcef8e8cf2
Request Chain 79
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_it=b3&cv=3.8.0.210223&ns__t=1663612576546&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=47&cs_cmp_sv=2&cs_cmp_rt=193&c7=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&c8=Uber%20employees%20are%20being%20taunted%20with%20obscene%20images%20in%20a%20devastating%20hack%20%7C%20Fortune&c9=https%3A%2F%2Ft.co%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_it=b3&cv=3.8.0.210223&ns__t=1663612576546&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=47&cs_cmp_sv=2&cs_cmp_rt=193&c7=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&c8=Uber%20employees%20are%20being%20taunted%20with%20obscene%20images%20in%20a%20devastating%20hack%20%7C%20Fortune&c9=https%3A%2F%2Ft.co%2F
Request Chain 128
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&dcc=t
Request Chain 162
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8EC54A6829BD4C6ABB9350DA90352755&ex=simpli.fi&status=ok
Request Chain 164
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Request Chain 168
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS12amQ5TVVCRTJ1SWJCZkJRSld5eFA1NHV5ZHVRY0g2SX5B&gdpr=0&gdpr_consent=
Request Chain 169
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Request Chain 170
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=75a924ef5dd19e5&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJN7x6F5-LjAMqD5cjAAAAAAA&expiration=1663698978&is_secure=true&gdpr=0
Request Chain 171
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6120805245256493692&ex=appnexus.com&gdpr=0
Request Chain 172
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3200019522267894042
Request Chain 178
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6120805245256493692
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_49596e47-8976-4037-930a-e1114267411b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_49596e47-8976-4037-930a-e1114267411b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=5c70ac8d-6535-4480-85a0-b7bb33e50db8 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=5c70ac8d-6535-4480-85a0-b7bb33e50db8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=5687e45e-9c89-4d96-b019-2720ba000758&expires=3&user_group=1&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=5c70ac8d-6535-4480-85a0-b7bb33e50db8
Request Chain 180
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%281NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%281NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_49596e47-8976-4037-930a-e1114267411b&obuid=ENC(1NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cs.emxdgt.com/um?gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3D1NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=6120805245256493692brt53591663612578109748b7&obUid=1NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 181
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c60735f8-2189-0977-1ee1-76b1521432a9
Request Chain 182
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3c7ee8d1-8c13-4f1c-55d0-347124fb72b9$ip$149.56.153.186
Request Chain 183
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-6dHzvSlE2pcqQCGN8oRdX1DUhTsYebhryvJd~A
Request Chain 184
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=70108df5-f3d8-480d-bd9e-69c20d5aa43b
Request Chain 185
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=4CDA0D90037F47AA87AE71D2CF5693E0
Request Chain 187
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_49596e47-8976-4037-930a-e1114267411b&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=u8jv3sNaccSLnXoBtA94&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25JYNJ3DG42OMFRWGU2MNZMG6QTUIE4TI&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25JYNJ3DG42OMFRWGU2MNZMG6QTUIE4TI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=u8jv3sNaccSLnXoBtA94
Request Chain 188
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=cfb88db2-f1af-4aec-a059-746209a21a29
Request Chain 190
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=hTGmWjn9Fd5u&ev=1&pid=558355
Request Chain 191
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7318505572738817141
Request Chain 193
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=958e6328-b6a2-4500-9f16-c30e64ff363f&gdpr=0&gdpr_consent=
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80OTU5NmU0Ny04OTc2LTQwMzctOTMwYS1lMTExNDI2NzQxMWI=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80OTU5NmU0Ny04OTc2LTQwMzctOTMwYS1lMTExNDI2NzQxMWI=&gdpr=0&gdpr_consent=&google_tc=
Request Chain 197
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Request Chain 198
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6120805245256493692&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=6120805245256493692brt53591663612578109748b7
Request Chain 199
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Yyi2osCo8XoAAIjLQqYAAAAA
Request Chain 200
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Yyi2oRn-d19SCE-bk5iq7gAA%26475
Request Chain 201
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=GKxsg7NdO6Ulj0UQfSvt&pi=gumgum&tc=1
Request Chain 202
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 205
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Request Chain 207
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDQVFVN0dVVzBBQUE2dlNoaEJoUQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACAQU7GUW0AAA6vShhBhQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACAQU7GUW0AAA6vShhBhQ&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AACAQU7GUW0AAA6vShhBhQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAQU7GUW0AAA6vShhBhQ
Request Chain 208
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5a0a6328-b6a2-4400-8bd0-562584635c9b&gdpr=0&gdpr_consent=
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xIJedFHIS6OFuL0wLbtJ7A%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xIJedFHIS6OFuL0wLbtJ7A%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 210
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEM0ODI1RTc0LTUxQzgtNEJBMy04NUI4LUJEMzAyREJCNDlFQxAAGg0Iou2imQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a0c245c7e837d9273a8e5dbef1e9e3b3da6b763f14ce1404961f8383261d51b2791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhMGMyNDVjN2U4MzdkOTI3M2E4ZTVkYmVmMWU5ZTNiM2RhNmI3NjNmMTRjZTE0MDQ5NjFmODM4MzI2MWQ1MWIyNzkxNDI2YjU0MTdkY2UyMRAAGgwIou2imQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhMGMyNDVjN2U4MzdkOTI3M2E4ZTVkYmVmMWU5ZTNiM2RhNmI3NjNmMTRjZTE0MDQ5NjFmODM4MzI2MWQ1MWIyNzkxNDI2YjU0MTdkY2UyMRAAGgwIou2imQYSBAgCEABCAEoA&google_gid=CAESEDgX_Q6POy7-HT5DRG7UBgY&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=cdfdb74a-fcb7-4739-a9b5-da4d08df0aee
Request Chain 211
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=eddb6328-b6a2-4500-9514-4b380244cff4
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQ4MjVFNzQtNTFDOC00QkEzLTg1QjgtQkQzMDJEQkI0OUVD&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQ4MjVFNzQtNTFDOC00QkEzLTg1QjgtQkQzMDJEQkI0OUVD&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKB6DIZHGVO-UiRM7eu_KkQ&google_cver=1
Request Chain 214
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
Request Chain 215
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3200019522267894042&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 216
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Request Chain 218
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rGXpQl5E2uUAiQqn3_3H44Nqs5SuQsA-~A&gdpr=0&gdpr_consent=
Request Chain 222
  • https://match.adsrvr.org/track/cmf/openx?oxid=313a9188-099c-3121-799a-665c9a4433ef&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=313a9188-099c-3121-799a-665c9a4433ef&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=53df53d6-41a0-4e70-b2c8-112deb2da6d0&ttd_puid=313a9188-099c-3121-799a-665c9a4433ef&gdpr=0&gdpr_consent=
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWQ1NTQyNDItYzBlYi02Zjg1LTZjN2EtM2NlNTUwYTZmZDhm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWQ1NTQyNDItYzBlYi02Zjg1LTZjN2EtM2NlNTUwYTZmZDhm&google_tc=
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI_o5YWwjsg9BtTblc24Npw&google_cver=1
Request Chain 227
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=L893Z44B-D-24LO HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L893Z44B-D-24LO&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 228
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yyi2oRn-d19SCE-bk5iq7gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDcvLAPrR7RdYKdjACaLWcA&google_cver=1
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yyi2oRn_d19SCE_bk5iq7gAAAdsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDDOxZfpWd4hnKztYbfC0Lg&google_cver=1
Request Chain 230
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&expiration=1666204578&gdpr=0&gdpr_consent=
Request Chain 232
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=
Request Chain 233
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4242432423704910180&expiration=1664822178
Request Chain 234
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a40f9cb1-bdee-45d9-9624-fd5057013345&expiration=1695148578
Request Chain 235
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=103e82932f519e5&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAJN7x6F5-LmgNc1iLSAAAAAAA&expiration=1663698978&is_secure=true
Request Chain 238
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&gdpr=0&gdpr_consent=
Request Chain 239
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L893Z44B-D-24LO
Request Chain 240
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6120805245256493692
Request Chain 241
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L893Z44B-D-24LO
Request Chain 255
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dzem%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=u8jv3sNaccSLnXoBtA94&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YZOMFQXQYLEOMXGG33NF5QWCY3YMMXHA2DQH5SXQY3IMFXGOZJ5NVSWI2LBNZSXIJTGOY6TCJTSPF3GYZZ5OU4GU5RTONHGCY3DKNGG4WDPIJ2ECOJUEZ2WQ2KYOVXT2JTXMJZWQPL2MVWSM6LMM46TGNRRGI2TOOBTGQ3TGMBWGYYTIMJXHAYTINJVGQYDEMBQGBLDCMBGPF3GYZZ5GMYDMNRRGQYTOOBRGQ2TKNBQGIYDAMCWGEYA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6YZOMFQXQYLEOMXGG33NF5QWCY3YMMXHA2DQH5SXQY3IMFXGOZJ5NVSWI2LBNZSXIJTGOY6TCJTSPF3GYZZ5OU4GU5RTONHGCY3DKNGG4WDPIJ2ECOJUEZ2WQ2KYOVXT2JTXMJZWQPL2MVWSM6LMM46TGNRRGI2TOOBTGQ3TGMBWGYYTIMJXHAYTINJVGQYDEMBQGBLDCMBGPF3GYZZ5GMYDMNRRGQYTOOBRGQ2TKNBQGIYDAMCWGEYA HTTP 302
  • https://c.aaxads.com/aacxc.php?fv=1&ryvlg=u8jv3sNaccSLnXoBtA94&uhiXuo=&wbsh=zem&ylg=36125783473066141781455402000V10&yvlg=3066141781455402000V10
Request Chain 256
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Damb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3D%23USER_ID%23 HTTP 302
  • https://c.aaxads.com/aacxc.php?fv=1&yvlg=3066141781455402000V10&wbsh=amb&uhiXuo=&ylg=36125783473066141781455402000V10&ryvlg=3200019522267894042
Request Chain 268
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 269
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119320&expires=5&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 271
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066141781455471000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066141781455471000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=168d7390-53b8-4b8f-8a54-c15741216a94&cs=1
Request Chain 279
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yfofZS4jvWMk-W1Ki66WRw?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6497680077557677032
Request Chain 280
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tizEef54SBWCzg1tq6UtRw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tizEef54SBWCzg1tq6UtRw
Request Chain 281
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmUxMjJjMDQ4Y2Q0MmFmMDkyMjBhMmMxZTRlYTIxY2IzMTUyZWU0YQ&us_privacy=1---
Request Chain 282
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5M1o0NEItRC0yNExP&us_privacy=1---
Request Chain 283
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L893Z44B-D-24LO&us_privacy=1---
Request Chain 284
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=53df53d6-41a0-4e70-b2c8-112deb2da6d0&gdpr=0&gdpr_consent=&expires=30
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOr_iXyBirYRYZnoN78lots&google_cver=1
Request Chain 291
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=L893Z44B-D-24LO HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L893Z44B-D-24LO&us_privacy=1---
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA2NjE0MTc4MTQ1NTQ3MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPqDFrs56HO8V_oUHPw7jHM&google_cver=1
Request Chain 293
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA2NjE0MTc4MTQ1NTQ3MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPqDFrs56HO8V_oUHPw7jHM&google_cver=1
Request Chain 295
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Request Chain 304
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=L893Z44B-D-24LO HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L893Z44B-D-24LO&us_privacy=1---
Request Chain 324
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f4d611c6-3849-11ed-8789-f3ed13a1c250
Request Chain 325
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_70e1ce8e0ca3452f87ee3
Request Chain 327
  • https://pixel.onaudience.com/?partner=214&mapped=C4825E74-51C8-4BA3-85B8-BD302DBB49EC HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b2e93faa22e60bf978765a4a1f611986&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=36d0f8f31289da6e
Request Chain 328
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&addseg=10,33,39
Request Chain 329
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 331
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=70108df5-f3d8-480d-bd9e-69c20d5aa43b&gdpr=0&gdpr_consent=
Request Chain 332
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6120805245256493692&gdpr=0&gdpr_consent=
Request Chain 333
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2f28942d45115e6&is_secure=true&networkId=17100&version=1&nuid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJN7x6F5-MKwNH6d-7AAAAAAA&expiration=1663698981&nuid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 334
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=
Request Chain 336
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pXrAafF_k2S-ecdh9nDfaPctwzS-eMNi93Eh4F8G
Request Chain 337
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5c70ac8d-6535-4480-85a0-b7bb33e50db8 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5c70ac8d-6535-4480-85a0-b7bb33e50db8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d8757838-8394-463a-a318-ee6073e743e0&user_group=1&ssp=pubmatic&bsw_param=5c70ac8d-6535-4480-85a0-b7bb33e50db8 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 339
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PH7o0YwTTxxV0DRxJPtyuZU4mbo
Request Chain 340
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K6Qj15lZ1OAlCZ5&gdpr=0&gdpr_consent=
Request Chain 342
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693982020361
Request Chain 344
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C4825E74-51C8-4BA3-85B8-BD302DBB49EC HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=f4e415f0-3849-11ed-b714-0a73341a89eb&companyId=673&id=pubmatic_id:C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Request Chain 346
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C4825E74-51C8-4BA3-85B8-BD302DBB49EC HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ee7cb541-db7f-4b25-9c12-fe2c9e627cc5%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&ttd_puid=ee7cb541-db7f-4b25-9c12-fe2c9e627cc5%2C
Request Chain 347
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F67767CC_58033CE0&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 348
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4242432423704910180
Request Chain 351
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 352
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=a40f9cb1-bdee-45d9-9624-fd5057013345&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Request Chain 353
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 354
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=xEt6934aM
Request Chain 355
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7168989811529430770&uid=Q7168989811529430770&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168989811529430770
Request Chain 356
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LAwq4uHZCv-C5jN2pbYoYw
Request Chain 358
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a9f94b7-a964-4c7a-87d8-44b2cb3f9e19-tucta223c25&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 361
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6120805245256493692
Request Chain 363
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=025157ac-781b-4d21-8e49-bd20ff420fca
Request Chain 364
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://um.simpli.fi/epx
Request Chain 365
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
Request Chain 367
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ce2e0897-061f-4734-bb89-f7dc6a679ebe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

365 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
fRis76bQtN
t.co/ 		221 B
617 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
174
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 18:36:15 GMT
expires
Mon, 19 Sep 2022 18:41:15 GMT
server
tsa_b
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
f26746de6afd0339f4bc8091cead40a5f82ce584d951f1c78d88bb0cb0b52659
x-response-time
17
x-xss-protection
0
Primary Request /
fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Redirect Chain
  • https://bit.ly/3BtdBb4
  • https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack
  • https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
126 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx / Next.js
Resource Hash
aa68ee153909eb591887fa77b3bc6a1bc3708659520b7234b5ed49dd72288c34

Request headers

Referer
https://t.co/fRis76bQtN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
s-maxage=60, stale-while-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 18:36:15 GMT
etag
"1f9a5-DbukcqJ6/lyf3AxsMLwBWfg+idA"
server
nginx
vary
Accept-Encoding
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
x-amz-cf-id
8UZNOqW_ACZELaZJMWj5fWUvO7vBTQStdVCgOOjiU35rp_U3m3Pe1Q==
x-amz-cf-pop
EWR52-C4
x-cache
RefreshHit from cloudfront
x-nextjs-cache
HIT
x-powered-by
Next.js

Redirect headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 18:36:15 GMT
location
/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
refresh
0;url=/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
server
nginx
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
x-amz-cf-id
4QRh2PnVpYwebhakxahstfbP0ZWRp7U3Wc0BKO9a9Tgx1D7V17pyCQ==
x-amz-cf-pop
EWR52-C4
x-cache
Miss from cloudfront
gtm.js
www.googletagmanager.com/ 		291 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecd89ae666c6ea64de012d87c323fcbbf627b385bc8983081344e68ce317caa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93088
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 18:36:15 GMT
GettyImages-1237230867-e1663336891586.jpg
content.fortune.com/wp-content/uploads/2022/09/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2022/09/GettyImages-1237230867-e1663336891586.jpg?w=1440&q=75
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
19814c27aa6055c713b1c2a7c674a9524073d23a4e03e02172bedc7024e3b09d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
x-rq
yyz1 91 52 443
last-modified
Fri, 16 Sep 2022 20:27:36 GMT
server
nginx
etag
"b3294236ceeacb60"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
72144
expires
Sat, 16 Sep 2023 20:27:36 GMT
ff69c1969b549c73.css
fortune.com/_next/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/css/ff69c1969b549c73.css
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
775aef69b6bb7fa9dba3a3f5ed6548900a31da3c109d849e14cc093bb468d746

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:02 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
age
1633
etag
W/"113d-18347228078"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
x-amz-cf-id
9mojLxrSAO0ZqnK5C6Rj6BySYSYHQSAwGkp4RH6QwH9glTIzvVI9PA==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
webpack-a146a8ef8f1e9d05.js
fortune.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/webpack-a146a8ef8f1e9d05.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
4cf912f1bb6819adddb92b9e5b94a6233403536fde45518be1f52f5bc88a7d84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"6d2-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
0QZdYdzHOe-DoVF8C3_BYwB7Q8arf19SQxzEqBCnsRFMb5QGfPXiLg==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
framework-a070cbfff3c750c5.js
fortune.com/_next/static/chunks/ 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/framework-a070cbfff3c750c5.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
33dc89018fe5aed90ddd9f9615cba7412569abfad7d4995d81001e532aac79c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"1fbbc-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
ZRmzDiF8MFCZpKke4IQVEWwjE69TRuRRg8NUgW6xlniyTytMXawpGQ==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
main-4235c068eda7902d.js
fortune.com/_next/static/chunks/ 		105 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/main-4235c068eda7902d.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
23cf7f62902700ebff3965cbefe3035381d586fa4beaeb7f2aa0bae3d354b9aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"1a50e-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
ctv5Ae_R1f2od0MyxVllEXoiQHkAWKRbTysAky3biwBEJCkMFYYqvA==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
_app-c9fd87c419f30ebf.js
fortune.com/_next/static/chunks/pages/ 		692 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/pages/_app-c9fd87c419f30ebf.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
c49ca01860d0fcc492e428a57fbf7bac0291a55aec86b5a5fec5978b1c0901c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"acfd0-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
L3cOYxE0_kcQNKiY0TgV_7gdX98uqgfBF_1DCaLIkEceXtfCYvsyaA==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
7484-62c5300b1f9f2d13.js
fortune.com/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/7484-62c5300b1f9f2d13.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
20f64ff0bdb20e6bb025cf37af30d536c308d6c892b393893b648a080c7d38ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"2a78-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
BHsI0mSJfM2u_jENp_5PNCe46j1BAYbF1kaQ7G4NPOUzxqFFAWLUFw==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
2469-a216faf1d48ae4b6.js
fortune.com/_next/static/chunks/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/2469-a216faf1d48ae4b6.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
3c1af09c262dcc1d83009c0c9ce51128332fe38f788f270f146f17fed539e214

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"59d0-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
NP453yI1aB6JpiJeMSLjT7i9JcEuHwTkE3sQAWMPEpSWsKVbcldA4g==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
2664-2ea9e5f32f3c6b33.js
fortune.com/_next/static/chunks/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/2664-2ea9e5f32f3c6b33.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
f177e51c1913c9ec63bcfaf44654efe56b6082d7c7c7d3c937d3a088ff0f446e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"3dac-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
7UzUEJFGB13xUSSkzTPrxDJj425Rk8jEu9I-F3a-AYFIQyO8mk7W2w==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
2584-1772f6163fff4f88.js
fortune.com/_next/static/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/2584-1772f6163fff4f88.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
eb503b1c37f0c282f17296944170a8e4daff78e61b2456b59b11c807d98b18e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"3fe3-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
yN3Uyhbzt_hM-Ge3F588aP-aa9ugG4HP9rfsMtOSDpMrgls2-Z7AQw==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
%5Bslug%5D-ef70984d40d2ca53.js
fortune.com/_next/static/chunks/pages/%5Bparam%5D/%5Bmonth%5D/%5Bday%5D/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/chunks/pages/%5Bparam%5D/%5Bmonth%5D/%5Bday%5D/%5Bslug%5D-ef70984d40d2ca53.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
567b177abe46ff2626cc8e6f35914adfdca6e52da1c8acc13c52f2f3f5774eff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"91d-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
7kFl960wke49NclZKEvXvdnTAV8c2MhffnDBsNL3VSzCVCzUYEEycA==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
_buildManifest.js
fortune.com/_next/static/HGJsLE3n0WQlYfyVYXDGo/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/HGJsLE3n0WQlYfyVYXDGo/_buildManifest.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
20be244c4edf6909ee139b41ce99dc2a9d9dc2dd8272ae79d3994c11af308198

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:29:47 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"17e7-18347228078"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
8fGwFyGRrp8EEENHWh6xcz2mqWikuBG8WWjRh6cdfd2VcNoj3HyYxg==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
_ssgManifest.js
fortune.com/_next/static/HGJsLE3n0WQlYfyVYXDGo/ 		2 KB
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fortune.com/_next/static/HGJsLE3n0WQlYfyVYXDGo/_ssgManifest.js
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
a1f2c51589765f9a9499e0150378942da1e040c5af67e8c1585c65df2e0eeeb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 16:31:24 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
W/"72c-1834723fb60"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
xbXKFtaqw4c91FGRmrY_eHZt5JIwi1VBs6knGTfS2_V1GLsDa2Nbvw==
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c15f0562b55027fea019b965a89690a4a9fb6aadd7f39bacc427be9e2fb8e624

Request headers

Referer
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
950c4f2431028b6bf216f3aa0399c9c6c5e38a0273fb632e965c12e0814ac752

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
GraphikCondensed-Medium-Web.woff2
fortune.com/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/fonts/GraphikCondensed-Medium-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
f573c2e1dfb5d93082165fe7b99287a3e81f4f17453a76c90e56ceba0c55fa5c

Request headers

Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:02 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 09:58:01 GMT
server
nginx
age
1633
etag
W/"8b49-17fd51c6028"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
35657
x-amz-cf-id
-rz1z-tQYuYSw2YtpS7xK6JqjSapH1EyCk6HYgjNQiLftfVIxHYm5Q==
GraphikCondensed-Regular-Web.woff2
fortune.com/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/fonts/GraphikCondensed-Regular-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
50f09e30713b6f5876aacdb0700967aa996b1d0c8a1c2b28757d271e0d81507e

Request headers

Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:02 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 09:58:01 GMT
server
nginx
age
1633
etag
W/"8831-17fd51c6028"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
34865
x-amz-cf-id
iapSOiLflgTct3TTEzXD0Vg570vHnytMeOjoCs7THuROa5FGpjtqTg==
SaolText-Semibold.woff2
fortune.com/fonts/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/fonts/SaolText-Semibold.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
789f6ea4b6cafbba7bfc5b034efb47ea4d711464b0eca962ead776247789cebb

Request headers

Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:02 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 09:58:01 GMT
server
nginx
age
1633
etag
W/"b3cc-17fd51c6028"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
46028
x-amz-cf-id
YVnTbOBrlz-03SICbo9VrjpjmqIBhV-BQbwTlY3D1iwSSdmbUvSIbw==
GraphikCondensed-Light-Web.woff2
fortune.com/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/fonts/GraphikCondensed-Light-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
02a62bf27d5d3c30e8781bbe1d6082963856d233353dfacd31d8aaeaf5b17079

Request headers

Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:02 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 09:58:01 GMT
server
nginx
age
1633
etag
W/"8881-17fd51c6028"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
34945
x-amz-cf-id
HDSHdYQKa_R4kUEXd-LEaFAAgZrXi3l_V-iJkNxuYh3bk4k8B_FYSQ==
GraphikCondensed-Semibold-Web.woff2
fortune.com/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/fonts/GraphikCondensed-Semibold-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
525a443fc223f054b1513e295c58dc80b8ed16b0aba5ed9c871363d4b8dfafd9

Request headers

Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:02 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 09:58:01 GMT
server
nginx
age
1633
etag
W/"8bcd-17fd51c6028"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
35789
x-amz-cf-id
jkc1_5i3O-xOUikwpLx4WdeFoVcNMc8K2iw4vsgWZODj86Z-awcHIw==
GraphikCompact-Semibold-Web.woff2
fortune.com/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/fonts/GraphikCompact-Semibold-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
c6261ca74976a2b5c9b2a492baed2360acf0ee54835528f7c7f6517e00521f7a

Request headers

Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:02 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 09:58:01 GMT
server
nginx
age
1633
etag
W/"a005-17fd51c6028"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
40965
x-amz-cf-id
HecnZWXwm9vEx50CXpneshNseYutmq_5Ajlg2FXf_GhNDwy7k6yARA==
tinypass.min.js
cdn.tinypass.com/api/ 		324 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: fortune.com
URL: https://fortune.com/_next/static/chunks/main-4235c068eda7902d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd7ed4f93721d1fd01062540e84d0c3fa8a5297ef5daff964e7ea5f532930ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13310
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DPKZZ5WPSHJK8DF9
x-amz-id-2
szk3fPeiiO6CWpdR291F66U3QkFPMAUAP0MbKp3ENZXYHc2IBbVS0mcFtYKEAuFryHeFsisNtho=
last-modified
Fri, 16 Sep 2022 09:29:34 GMT
server
cloudflare
etag
W/"15581b223b4f44668855811bdcfb4bae"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
x-amz-version-id
D7jP9lM0viGhWei0PFS5RAKzqM2zrSNi
cf-ray
74d46d086bf27151-YUL
expires
Mon, 19 Sep 2022 22:36:16 GMT
queryly.v4.min.js
www.queryly.com/js/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.min.js
Requested by
Host: fortune.com
URL: https://fortune.com/_next/static/chunks/main-4235c068eda7902d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
140a59e23e17fb2db96ca2d46ab94e56495a813717ff6bfaf6bf6557f308baae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8899
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
last-modified
Thu, 11 Aug 2022 16:00:33 GMT
server
cloudflare
etag
W/"80a6a27c9badd81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2GL7fzBygH3JzrV89gWbcVwslE1qaL4VOeZruEip%2FitQDMXWb3n1c%2B8WK7wEsI%2BKPpQDqx06EnWWYgot120oirXjSOISXbuHwlFrx20Vr0jZxVEODTBryHygrqX5VhG0gOg2jupbhLYIZDIcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
74d46d0888f64bc5-YUL
access-control-allow-headers
*
notice
consent.truste.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.truste.com/notice?domain=fortunemedia.com&c=teconsent&js=nj&noticeType=bb&gtm=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-38.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
b07d27861690243b7b5d95a9df2556d54eb4d355f20edb9e4250f031f47a6596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1634
x-cache
Hit from cloudfront
cloudfront-viewer-country
CA
vary
Accept-Encoding, Origin
content-length
3837
x-xss-protection
1; mode=block
timing-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
IAD55-P5
cloudfront-viewer-country-region
QC
x-amz-cf-id
uVDk24Er6M24HAq9Woo5qyIf6EITFPiWhkJold2GVnhRyDlhOM-E3g==
expires
Mon, 19 Sep 2022 19:09:02 GMT
load.js
s.ntv.io/serve/ 		479 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.112.11.4 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-11-4.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5525fe0659c283e57d8ca8f0ff56cba585bd7fe8532df9387c0a824ae35dec76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:16 GMT
Content-Encoding
gzip
x-amz-request-id
ZZ2XR760EAT65FCT
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
kfQJXs89OcoDEEyx1qyYX0Py4TXKM+glaW/zWSNAiBpaZmmJkmwSMDLLCtdiEa8OoDutk9QGYmQ=
Last-Modified
Fri, 02 Sep 2022 14:27:37 GMT
Server
AmazonS3
ETag
"9624bb208d35ae785b11a575256bbe77"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
profitwell.js
public.profitwell.com/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.profitwell.com/js/profitwell.js?auth=18dd346e0650d0af58866f632445f4c7
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-53.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:02:20 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 18:43:42 GMT
server
AmazonS3
age
66837
etag
W/"f3710cf44008e9509cf9d74fde8cff1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
via
1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
x-amz-cf-pop
PHL50-C1
content-type
application/x-javascript
x-amz-cf-id
29hxFIh-uDL8AyHgayIOpLbgPqrd-7-cXpT8OoRS5ySkdTwM39Sgog==
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GNFFYKDCBGAJK7BH
x-amz-id-2
jw7lwU7u9SJqiksLmLxTk3z/V4eufpPXQx/gptQJ3/Yq9ItGRjrN/5B+40kDeedxnx+lWNhQlLk=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWPdwCbm5RKRVqYei1y2FKXpR2AsbbBSPq5AzJ%2FxJEUKG%2BrFbrKc6LDoh%2BZ%2FPBFY%2F5mLSjEip9lOhbIncQAFHmgsywqwOX73VXI0yrgJrFp35xorF03Ic3M0naZLRVaROq0m%2B3vI6T8zuKoAPfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
74d46d091c5519e3-EWR
GettyImages-1398200234.jpg
content.fortune.com/wp-content/uploads/2022/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2022/09/GettyImages-1398200234.jpg?w=128&q=75
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3f329fea5104cf341e2e6fa7d81ffc0278f808eeafa70c7b2540c5ad2f41892c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
x-rq
yyz1 91 95 443
last-modified
Thu, 15 Sep 2022 12:09:43 GMT
server
nginx
etag
"10752aafe4d5532f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4442
expires
Fri, 15 Sep 2023 12:09:43 GMT
real-estate-cooling-market-4-1.jpg
content.fortune.com/wp-content/uploads/2022/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2022/09/real-estate-cooling-market-4-1.jpg?w=128&q=75
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f7228511d795c7314e11ebb235d64dd1ac455f762c1a533af2e8658cbed8d7fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
x-rq
yyz1 91 52 443
last-modified
Mon, 19 Sep 2022 17:15:29 GMT
server
nginx
etag
"f696d0a4bbeb7ba4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7980
expires
Tue, 19 Sep 2023 17:15:29 GMT
search.aspx
api.queryly.com/v4/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.queryly.com/v4/search.aspx?queryly_key=58971d435c9a4cef&pageservice=1&pageurl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F
Requested by
Host: www.queryly.com
URL: https://www.queryly.com/js/queryly.v4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.204.162.61 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1015635.ip-15-204-162.us
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f14f214aed10a4a4afd63cfff5d479fefa59982dedeb75e2cb3a033d95ec66a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:15 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
content-length
2737
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527350
x-powered-by
ASP.NET
content-length
816
last-modified
Thu, 11 Jun 2020 23:20:57 GMT
server
cloudflare
etag
"d7046f64640d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6r0KHoEnbNkJodIebHd9ay%2BiLgwdowUEUr%2Bfncuc%2FpIT0DqSkkqg1uGyrjDphO8jAWkCP0a1Xhgjy093NP6rCbLYs0acKzCYrTlY%2Ba7WbSnXznwWGVxLmrPgnk63upnx96IVC7utwXRoTz25cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74d46d08f9964bc5-YUL
access-control-allow-headers
*
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=cfQj2fM3zj
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f4916c90754c22aa2bb85b919b22dbf5bc3e01ac4ee39070585c08461d7b1c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M2kzgirGvRm
pragma
wn
prod-dash-10-0-143-164
last-modified
Mon, 19 Sep 2022 18:33:38 GMT
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.001
cache-control
public, max-age=1200
cf-ray
74d46d095d997151-YUL
expires
Mon, 19 Sep 2022 18:56:16 GMT
verify
id.tinypass.com/id/api/v1/identity/token/ 		197 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jsonp131&client_id=cfQj2fM3zj&site=https%3A%2F%2Ffortune.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bcde9db767415183254eb5e5fcaa0fc4afa6203438b023369d09a0c38443713
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MgozgirLU7K
pragma
no-cache
wn
prod-id-10-0-81-126
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials
true
server-time
0.002
cf-ray
74d46d09ae117151-YUL
access-control-allow-headers
origin, content-type, accept, authorization
expires
Thu, 01 Jan 1970 00:00:00 GMT
uspapi.js
consent.trustarc.com/asset/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/uspapi.js
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=fortunemedia.com&c=teconsent&js=nj&noticeType=bb&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-65.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
88d7e4dfc0c6596495db87af34f2568d1be1537e496ac62dc4891e5576d47f24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fortune.com/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:52:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2613
x-cache
Hit from cloudfront
via
1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
pragma
public
last-modified
Mon, 20 Apr 2020 07:01:28 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-pop
PHL50-C1
timing-allow-origin
*
x-amz-cf-id
KgXTxXB7fnI7moz-S6NPANSGpR56qFz8o_73UaiurGb_jKxWvPUfmg==
expires
Wed, 19 Oct 2022 17:52:43 GMT
json.aspx
related.queryly.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://related.queryly.com/json.aspx?queryly_key=58971d435c9a4cef&callback=queryly.QuerylyRelatedCallback&pageurl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&batchsize=5&decay=5&extendedDataFields=creator%2Csection
Requested by
Host: www.queryly.com
URL: https://www.queryly.com/js/queryly.v4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.195.148.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
9a1d382679489babe6b5d0ee9f3ad3ec391ef46089879c43a82676965230c8a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:13 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
2587
ping.aspx
data.queryly.com/ 		0
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.queryly.com/ping.aspx?type=pv&queryly_key=58971d435c9a4cef&visitorid=undefined&httpurl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&httpreferer=https%3A%2F%2Ft.co%2F
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.82.218.135 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:16 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
private
Content-Length
119
t
jadserve.postrelease.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&prx_referrer=https%3A%2F%2Ft.co%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.65.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-65-165.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
server
nginx/1.12.1
etag
"61c1aa26-0"
content-length
0
content-type
text/html
optimize.js
www.google-analytics.com/gtm/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-WKT547V
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65366e35f44229505d72ac21531c56a1f345ed1bdd5c88fa18003ff55077aae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42852
x-xss-protection
0
expires
Mon, 19 Sep 2022 18:36:16 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=36842
accept-ranges
bytes
content-length
3063
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 14:35:09 GMT
etag
"d4de8398858246712016031c834bb061+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15317
x-served-by
cache-iad-kcgs7200052-IAD
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
THg/x1SxHj8oYem04KsImMF8Wt4cSVHL+J6Xm+lPkTdMcIQ/a2DsXvNeGYdfs75Jyc/fIEtFBZ0J9x9JR7usWA==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 18:36:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2FDCAD8B4614540A43FF3DFA95A6324 Ref B: YTO01EDGE0412 Ref C: 2022-09-19T18:36:16Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Mon, 19 Sep 2022 18:36:15 GMT
accept-ranges
bytes
content-length
11367
p.js
cdn.parsely.com/keys/fortune.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/fortune.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.131.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-131-58.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
ea579d7d23bb267a326abb02571bf4258d7495830df9c1db55ba9f1ea6b76eeb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Sun, 18 Sep 2022 22:06:40 GMT
content-encoding
gzip
last-modified
Thu, 14 Apr 2022 20:14:05 GMT
server
nginx
age
73776
etag
W/"6258808d-10707"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13af704549c5ac5d9fb78e3b737019ec.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
IAD50-C2
x-amz-cf-id
5pxPY7QA4ZSC3POJK5fx3U7HSJCv_zzqmZieh6hYGAIlxnV4Fh5fDw==
expires
Mon, 19 Sep 2022 22:06:40 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 06:52:28 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
42229
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
vRP6h39p4QVO0fGgRJ7MdBUNQV1eyigAbwu3F_hiSXkkTOcTs-RH1A==
/
fortune.com/comscore-json/ 		34 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fortune.com/comscore-json/?03569781850615932
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
3dd7d2b2585b27ad643c05cfc91cab1c9a421a2fdd23f73aaef91e4f64d381d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
EWR52-C4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
34
x-amz-cf-id
5h_rNTPZFAx2Ybx8jKQkodGDl95B9Atv38WpAdKAi2Vm5Cry1klRGA==
cmpcookie.v2.html
trustarc.mgr.consensu.org/asset/ Frame FD9A 		1 KB
966 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trustarc.mgr.consensu.org/asset/cmpcookie.v2.html
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-69.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
2f3457ee45fd2945cd922f8761edcad427bc116803e5bd69000c45e18da3156a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2187568
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 25 Aug 2022 10:56:48 GMT
expires
Sat, 24 Sep 2022 10:56:48 GMT
last-modified
Thu, 2 Sep 2021 05:58:34 GMT
pragma
public
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding Origin
via
1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
x-amz-cf-id
BWqGgVzbde51HP6tbVsWRjCzDPTCmWDYLzziNNyceF5IKFXbpnTbLQ==
x-amz-cf-pop
JFK50-P6
x-cache
Hit from cloudfront
smartads.epl
www.dianomi.com/ Frame 2037 		0
0
contextfeed.js
www.dianomi.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed.js
Requested by
Host: fortune.com
URL: https://fortune.com/_next/static/chunks/main-4235c068eda7902d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/ 		333 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Requested by
Host: fortune.com
URL: https://fortune.com/_next/static/chunks/main-4235c068eda7902d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a0be6f72246e044ba041f21d551be5cdbbdc4ce20ddf27f6f5f191da428ede

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1
age
586
x-guploader-uploadid
ADPycduaRDX5BeqUUIIN5Mjre0xTRPnuXpc7Ko6cOY_uUGpQV7n4ELILxa7f--gDV30Z1_ApWCK7twL9s9WBGpUs1eeYsa9D6m2j
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
last-modified
Tue, 13 Sep 2022 19:21:06 GMT
server
cloudflare
etag
W/"ee40495dbfe3db4f57418fa5f7944e0b"
vary
Accept-Encoding
x-goog-hash
crc32c=+SYTCg==, md5=7kBJXb/j209XQY+l95ROCw==
x-goog-generation
1663096866895181
cache-control
public, max-age=900
x-goog-stored-content-length
93919
cf-ray
74d46d0b5920ca5f-YUL
expires
Mon, 19 Sep 2022 18:51:16 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162221/7652/ 		863 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Requested by
Host: fortune.com
URL: https://fortune.com/_next/static/chunks/main-4235c068eda7902d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
603934056dff6ec018d7b8152bd393a01896003f225439ac5886462e847ccd82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 14:42:29 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=115826
accept-ranges
bytes
content-type
application/javascript
content-length
187651
expires
Wed, 21 Sep 2022 02:46:42 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: fortune.com
URL: https://fortune.com/_next/static/chunks/main-4235c068eda7902d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
253ad413815e433a2d8128d1c7f6fac2834369494c0da3a4f8c76d6d854cff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27885
x-xss-protection
0
server
sffe
etag
"1339 / 566 of 1000 / last-modified: 1663585777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 18:36:16 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 17:40:14 GMT
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront), 1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:37 GMT
server
AmazonS3
age
3363
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-P2, PHL50-C1
content-encoding
gzip
x-amz-cf-id
y1YUHtkMI6Oxt9ryB6JXhKiJ3vl9HBqjee0jm0X-3tmUomWnREUhHg==
smartads.epl
www.dianomi.com/ Frame 321D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=4953
Requested by
Host: fortune.com
URL: https://fortune.com/_next/static/chunks/framework-a070cbfff3c750c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
74d46d0afecba208-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:16 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
tcfapi.js
trustarc.mgr.consensu.org/asset/ 		211 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trustarc.mgr.consensu.org/asset/tcfapi.js
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=fortunemedia.com&c=teconsent&js=nj&noticeType=bb&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-69.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
059331dedcfb3bb7ad7b676771afd4f4bab13b6a23f4a8b1191c9defeced31bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fortune.com/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
age
958943
x-cache
Hit from cloudfront
via
1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
pragma
public
last-modified
Wed, 6 Apr 2022 00:59:55 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-pop
JFK50-P6
timing-allow-origin
*
x-amz-cf-id
t-H5h6tveqKT9WeqeQEhfWRNd8Dki1YUEONL4fG-kE1dGbrHd2gulg==
expires
Sat, 08 Oct 2022 16:13:53 GMT
execute
c2.piano.io/xbuilder/experience/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=cfQj2fM3zj
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb357d44c08f3b7ef10587b6b70f4171087d478298261f8d5477057540d376a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
jcvlzsx2bd
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://fortune.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
74d46d0b5a6e4bd1-YUL
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1663612576562&plid=10129247&idsite=fortune.com&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&urlref=https%3A%2F%2Ft.co%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&sref=https%3A%2F%2Ft.co%2F&sts=1663612576555&slts=0&title=Uber+employees+are+being+taunted+with+obscene+images+in+a+devastating+hack+%7C+Fortune&date=Mon+Sep+19+2022+18%3A36%3A16+GMT%2B0000+(GMT)&action=pageview&pvid=91729798&u=pid%3D89cf9f587e69be78c1c138dd7a0e93bb
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:16 GMT
Cache-Control
no-cache
Last-Modified
Monday, 19-Sep-2022 18:36:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
adsct
t.co/i/ 		43 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=d91556b9-b38c-466e-8896-399d43626457&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f1f06a0-2973-450b-b183-e8facccefc14&tw_document_href=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o25rz&type=javascript&version=2.3.27
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
6
date
Mon, 19 Sep 2022 18:36:16 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
f26746de6afd0339f4bc8091cead40a5f82ce584d951f1c78d88bb0cb0b52659
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d91556b9-b38c-466e-8896-399d43626457&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f1f06a0-2973-450b-b183-e8facccefc14&tw_document_href=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o25rz&type=javascript&version=2.3.27
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
5
date
Mon, 19 Sep 2022 18:36:16 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ad07fe7ba4f512adc17efd5d3e7928e2bb9a9165939164364607d80447ad939c
content-length
43
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N68KRG3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
644
date
Mon, 19 Sep 2022 18:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 20:25:32 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1545442&time=1663612576589&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1545442&time=1663612576589&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&cookiesTe...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1545442%26time%3D1663612576589%26url%3Dhttps%253A%252F%252Ffortune.com%252F2022%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1545442&time=1663612576589&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&cookiesTe...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1545442&time=1663612576589&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&cookiesT...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7ad6e964-207c-4e77-bacd-e58a402730b9
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7ad6e964-207c-4e77-bacd-e58a402730b9&_expected_cookie=ca4cd6dae0ec7b1a412f57fc...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7ad6e964-207c-4e77-bacd-e58a402730b9&_expected_cookie=ca4cd6dae0ec7b1a412f57fcef8e8cf2
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 19 Sep 2022 18:36:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d46d119de95443-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7ad6e964-207c-4e77-bacd-e58a402730b9&_expected_cookie=ca4cd6dae0ec7b1a412f57fcef8e8cf2
date
Mon, 19 Sep 2022 18:36:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d46d10ec985443-YYZ
content-length
0
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.83
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
EZM6MseSasPl/+SuS+ZsPKASbMUylMS0ofhf1GQOeHy+luY8b4AwXdAA69oPN3qZi05Y5/IuyKHoHCYoqwKjLw==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 18:36:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
2587034314640071
connect.facebook.net/signals/config/ 		296 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2587034314640071?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
539570e7e2548c3dbf5ebaf2d8ed9bb7a8d15b0a133ba6864a97251a8642cf1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86400
x-xss-protection
0
pragma
public
x-fb-debug
TcYMlkhoiZwD1ORvddwkGnY4QYYn/VYVV34WUtULHxCVxfx6Uk+keOWNkbqBhdKu8hzfKkP147h0pEkr/wIYhw==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 18:36:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
56053647.js
bat.bing.com/p/action/ 		1 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56053647.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4af3e69d918351f3f3824ba2e2b199f5040455f5ea96713b6e7df8bf17ed8a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC813A802D424F93A2865535672F7DD7 Ref B: YTO01EDGE0412 Ref C: 2022-09-19T18:36:16Z
date
Mon, 19 Sep 2022 18:36:16 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
668
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56053647&tm=gtm002&Ver=2&mid=e9783f42-259e-4699-b0f0-1000c693606a&sid=f23a1230384911ed81e05795197369b4&vid=f23a4230384911ed827b0f8b0f6f1f2e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Uber%20employees%20are%20being%20taunted%20with%20obscene%20images%20in%20a%20devastating%20hack%20%7C%20Fortune&p=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&r=https%3A%2F%2Ft.co%2F&lt=696&evt=pageLoad&sv=1&rn=992626
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4BADAD6CA8E24D99B11D47324727DAFA Ref B: YTO01EDGE0412 Ref C: 2022-09-19T18:36:16Z
date
Mon, 19 Sep 2022 18:36:15 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
consent.trustarc.com/iab/ 		55 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/iab/v2?domain=fortunemedia.com&locale=en
Requested by
Host: trustarc.mgr.consensu.org
URL: https://trustarc.mgr.consensu.org/asset/tcfapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-65.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
1d55d4f67b08a166d379773bf9fff326a8dae9daae0da2da7e3670b117658d54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:20:03 GMT
via
1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx
age
973
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
PHL50-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
i-emNijTVJXQlmsSf-zYtfoykBSPi54r269ApdXvnd6AWDwsg7ewZQ==
x-xss-protection
1; mode=block
lightbox_speed.js
www.lightboxcdn.com/vendor/538f6018-3e73-4af4-bcb7-2b8be35ca464/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/538f6018-3e73-4af4-bcb7-2b8be35ca464/lightbox_speed.js?mb=1663612576632
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859bc40270030118f6766b6be1a31e593445ebce2460f4e86d7e792cd49834d8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lD3Fk/4IQ63lOQlsDzqz6w==
age
227
cf-polished
origSize=4756
last-modified
Thu, 04 Aug 2022 15:37:44 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
3765fbf9-601e-0019-5718-a83458000000
cache-control
public, max-age=60
x-ms-version
2009-09-19
cf-ray
74d46d0c4fdd714b-YUL
expires
Mon, 19 Sep 2022 18:37:16 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 20:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Sep 2023 20:20:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		110 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fortune.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03ead4d7ec3a383e20db7d547500b9cf3928faac7997367e1893d9f62b6b4045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Mon, 19 Sep 2022 18:36:16 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:39:23 GMT
via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
32214
x-cache
Hit from cloudfront
content-length
6482
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
AeMdXFN3gHd1PtTjga6cbgLaw_cfqH_o0wvC_vY4YEVWHh6fu4p4uA==
pxid
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.prmutv.co/v2.0/ 		12 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.prmutv.co/v2.0/pxid?k=63e72aad-78ba-4502-891f-9d9ff3d2f6bc
Requested by
Host: e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
URL: https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://fortune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
via
1.1 google
getuidj
ib.adnxs.com/ 		11 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
URL: https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:16 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e5aa7bf3-f134-4f02-9b92-99c22e28e6b1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://fortune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
geoip
api.permutive.com/v2.0/ 		249 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=63e72aad-78ba-4502-891f-9d9ff3d2f6bc
Requested by
Host: e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
URL: https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
478e6af52fb68e56ea81b5b785d63530428644c5f656abef360da891644c3243

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://fortune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179
via
1.1 google
watson
api.permutive.com/v2.0/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=63e72aad-78ba-4502-891f-9d9ff3d2f6bc
Requested by
Host: e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
URL: https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
890ba93f1552bded3cecea8a4c8efac2b647cbec53066976d759c92edba6526b

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://fortune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
964
via
1.1 google
config
c.amazon-adsystem.com/cdn/prod/ 		761 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5018&u=https%3A%2F%2Ffortune.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
49de94ebe2f83144c7588d1111c8f96014ee1df2cb7560fd73cafdff9aa8d30e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:42:12 GMT
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
server
Server
age
14044
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://fortune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
PHL50-C1
content-length
761
x-amz-cf-id
8hiFLhg9LNr84Kg8SPe9VXSQJfeMXq_tU-EykD2p1LvBxwQOi0lkHg==
show
buy.tinypass.com/checkout/offer/ Frame 43C6 		901 KB
286 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ca043943e642e2f4c220ff787bd978fcbf1d642b191ffe6c564778a967c4b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74d46d0caf6a4bcb-YUL
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 18:36:16 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
no-cache
server
cloudflare
server-time
0.011
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-85-66
x-forwarded-https
on
x-request-id
Mgozgirgk0x
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 17:44:36 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_it=b3&cv=3.8.0.210223&ns__t=1663612576546&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=47&cs_cmp_sv=2&cs_cm...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_it=b3&cv=3.8.0.210223&ns__t=1663612576546&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=47&cs_cmp_sv=2&cs_c...
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_it=b3&cv=3.8.0.210223&ns__t=1663612576546&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=47&cs_cmp_sv=2&cs_cmp_rt=193&c7=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&c8=Uber%20employees%20are%20being%20taunted%20with%20obscene%20images%20in%20a%20devastating%20hack%20%7C%20Fortune&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
via
1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
Wk_f1NtcyJG8VZ84t3xu_T6IOJMDrXbBaqMVJpvxBvMnr9lg5OSjMg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6035728&cs_it=b3&cv=3.8.0.210223&ns__t=1663612576546&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=47&cs_cmp_sv=2&cs_cmp_rt=193&c7=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&c8=Uber%20employees%20are%20being%20taunted%20with%20obscene%20images%20in%20a%20devastating%20hack%20%7C%20Fortune&c9=https%3A%2F%2Ft.co%2F
date
Mon, 19 Sep 2022 18:36:16 GMT
via
1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
content-length
0
x-amz-cf-id
w6XlHevek0i_62TFc1I52AcS7FTd472u_EBdRgHPbzkp69pOy_i1QA==
x-cache
Miss from cloudfront
9f99d654-bc76-4b05-bdd4-ed2b50e95660
https://fortune.com/ 		127 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fortune.com/9f99d654-bc76-4b05-bdd4-ed2b50e95660
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9d0f642b7aad40c6f7336f36e2f925357142ec0d93210d1524cbfa29d31e7f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
130128
f072f88d-28a6-410b-aa80-811cdc306216
https://fortune.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fortune.com/f072f88d-28a6-410b-aa80-811cdc306216
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b373f2aa0df9753611ccb9b312c5c35780954d8eef9ed01de48aa896a81f9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
20393
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1768155718&t=pageview&_s=1&dl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Uber%20employees%20are%20being%20taunted%20with%20obscene%20images%20in%20a%20devastating%20hack%20%7C%20Fortune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAAC~&jid=813076850&gjid=819147987&cid=723129747.1663612577&tid=UA-97981691-5&_gid=1631482056.1663612577&_r=1&gtm=2wg9e0N68KRG3&cd1=Kylie%20Robison&cd2=article&cd3=tech&cd4=Uber%2Ccomputer%20hacks&cd6=September%2016%2C%202022&cd7=own&cd30=Google%20Analytics&cd32=1663612576581.2wvu74nl&cd33=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd36=&cd65=P-Reported&cd79=2022-09-19T18%3A36%3A16.581%2B00%3A00&cd80=Uber%20employees%20are%20being%20barraged%20with%20obscene%20images%20in%20a%20major%20hack%2C%20and%20they%E2%80%99re%20worried%20their%20financial%20data%20may%20have%20been%20compromised&cd81=09&cd90=Tech&cd93=guest&z=964721569
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fortune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
aax.js
c.aaxads.com/ 		392 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXT2MIP9&hst=fortune.com&ver=1.2
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-193-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed4d74cf35f19eb0bfc45aad5dcf4fa5a5d0ceb464bd4464fd246566022c3dc8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 19 Sep 2022 18:36:17 GMT
vary
Accept-Encoding
x-mnet-h
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=1800
content-type
text/javascript; charset=utf-8
expires
Mon, 19 Sep 2022 19:06:17 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2587034314640071&ev=PageView&dl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1663612576831&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22271369800497222%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222622385121346396%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221267389536932895%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22703033843637498%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%222626621560931505%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22326714211932296%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[6]=%7B%22extractorID%22%3A%22327143718522683%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[7]=%7B%22extractorID%22%3A%22360319838710223%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1663612576829.1443635448&it=1663612576595&coo=false&tm=1&rqm=GET
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 18:36:16 GMT
t.gif
www.lightboxcdn.com/z9g/ 		35 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1663612576871&h=fortune.com&e=p&u=42559
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 18:36:16 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
893544
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
6e769913-901e-004e-1d3c-0b9024000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d46d0d8a34714b-YUL
cf-bgj
imgq:85,h2pri
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=63e72aad-78ba-4502-891f-9d9ff3d2f6bc
Requested by
Host: e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
URL: https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
bcd4134b0da9f0228dfbb06a21baf7460051685b5e22d4481a8ae4f14f1b2fac

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://fortune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
via
1.1 google
checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame 43C6 		305 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a9d02d62ba8e0c6650830016360ad971702625d15c2f09b7e6738960d3a0c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6076
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-95-165
last-modified
Fri, 16 Sep 2022 13:25:24 GMT
server
cloudflare
etag
W/"312098-1663334724000"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
74d46d0dea8c4bcb-YUL
expires
Mon, 19 Sep 2022 20:36:16 GMT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 43C6 		65 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=15.0.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97476151836150a36d0bf7433d26bc0655d465c2439487cfa511e0a186ac2ae8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
42109
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-143-81
last-modified
Fri, 16 Sep 2022 13:25:24 GMT
server
cloudflare
etag
W/"66631-1663334724000"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
74d46d0dea8d4bcb-YUL
expires
Tue, 20 Sep 2022 18:36:16 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 43C6 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2838550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gezVGbJhR8T22kttKeCpDPo%2FA6cHRGfPVFTpfGjwKIOGRU3AmC7LZURsBkCpbsqP1d8mUehZxds2VuA6HfRJWuCgDyt3FL3hpkBhCRkqu3odjbyNJ%2BYc2PYRldICw31UwBoUsZH1xsJbBfMZKxVpxBi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e0cad4bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 43C6 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
954821
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kA42BdKVm%2B7ABGNa%2BnFRtIBJXTAkbMG0cUNU18HYdhfuwCJDgqKTS2MLGoxzSZz1JM6nn95l06ePqEb8%2BHdk4fSykca8JFrDlJ1Dw85dWIbXzgk6g%2Bo0adEjr%2FJehmRwjU540JW0FOonEdmxvvGEmtQd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e0caf4bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 43C6 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
419587
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmBjUlXcrSKjZ%2Bg9YpvK%2Fnre9Prv729g2SL1IcpaIHYC59mKCZlTvNrQA3AA3A0oZV0KvJm6uwWpbuE7hHYEGAWSJaPgKeE40MORgKGWpbzciT0SixnCnTMoMtQtu%2Fu7Gcbj1I6NEPqKEZY%2FmFWeFsbJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e0cb04bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 43C6 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
421860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Shr2K3J3cStboJ%2FfzL1zZQisM0bK7mw7LEae73hUaxEfmtYgzQ9WVbaVXxD1AQ0kXV4t6ghkYVCy3fqJeEes27U%2BNTLwdXTx6kjOaTbMyJfc09EYC9n05NN%2BOcKO9vVDbzjhZYpbPu3GJ9Eq7CEE8DVp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e0cb14bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 43C6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1489896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8h5sgFi%2FrAyGv0BrDd7q94UKvtTsKZwZ3%2BgtHogv5MPdOWiQTxjwqZCSw20mdZ3fioL5olQETEgoZzeZi7YDizGg7VG5k0YLthAvPFE0bYzv4fRXSGZZWzGa77PQmnZy1UzPdPUpkaBEtoqsk1Baoon"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e1cc34bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
angular-touch.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 43C6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-touch.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1491275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1321
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-ce0"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTMmPIuUY%2FLwxIwZigykNw7O41b89THW9cAMkgxv1E5LELjeeBlMu391%2FqhoUylwEjuNLRFnl1BFXKsRCM%2BPGPph6UCBJe%2B%2BfM1M54k4j%2Fo%2BrTD%2FCC1kO7RQHJd7glKBFrOoHhFlqFMySUkVn8z%2FplgX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e0cb24bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 43C6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1510772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJIj8w%2B46%2B1cn91lmGqEfCFHDDwuclyJVttqVlWD2xbOCv9qXjP0G6Ks6ozF7jSA8bDKY81aRsvvDdIzMNdt355H5SUI6QRuughHflSoJMafnvc5IFhE737Y%2Fs3HhfZytLpPrzPxqsb7mQHF8GHJyVHS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e0cb34bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 43C6 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4057126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4x6tqKjQCDwSsRtqho1zsiARnO1GHMLIYj86TAfI3TiZIr1rFK8g1yh3UdFS2w78dIvEkyQpBTf3ZKhEx%2B8JJQbYi89OJKcGEmCn0hacLgJ%2FFa9D9wIl4397cXIMBQLn5TGqzH83PJcg9TnyosypfY5Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e0cb44bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 43C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2325938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZ5%2Fh6soSAsTnpb4Itm9Hyyd%2BwpMo9Lgenv9mkwVz6zEV36ifmvgORKU22tnp7G2dAijWxNNNmcK7leql%2BCqQseu4F3GpgdlivkY0hTLPa1SNRG%2BPGeYPFbfvO2ToKorgvBV%2FAW1iRkiKcmi7TfFFZrz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e1cc24bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 43C6 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2245218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXVP5x7FQM0wgR2WM5fDwkgGSkb%2BRUH1z3hnfmZX70kAzCbSGix9WfqEKxy7Ok%2FuuWLyCojdWlCgbsU8mxAJAIwiDzaHFWNjQ3fiemosy%2FJyBSwwL20Bob7YIU4ZhHqdSbSG7cRla1dxFD6C2cB7BucG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e1cc14bca-YUL
expires
Sat, 09 Sep 2023 18:36:16 GMT
anime.min.js
cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/ Frame 43C6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/anime.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1560298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-4377"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWvaOeRK%2BAuObR4h1ezmw7i%2BnpuofLx%2BCwNtsRG3lbD%2FSLWE2IDT1wtN%2Be%2FefPK%2F3EUK4ZvhjzvLFiCX0Kc4yyrUrx1WDELko%2F84I80EH10rbyCu%2BbAw%2Bch10xV0AA7fkYQp49tYB57Dmtxw%2FJWn9DlQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74d46d0e0cb54bca-YUL
expires
Sat, 09 Sep 2023 18:36:17 GMT
H4sIAAAAAAAAAK2YT28jNwzFv1ATY91Lr1tv0SzQAkac7rXgSPSYa40k6I8n9qcvZ5wYBnKo9ZxjJv5JnEfyiZrFKLbnsrCSy8Ls2OxDLQ9DsNXx4mdeOOkSJeH8eH72y-J_AEuFo5g9p1uJIkMjQbXs_p7_UsLsb8VM8JbXKRzEcgL4KOTDd_thhds2T2ylPLPlI...
buy.tinypass.com/_sam/ Frame 43C6 		314 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAK2YT28jNwzFv1ATY91Lr1tv0SzQAkac7rXgSPSYa40k6I8n9qcvZ5wYBnKo9ZxjJv5JnEfyiZrFKLbnsrCSy8Ls2OxDLQ9DsNXx4mdeOOkSJeH8eH72y-J_AEuFo5g9p1uJIkMjQbXs_p7_UsLsb8VM8JbXKRzEcgL4KOTDd_thhds2T2ylPLPlIRYJvo2eVM3QK1df0nHDjk0JyEt34pz4_qu1iTMSQqScx5Csu8Zbtl4Fv5Uey3dmXwAyfUzT7XAvW2TPGvtElgEy70gD3tQumyRo1CpWEV_5ZZeYv23WNZkdZSScEueMpWEVhgGKZSoZjSPUHmnzPPZtdRZTGMIqXGl_E8avkZNaAhAiqdbbRNWuKBbV-cevbVt_4JefEcTyDm_MV9X3zGSKHAisxEjHQdv2jmAKp-FPdcwNp4MYpIbJJSZ7fKL81RjM98y5CVAVOvL7DZuakPCvPXd9lhNLRCT3x2ucnH_19n9EifnoM5QsHAQA2jE4R0juBzoFP4xY0sV3mG1OvwWwENmrRivKiFeeOAUsKeOOyjHUkaDS4lftUU_uhzroVgxsFUl8wUcTc6lpSPpzaf7-gtRYjI61MyFYO9tZ3fz5dUAa4x1_ivEO-iXsGUlZVjdh647feEvVlU1JatT98Y6VVMZ__qJCwyeshZSy7cVpDCNBtPSQjHor09LXoPEh6-18zaunNl9VqVVon-GdLyusQy5b8eQN_hpM-Tj5H8xPCYDpvSO1MRgPncDsbCH65rk1gRew6LzGIKzV3kiaY6fFFvRe0brnFVmG1red27ORCZ5LIwKJOUriaSxqxPowQdNsZ5tRvei0ETqHAiG-zfB8aueqeCtkDE4elihbo6Co7wDS7MQx9Krq_ydxd6AdFG9wYejA7LzDMbf2yUTrXbtC21JSgy96yjTTl3OqjHrWonAfQj9bJrrAu-U28ofgemplJMZWg50vPACzRfU4j93txmeDCc32p1wO2zLdxltPrfnW21fA34dAFT8TUojiUXE_aZzDBzl4CMPGL4xaox8lcvCtfXxyYlpr7zyNsOPpEG5tzvm7bzNzfnSZZt_Vyfct87bCGXbSTV8t-6r5fvjyuHxcLhfy5Td_eea0CRz_y_6h5sef-T8fQFDa3BoAAA?compressed=true&v=15.0.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa3c1e3a72f3d8ce923d03a59272ba4d58249cfcf6c5be78ed83c2c51c88355
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2403
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-116-68
last-modified
Fri, 16 Sep 2022 13:39:40 GMT
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
server-time
0.014
cache-control
public, max-age=602332
x-optimized-by
_sam
cf-ray
74d46d0dea8e4bcb-YUL
expires
Mon, 26 Sep 2022 17:55:09 GMT
fonts.css
fortune.com/static/css/ Frame 43C6 		3 KB
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fortune.com/static/css/fonts.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx / Express
Resource Hash
a514876a0c7efb037a90cceb8c1f72d2a94f1b1936376de06fdc23c07e331c0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 19:57:26 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
age
2673555
x-powered-by
Express
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
417
x-rq
dca6 0 2 9980
last-modified
Fri, 19 Aug 2022 19:57:01 GMT
server
nginx
etag
W/"dc6-182add43d80"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
x-amz-cf-id
mX_FdS-S65gPOfBFv6PpVz9EQRTfARTrcT7sQDFDybGISwKxK4z19g==
expires
Sat, 19 Aug 2023 19:57:26 GMT
fortune-logo.png
content.fortune.com/wp-content/uploads/2021/02/ Frame 43C6 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2021/02/fortune-logo.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1be5d78423cb102d0e0deca0dfe43cdac7c17d25ce10de1abc8eaba77abbe438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 88 47 443
last-modified
Mon, 04 Jul 2022 05:02:36 GMT
server
nginx
etag
"9930d435f117dbfb"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28380
expires
Tue, 04 Jul 2023 05:02:36 GMT
css
fonts.googleapis.com/ Frame 43C6 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat|Roboto:400,500,700&subset=cyrillic
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
463b2cb380310ff46fc138eb9117590d62eab649eaa3388e9177322b02b3f1ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 18:30:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 18:36:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 18:36:17 GMT
fortune_inline_solicitation.png
content.fortune.com/wp-content/uploads/2021/08/ Frame 43C6 		922 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2021/08/fortune_inline_solicitation.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6e104eb984d3b0ffa5ba73224daa7f86af3387959f007f705d50d8a97ba64f17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 89 30 443
last-modified
Mon, 04 Jul 2022 05:07:34 GMT
server
nginx
etag
"d052c489643a5864"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
922
expires
Tue, 04 Jul 2023 05:07:34 GMT
FORTUNE_LOGO_LOCKUP-2.png
content.fortune.com/wp-content/uploads/2021/08/ Frame 43C6 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2021/08/FORTUNE_LOGO_LOCKUP-2.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e99b820fdf1436051086020e27ae6ebd0e982c31b712dd45b13222eb7a6489a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 89 30 443
last-modified
Mon, 04 Jul 2022 05:07:34 GMT
server
nginx
etag
"278baaeb246ff8b4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11016
expires
Tue, 04 Jul 2023 05:07:34 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97981691-5&cid=723129747.1663612577&jid=813076850&gjid=819147987&_gid=1631482056.1663612577&_u=YEBAAEAAQAAAAC~&z=86026251
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 18:36:17 GMT
content-type
text/plain
access-control-allow-origin
https://fortune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		183 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5018&u=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&pr=https%3A%2F%2Ft.co%2F&pid=tfeFXzoHk9prP&cb=0&ws=1600x1200&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%22Leaderboard0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22970x66%22%2C%22728x90%22%5D%2C%22sn%22%3A%2221809533738%2Ffortune%2Ftech%2Farticle%2Fleaderboard%22%2C%22kv%22%3A%7B%22height%22%3A%221200%22%2C%22width%22%3A%221600%22%7D%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
55601ba0f109ac2f7c295ecabe14e4009ac427dc333eb81aa0da1a9f8ee62e1e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
via
1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
3WD7XWMJA985PBAAQNH8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://fortune.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
183
x-amz-cf-id
Yr4gMDJpK7bsfdk7U8wbOJQRf06xjDV1h1vlaXq1mIQmGoMktybc-Q==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		183 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5018&u=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&pr=https%3A%2F%2Ft.co%2F&pid=tfeFXzoHk9prP&cb=1&ws=1600x1200&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%22RightRailFlex0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2221809533738%2Ffortune%2Ftech%2Farticle%2Frightrailflex%22%2C%22kv%22%3A%7B%22height%22%3A%221200%22%2C%22width%22%3A%221600%22%7D%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
d8c1d773d76f2a1bbce08b1d0d46d3413bb6ffae732aa3bf4c0823b12d4b6caf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
via
1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
W0Z9CAFYEF0HACR2S7HQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://fortune.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
183
x-amz-cf-id
dnifqzr5TLVMCOZopxHqYH8uZZr2ce7Lj8JRdGPhaOd7I1i9hQq2bQ==
56053647
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/56053647
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/56053647.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1539 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
524310f635603dd2d8e955b8a84c5dae11f76a36148a14cc82bfa934871d95a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
x-powered-by
ASP.NET
x-azure-ref
0obYoYwAAAAB8LGHO0SUqTb7bwBSdnFGMRVdSMzBFREdFMDYxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
content-length
1542
expires
-1
GettyImages-1356696208-e1655819447930.jpg
content.fortune.com/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2022/06/GettyImages-1356696208-e1655819447930.jpg?resize=130,86
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5c32586fbc722aebdad46b36dea2a1c9fa15db9e5a849bdf00732da91c25b203

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 91 95 443
last-modified
Tue, 30 Aug 2022 17:26:53 GMT
server
nginx
etag
"7276feb2cac21878"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4744
expires
Wed, 30 Aug 2023 17:26:53 GMT
GettyImages-1237230804-e1663132819816.jpeg
content.fortune.com/wp-content/uploads/2022/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2022/09/GettyImages-1237230804-e1663132819816.jpeg?resize=130,86
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9290f05fb3424f254353ece6d10f0360a2e37714219ca5f36ad5eaee9a98aecf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 91 52 443
last-modified
Wed, 14 Sep 2022 15:07:41 GMT
server
nginx
etag
"1168cb44110b812b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2030
expires
Thu, 14 Sep 2023 15:07:41 GMT
GettyImages-1238366748.jpg
content.fortune.com/wp-content/uploads/2022/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2022/09/GettyImages-1238366748.jpg?resize=130,86
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7c6898cecf87f0bd8de569b79d00a058ade384fa9d6cf5b64ebc1a9781c51af0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 82 84 443
last-modified
Mon, 19 Sep 2022 10:02:41 GMT
server
nginx
etag
"fae31955f5c780f9"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4068
expires
Tue, 19 Sep 2023 10:02:41 GMT
GettyImages-543406828-e1657538308710.jpg
content.fortune.com/wp-content/uploads/2022/07/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2022/07/GettyImages-543406828-e1657538308710.jpg?resize=130,86
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e07fd98391b60a2a0fae6f020fd357dafa5bea58ab62d45c09190a29536367c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 91 52 443
last-modified
Fri, 19 Aug 2022 15:20:23 GMT
server
nginx
etag
"f48bc67d2a839d89"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1040
expires
Sat, 19 Aug 2023 15:20:23 GMT
GettyImages-868706106-e1658838091501.jpg
content.fortune.com/wp-content/uploads/2022/07/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2022/07/GettyImages-868706106-e1658838091501.jpg?resize=130,86
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d608adbfa57a72009f7d3f6426bb3326c96de7c4fd37984d076b1f7f2fd8a876

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 89 30 443
last-modified
Tue, 26 Jul 2022 13:49:39 GMT
server
nginx
etag
"9da606673518ddf4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3512
expires
Wed, 26 Jul 2023 13:49:39 GMT
track.aspx
data.queryly.com/ 		0
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.queryly.com/track.aspx?related=1&queryly_key=58971d435c9a4cef&tracktype=related&visitorid=469190799&pageurl=%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.82.218.135 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:17 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
private
Content-Length
119
GraphikCondensed-Bold-Web.woff2
fortune.com/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/fonts/GraphikCondensed-Bold-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
63ab8480fe37b50fe05a027d25e59719c798c199b383b02e8f1f0174e77bc8ff

Request headers

Referer
https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Origin
https://fortune.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:09:04 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 09:58:01 GMT
server
nginx
age
1633
etag
W/"8d65-17fd51c6028"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
36197
x-amz-cf-id
o4190xu2urJ5M_yoFWS7RyysYsdxAoziZdnhrG7BRKDecWd8JavfPw==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97981691-5&cid=723129747.1663612577&jid=813076850&_u=YEBAAEAAQAAAAC~&z=1846785463
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97981691-5&cid=723129747.1663612577&jid=813076850&_u=YEBAAEAAQAAAAC~&z=1846785463
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2-c/s/0.6.40/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-c/s/0.6.40/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56053647
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1539 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-encoding
br
etag
"1d8c7baa5622330"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0obYoYwAAAAB3FZvRH1CBTZC7wr7rPBkMRVdSMzBFREdFMDYxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
prebid
ib.adnxs.com/ut/v3/ 		19 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:17 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1532e601-e7f8-423d-978d-54c5de3f73fd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://fortune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fortune.com
date
Mon, 19 Sep 2022 18:36:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		308 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21876&site_id=303160&zone_id=2533820&size_id=15&rf=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&tg_i.pbadslot=21809533738%2Ffortune%2Ftech%2Farticle%2Frightrailflex&tk_flint=pbjs_lite_v6.18.0&x_source.tid=e3c16465-df71-4199-bf8a-6166a98ee37e&l_pb_bid_id=65641a6319a3df&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=21809533738%2Ffortune%2Ftech%2Farticle%2Frightrailflex&slots=1&rand=0.9368283417405932
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a42ff7bb74c439ba61ad23d88161f3eb1a09b6ec57679ecb3fa57c393d487a32

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://fortune.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
308
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		36 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=870455&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22717b911b94c671%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2287624046fb9263%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22870455%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2221809533738%2Ffortune%2Ftech%2Farticle%2Frightrailflex%22%2C%22gpid%22%3A%2221809533738%2Ffortune%2Ftech%2Farticle%2Frightrailflex%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dca39abed928ad482320d9a39de6e8cf7f0be80b4b08710107521e00dacb65a6

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaK9nz0GIyFe3xilG149lozFzwS32eHewlE80lugB%2BSXsaMq0YtWvtmUKXi61uR1SpclcrH7RzJOTnUkcErzX%2F%2BLHbwz0NZOOxE4H4mT4lih5jfI6r64wWTnup%2FLxqLdjXs4dQCs"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://fortune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d46d10db08a214-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		325 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21876&site_id=303160&zone_id=2533818&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&tg_i.pbadslot=21809533738%2Ffortune%2Ftech%2Farticle%2Fleaderboard&tk_flint=pbjs_lite_v6.18.0&x_source.tid=cf9d938c-53e0-4a0c-946f-95b6fa06bb6a&l_pb_bid_id=108ee849ff8d42e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=21809533738%2Ffortune%2Ftech%2Farticle%2Fleaderboard&slots=1&rand=0.1717367302613415
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a5f6fab3a937200eac3252cae4daf874f53e7395665c0032144b01a2f99cc54d

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://fortune.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
325
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
244fb24a9241db5816d0fdbd7b37a12b18cbab9fc2fcb650358b041ef9e6e77e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:17 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
90f09d3f-f5bc-457d-86b4-29eba32252fd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://fortune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=870455&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221323aed9ab046c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221470b7d7eb72547%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22870455%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22870455%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A66%2C%22ext%22%3A%7B%22siteID%22%3A%22870455%22%2C%22sid%22%3A%22970x66%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22870455%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2221809533738%2Ffortune%2Ftech%2Farticle%2Fleaderboard%22%2C%22gpid%22%3A%2221809533738%2Ffortune%2Ftech%2Farticle%2Fleaderboard%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb81a69cc0c4bf896384806e578b445c5bbe767ccb0c943b1c6bbace4a77f53

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLqIMJbi2KR6P9Pzaku%2Fh26s2Ec9IVJQs7ywrjv3V6LRCrwQaTmYbZRhztttYkp6n5X0ZeqaIm8n%2BFOWf7Ylrhb6oZmQW5RgKlvxRPUKajh3HKHiHjlXx6q8QWHwBaFhDGKp4eEb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://fortune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d46d110b6ea214-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fortune.com
date
Mon, 19 Sep 2022 18:36:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
iu3
s.amazon-adsystem.com/ Frame 2001
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&dcc=t
353 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5834656be9209eff52e4ab26fe8d17bad503b6db056c93f9eef31395a6f5b85b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
353
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 18:36:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
5HYKXHN6C45C9BKC8R25

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 18:36:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
H1A3XDHQEY294B1GP1MV
/
www.facebook.com/tr/ Frame 5043 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://fortune.com
Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://fortune.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 18:36:17 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
localization.svg
buy.tinypass.com/widget/dist/checkout/css/img/ Frame 43C6 		889 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/checkout/css/img/localization.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f88adf5feabb115fa35dd2ea8f232ec72c1e542b23d46c478e97735868d61df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 13:39:54 GMT
server
cloudflare
age
41905
etag
W/"889-1663335594000"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=10368000
strict-transport-security
max-age=86400; includeSubDomains
cf-ray
74d46d1168874bcb-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 17 Jan 2023 18:36:17 GMT
fail-icon.png
buy.tinypass.com/widget/dist/checkout/css/img/ Frame 43C6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/checkout/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5971
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
wn
prod-dash-10-0-95-165
last-modified
Fri, 16 Sep 2022 13:39:56 GMT
server
cloudflare
etag
W/"2177-1663335596000"
strict-transport-security
max-age=86400; includeSubDomains
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
74d46d11688b4bcb-YUL
expires
Mon, 19 Sep 2022 20:36:17 GMT
stroke-error-icon.png
buy.tinypass.com/widget/dist/checkout/css/img/ Frame 43C6 		486 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/checkout/css/img/stroke-error-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995a5c73cdb06e5f92cb7f719c7ee29e2e7bc469499424fc8f63f7d2c188d3a8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5971
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
486
wn
prod-dash-10-0-123-85
last-modified
Fri, 16 Sep 2022 13:39:56 GMT
server
cloudflare
etag
W/"486-1663335596000"
strict-transport-security
max-age=86400; includeSubDomains
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
74d46d11688c4bcb-YUL
expires
Mon, 19 Sep 2022 20:36:17 GMT
btn-close.png
buy.tinypass.com/widget/dist/checkout/css/img/ Frame 43C6 		1008 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/checkout/css/img/btn-close.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0491cd40b63014bcdea91827463e6868e7c785e29ff051a24f00eb8a7a9be62a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5971
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1008
wn
prod-dash-10-0-143-81
last-modified
Fri, 16 Sep 2022 13:39:56 GMT
server
cloudflare
etag
W/"1008-1663335596000"
strict-transport-security
max-age=86400; includeSubDomains
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
74d46d11688d4bcb-YUL
expires
Mon, 19 Sep 2022 20:36:17 GMT
GraphikCondensed-Semibold-Web.woff2
fortune.com/static/media/ Frame 43C6 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/static/media/GraphikCondensed-Semibold-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/static/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx / Express
Resource Hash
525a443fc223f054b1513e295c58dc80b8ed16b0aba5ed9c871363d4b8dfafd9

Request headers

Referer
https://fortune.com/static/css/fonts.css
Origin
https://buy.tinypass.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 13:01:35 GMT
content-encoding
gzip
age
1489023
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
35822
x-rq
dca6 0 2 9980
last-modified
Fri, 02 Sep 2022 12:59:13 GMT
server
nginx
etag
W/"8bcd-182add43d80"
access-control-allow-methods
GET, HEAD
content-type
font/woff2
via
1.1 7eb1986bc2b6151cfcbcefbaa656508a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
MtroIem0xI3VPfxKcyLjXpIGr4DjHcI_i2sUu-BnqeRJhcUPXmUyWQ==
expires
Sat, 02 Sep 2023 13:01:35 GMT
collect
i.clarity.ms/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://fortune.com
date
Mon, 19 Sep 2022 18:36:16 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
fortune_inline_solicitation.png
content.fortune.com/wp-content/uploads/2021/08/ Frame 43C6 		922 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2021/08/fortune_inline_solicitation.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6e104eb984d3b0ffa5ba73224daa7f86af3387959f007f705d50d8a97ba64f17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 89 30 443
last-modified
Mon, 04 Jul 2022 05:07:34 GMT
server
nginx
etag
"d052c489643a5864"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
922
expires
Tue, 04 Jul 2023 05:07:34 GMT
FORTUNE_LOGO_LOCKUP-2.png
content.fortune.com/wp-content/uploads/2021/08/ Frame 43C6 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.fortune.com/wp-content/uploads/2021/08/FORTUNE_LOGO_LOCKUP-2.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4254 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e99b820fdf1436051086020e27ae6ebd0e982c31b712dd45b13222eb7a6489a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-rq
yyz1 89 30 443
last-modified
Mon, 04 Jul 2022 05:07:34 GMT
server
nginx
etag
"278baaeb246ff8b4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11016
expires
Tue, 04 Jul 2023 05:07:34 GMT
css
fonts.googleapis.com/ Frame 43C6 		8 KB
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat|Roboto:400,500,700&subset=cyrillic
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
463b2cb380310ff46fc138eb9117590d62eab649eaa3388e9177322b02b3f1ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 18:03:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 18:36:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 18:36:17 GMT
fonts.css
fortune.com/static/css/ Frame 43C6 		3 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fortune.com/static/css/fonts.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx / Express
Resource Hash
a514876a0c7efb037a90cceb8c1f72d2a94f1b1936376de06fdc23c07e331c0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 19:57:26 GMT
via
1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
age
2673556
x-powered-by
Express
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
417
x-rq
dca6 0 2 9980
last-modified
Fri, 19 Aug 2022 19:57:01 GMT
server
nginx
etag
W/"dc6-182add43d80"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
x-amz-cf-id
KTEdzHfom0qlYQ6IB2-6lcIm4LgSuGXX4f0CjX3ogk1YyrEN3SWt3g==
expires
Sat, 19 Aug 2023 19:57:26 GMT
cropped_cfQj2fM3zj_1_q1n1rg.png
buy.tinypass.com/ml/ Frame 43C6 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/ml/cropped_cfQj2fM3zj_1_q1n1rg.png
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0db05ca421ddd5f9a15ad3389d28f999589686177af3e7859f20c50248f105a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3251
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18693
wn
prod-dash-10-0-84-222
last-modified
Wed, 27 Nov 2019 17:26:07 GMT
server
cloudflare
etag
"5ddeb1af-4905"
strict-transport-security
max-age=86400; includeSubDomains
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
74d46d11b91f4bcb-YUL
expires
Mon, 19 Sep 2022 20:36:17 GMT
GraphikCompact-Regular-Web.woff2
fortune.com/static/media/ Frame 43C6 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/static/media/GraphikCompact-Regular-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/static/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx / Express
Resource Hash
d40696bc4b5b9ea9b2da31c5ee28c13af4046935d1caf28f1786fe3d53bf6ce1

Request headers

Referer
https://fortune.com/static/css/fonts.css
Origin
https://buy.tinypass.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 23:15:30 GMT
content-encoding
gzip
age
3180206
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
33162
x-rq
dca6 0 2 9980
last-modified
Sat, 13 Aug 2022 23:12:51 GMT
server
nginx
etag
W/"8169-181f434dc90"
access-control-allow-methods
GET, HEAD
content-type
font/woff2
via
1.1 7eb1986bc2b6151cfcbcefbaa656508a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
Eg4bL_IBb7RkiZZODtWAPGAWSLDN2Jg9xos27yDz5rzYuZpYVlGN1w==
expires
Sun, 13 Aug 2023 23:15:30 GMT
GraphikCondensed-Medium-Web.woff2
fortune.com/static/media/ Frame 43C6 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/static/media/GraphikCondensed-Medium-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/static/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx / Express
Resource Hash
f573c2e1dfb5d93082165fe7b99287a3e81f4f17453a76c90e56ceba0c55fa5c

Request headers

Referer
https://fortune.com/static/css/fonts.css
Origin
https://buy.tinypass.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:33:43 GMT
content-encoding
gzip
age
2545613
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
35690
x-rq
dca6 0 2 9980
last-modified
Sun, 21 Aug 2022 07:29:24 GMT
server
nginx
etag
W/"8b49-182add43d80"
access-control-allow-methods
GET, HEAD
content-type
font/woff2
via
1.1 7eb1986bc2b6151cfcbcefbaa656508a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
aeUxxbe_rqPpAq9UCqbc2LyRxFSKZPYnqrVduMqEEir8zzFOjWX3gw==
expires
Mon, 21 Aug 2023 07:33:43 GMT
trackShow
buy.tinypass.com/checkout/offer/ Frame 43C6 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/offer/trackShow
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1814a8ec6f75b2b04cb5abe1f34802ddf4ed401b25696e789bd62a3f8fdfdd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Ng-Request
1
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.paywall-selector&templateId=OTZ5HXLTMLS6&templateVariantId=OTV7CVEEK2PNE&offerId=OFT1CTKDWTAV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CF86TD98E4DC&experienceId=EXFBY17T30VC&widget=offer&iframeId=offer-0-hxlrr&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&debug=FALSE&aid=cfQj2fM3zj&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=624&_qh=4a9fb10e40
X-Requested-With
XMLHttpRequest
Piano-request-without-spinner
1

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
x-request-id
MhozgirPwBU
pragma
no-cache
wn
prod-dash-10-0-85-66
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
*
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buy.tinypass.com
cache-control
no-cache, no-store, must-revalidate
server-time
0.001
cf-ray
74d46d1219bc4bcb-YUL
expires
Thu, 01 Jan 1970 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=63e72aad-78ba-4502-891f-9d9ff3d2f6bc
Requested by
Host: e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
URL: https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2c672eb9031790146f139e0a9ea780dc084f1144e90f27199f002f1653e8e4bb

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://fortune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
via
1.1 google
GraphikCondensed-Semibold-Web.woff2
fortune.com/static/media/ Frame 43C6 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortune.com/static/media/GraphikCondensed-Semibold-Web.woff2
Requested by
Host: fortune.com
URL: https://fortune.com/static/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-96.ewr52.r.cloudfront.net
Software
nginx / Express
Resource Hash
525a443fc223f054b1513e295c58dc80b8ed16b0aba5ed9c871363d4b8dfafd9

Request headers

Referer
https://fortune.com/static/css/fonts.css
Origin
https://buy.tinypass.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 13:01:35 GMT
content-encoding
gzip
age
1489023
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
35822
x-rq
dca6 0 2 9980
last-modified
Fri, 02 Sep 2022 12:59:13 GMT
server
nginx
etag
W/"8bcd-182add43d80"
access-control-allow-methods
GET, HEAD
content-type
font/woff2
via
1.1 7eb1986bc2b6151cfcbcefbaa656508a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
6EslbvIj5CJzRJJnl6_iCc6rjyg3UhGB3NDxXSN6y_uMt_OXQZrumg==
expires
Sat, 02 Sep 2023 13:01:35 GMT
performanceMetrics
buy.tinypass.com/api/v3/anon/assets/ 		165 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/performanceMetrics?tbc=%7Bkpex%7DR7-Fg2aJY0M4tYvYhA4wedqqeIUQhuWkXXSfwPFACSLoawb0yPd119VBIOUxmKcB&aid=cfQj2fM3zj&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp132
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c11a782f5aa74c8f54ce7612bb661be87ff9ba807c9f95ea25db39262fb9d4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d124a084bcb-YUL
date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-123-85
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
p3p
CP="NON DSP COR OUR IND"
server-time
0.001
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MhozgirT6lU
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=fortune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fortune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 18:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=650689367814924&correlator=1447811551150515&eid=31068498%2C31069473%2C31069626&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=21809533738%2Cfortune%2Ctech%2Carticle%2Crightrailflex&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=1&adks=4001481123&sfv=1-0-38&fsapi=false&prev_scp=index%3D1%26placement_name%3DRightRailFlex%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ch%3Dtech%26cid%3D3372647%26ctype%3Darticle%26host%3Dfortune.com%26premiumCategory%3DP-Reported%26pv%3D1%26tags%3DUber%252Ccomputer%2520hacks%26topics%3D%26permutive%3D99349%252Crts&sc=1&cookie_enabled=1&abxe=1&dt=1663612577676&lmt=1663612577&dlt=1663612575725&idt=1159&adxs=1172&adys=742&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=300x250&msz=300x0&fws=0&ohw=0&ga_vid=723129747.1663612577&ga_sid=1663612578&ga_hid=1768155718&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f392578775cd8233a4b50137aafc013c948a0009b2d9b9b1f0d37c94dcc9176d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14135
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fortune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D11A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 18:36:17 GMT
expires
Tue, 19 Sep 2023 18:36:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ixmatch.html
js-sec.indexww.com/um/ Frame 48BC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-10-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 18:36:17 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E3C1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48065
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:17 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:57:22 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9453 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-10-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 18:36:17 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC4B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48065
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:17 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:57:22 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1019 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 18:36:17 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D8CA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
36153
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 19 Sep 2022 18:36:17 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 208449
X-Served-By
cache-lga21963-LGA, cache-yul12833-YUL
X-Timer
S1663612578.758384,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 835E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
36153
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 19 Sep 2022 18:36:17 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 208450
X-Served-By
cache-lga21963-LGA, cache-yul12833-YUL
X-Timer
S1663612578.773964,VS0,VE0
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=650689367814924&correlator=1447811551150515&eid=31068498%2C31069473%2C31069626&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=21809533738%2Cfortune%2Ctech%2Carticle%2Cleaderboard&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%7C970x90%7C970x66%7C728x90&ifi=2&adks=3137182254&sfv=1-0-38&fsapi=false&prev_scp=index%3D1%26placement_name%3DLeaderboard%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ch%3Dtech%26cid%3D3372647%26ctype%3Darticle%26host%3Dfortune.com%26premiumCategory%3DP-Reported%26pv%3D1%26tags%3DUber%252Ccomputer%2520hacks%26topics%3D%26permutive%3D99349%252Crts&sc=1&cookie_enabled=1&abxe=1&dt=1663612577707&lmt=1663612577&dlt=1663612575725&idt=1159&adxs=315&adys=150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=1600x300&msz=1600x300&fws=0&ohw=0&ga_vid=723129747.1663612577&ga_sid=1663612578&ga_hid=1768155718&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d045dc415bb458b14b4f4f6be2f5c92794dc1cca04e00d7ffc72724b5f7497ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14113
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fortune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 9B17 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
07ba7aa8b89ac2eea1b2ba0e46d12fa2d5908531d1a50c3eb8e6424c6bc57de6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2971
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 18:36:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4Z9EWD68QS4NT3CXVK1B
pxusr.gif
c.aaxads.com/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-193-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 18:36:17 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=464552
accept-ranges
bytes
content-length
43
expires
Sun, 25 Sep 2022 03:38:49 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.73.161 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-73-161.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 19 Sep 2022 18:36:17 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=887531
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 30 Sep 2022 01:08:28 GMT
ecm3
s.amazon-adsystem.com/ Frame 9B17
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=8EC54A6829BD4C6ABB9350DA90352755&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=8EC54A6829BD4C6ABB9350DA90352755&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:17 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
68PFNTFZWM1HYJPM24SS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 19 Sep 2022 18:36:17 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=8EC54A6829BD4C6ABB9350DA90352755&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 18 Sep 2022 18:36:17 GMT
amzns2s
rtb.gumgum.com/usync/ Frame F989 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.63.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-63-11.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1a1cfa3552291015462ae73d5e19468e11eefb3f31c48c342ddf88017bd4afdd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 18:36:17 GMT
etag
W/"0c02a386b2d20c342c81eea10dfb941ec"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 15B4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de65091be63aa33e678ea73c676e76cd34dfe36edeb5ef24261db9dbbbf68ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d46d149c0fa1d8-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlxT2zAPsf8%2BEsztVstfX4Oh7%2BauJGSu4UWzMCxkpzVxMFR72Y79TiVSp487lUdZxK8kC%2Fw5TRxI2VpWIAf7nemH6VgFZsCx7UCGjtDoeGrS4zg%2Bs5YTchACTFfmgwuPzW6Ru4oc1cxyFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d46d13ef04548b-YYZ
content-length
0
date
Mon, 19 Sep 2022 18:36:17 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td3CvNbN48xo6livk%2BbWcPXI0A8w%2Bm4rEAAvntoRlvaX%2FvQ3egfq0qdOTMG%2ByEtmgiTbAxgdlyykgD27xaoO6sih9rf3Ta57LazCIaUkIh5kGrC9AdJmIJxuTxq%2F%2BxsBCk8Wqr6iUltAcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame B3B9 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.176.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-176-143.compute-1.amazonaws.com
Software
/
Resource Hash
21dbb6def135a8742425ea11e7dc90ba143d2ed21ea6ad590b24fbf5b016a765

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Mon, 19 Sep 2022 18:36:18 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D96 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48065
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:17 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:57:22 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C21D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 18:36:17 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 0E99
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS12amQ5TVVCRTJ1SWJCZkJRSld5eFA1NHV5ZHVRY0g2SX5B&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS12amQ5TVVCRTJ1SWJCZkJRSld5eFA1NHV5ZHVRY0g2SX5B&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XSQ47VA4HR1F52AB1SNE

Redirect headers

age
0
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS12amQ5TVVCRTJ1SWJCZkJRSld5eFA1NHV5ZHVRY0g2SX5B&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame C903
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
722 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4b722b3feafcfd9fb99a9d123b2e5ef2acb13d024e9883d97715cdb7de423fb0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
461
content-type
text/html
date
Mon, 19 Sep 2022 18:36:17 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 19 Sep 2022 18:36:17 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame AD1E
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=75a924ef5dd19e5&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&g...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJN7x6F5-LjAMqD5cjAAAAAAA&expiration=1663698978&is_secure=true&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJN7x6F5-LjAMqD5cjAAAAAAA&expiration=1663698978&is_secure=true&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QRMJKHF1FKJCJW5E2Q6Q

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJN7x6F5-LjAMqD5cjAAAAAAA&expiration=1663698978&is_secure=true&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame B064
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=6120805245256493692&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6120805245256493692&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
X4R5TMH0J5QA9Q6W7MRA

Redirect headers

AN-X-Request-Uuid
4700df6c-27ab-4b90-9285-034cbd455732
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 18:36:17 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=6120805245256493692&ex=appnexus.com&gdpr=0
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame 935F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3200019522267894042
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3200019522267894042
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KTWH93Q7N0JD1RK06Z3H

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Mon, 19 Sep 2022 18:36:17 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3200019522267894042
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
aacxs.php
c.aaxads.com/ Frame 16CD 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aacxs.php?flg=AAXT2MIP9&fv=1&fy=37&ke=1&suylg=271%2C272%2C295%2C203%2C175%2C159%2C79%2C108%2C356%2C97%2C310%2C201%2C3007%2C368%2C29%2C291%2C241%2C267%2C141%2C265%2C229%2C209%2C292%2C251%2C282&yvVbqf=1&uhiXuo=https%3A%2F%2Ft.co%2F&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXT2MIP9&hst=fortune.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-193-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9ea67f062d95061414467e41ee31da457f9aba91276a8444b4d1a9a572caf34c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=147859
content-encoding
gzip
content-length
9435
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
Wed, 21 Sep 2022 11:40:37 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
PugMaster
image6.pubmatic.com/AdServer/ Frame E3C1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44992623&p=162221&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
eb92decdba565a4e468aeb25d8bb13256e6fb1740b49b777e16a5046fe4d678e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
log
l3.aaxads.com/ 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=189&dgw=desktop&flg=AAXT2MIP9&fw=MONTREAL&ff=CA&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=fortune.com&vhuyqdph=ssp-serving-7576c6bcd4-bjdmr&vyu=091912_447_091912_400_ssp&vf=QC&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001663612577739025035145541929&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=5&dgeg=0&qsd=0&jgsu=0&fvvwu=&wfi_fps=47&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=1---&xifd=0&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=187&fhqg=22&hqg=47&gvwduw=22&fvwduw=22&vwduw=22&uhtxuo=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&nzui=https%3A%2F%2Ft.co%2F
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-193-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 19 Sep 2022 18:36:18 GMT
content-length
35
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame D8CA 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:17 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
78d0795c-cb5f-4652-a593-1e26fc6f6352
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 835E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:17 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f3451619-c070-4563-b4ec-02beece7bd87
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6120805245256493692
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6120805245256493692
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a80001f3-68f7-4323-a467-264586b328a2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=6120805245256493692
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_49596e47-8976-4037-930a-e1114267411b&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_49596e47-8976-4037-930a-e1114267411b&gdpr=0&gdpr_consent=&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=5c70ac8d-6535-4480-85a0-b7bb33e50db8
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=5c70ac8d-6535-4480-85a0-b7bb33e50db8
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=5687e45e-9c89-4d96-b019-2720ba000758&expires=3&user_group=1&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=5c70ac8d-6535-4480-85a0-b7bb33e50db8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=5c70ac8d-6535-4480-85a0-b7bb33e50db8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=5c70ac8d-6535-4480-85a0-b7bb33e50db8
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame F989
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%281NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_49596e47-8976-4037-930a-e1114267411b&obuid=ENC(1NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cs.emxdgt.com/um?gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3D1NIBfvHJbxJo_nw3Us...
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=6120805245256493692brt53591663612578109748b7&obUid=1NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT&gdpr=$GDPR_APPLIES&gdpr_consent=$...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=emx&uid=6120805245256493692brt53591663612578109748b7&obUid=1NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
no-cache
X-TraceId
27be83507e564548872d06e6ea51362d
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=emx&uid=6120805245256493692brt53591663612578109748b7&obUid=1NIBfvHJbxJo_nw3UsQt6_J8zrFRxDJRVPbE8aymm2GPd-bVC7XxRGEAQD3AdiOT&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
date
Mon, 19 Sep 2022 18:36:18 GMT
content-length
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c60735f8-2189-0977-1ee1-76b1521432a9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=c60735f8-2189-0977-1ee1-76b1521432a9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Mon, 19 Sep 2022 18:36:18 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=c60735f8-2189-0977-1ee1-76b1521432a9
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3c7ee8d1-8c13-4f1c-55d0-347124fb72b9$ip$149.56.153.186
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-3c7ee8d1-8c13-4f1c-55d0-347124fb72b9$ip$149.56.153.186
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-3c7ee8d1-8c13-4f1c-55d0-347124fb72b9$ip$149.56.153.186
Date
Mon, 19 Sep 2022 18:36:18 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-6dHzvSlE2pcqQCGN8oRdX1DUhTsYebhryvJd~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-6dHzvSlE2pcqQCGN8oRdX1DUhTsYebhryvJd~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Mon, 19 Sep 2022 18:36:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-6dHzvSlE2pcqQCGN8oRdX1DUhTsYebhryvJd~A
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=70108df5-f3d8-480d-bd9e-69c20d5aa43b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=70108df5-f3d8-480d-bd9e-69c20d5aa43b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=70108df5-f3d8-480d-bd9e-69c20d5aa43b
Date
Mon, 19 Sep 2022 18:36:18 GMT
X-CI-RTID
8a95c247-cff9-44b7-a376-77d3f039800d
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=4CDA0D90037F47AA87AE71D2CF5693E0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=4CDA0D90037F47AA87AE71D2CF5693E0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Mon, 19 Sep 2022 18:36:18 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=4CDA0D90037F47AA87AE71D2CF5693E0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
x-varnish
635130335
content-length
0
142
match.deepintent.com/usersync/ Frame F989 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_49596e47-8976-4037-930a-e1114267411b&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=u8jv3sNaccSLnXoBtA94&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25JYNJ3DG42OMFRWGU2MNZMG6QTUIE4TI
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=u8jv3sNaccSLnXoBtA94
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=u8jv3sNaccSLnXoBtA94
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=u8jv3sNaccSLnXoBtA94
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=cfb88db2-f1af-4aec-a059-746209a21a29
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=cfb88db2-f1af-4aec-a059-746209a21a29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=cfb88db2-f1af-4aec-a059-746209a21a29
date
Mon, 19 Sep 2022 18:36:18 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
floor6
sync.1rx.io/usersync2/ Frame F989 		0
0
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=hTGmWjn9Fd5u&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=hTGmWjn9Fd5u&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=hTGmWjn9Fd5u&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-75d8c985f8-cqhvh
expires
-1
usersync
usersync.gumgum.com/ Frame F989
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7318505572738817141
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7318505572738817141
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7318505572738817141
date
Mon, 19 Sep 2022 18:36:18 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame F989 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_49596e47-8976-4037-930a-e1114267411b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
24CS91BZTF99X9TW2SM4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 299F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=958e6328-b6a2-4500-9f16-c30e64ff363f&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=958e6328-b6a2-4500-9f16-c30e64ff363f&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
Mon, 19 Sep 2022 18:36:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4447 e18e916 master iad-pixel-x1 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=958e6328-b6a2-4500-9f16-c30e64ff363f&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 4C38 		0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12827-YUL
x-timer
S1663612578.042345,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 8B1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80OTU5NmU0Ny04OTc2LTQwMzctOTMwYS1lMTExNDI2NzQxMWI=&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80OTU5NmU0Ny04OTc2LTQwMzctOTMwYS1lMTExNDI2NzQxMWI=&gdpr=0&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80OTU5NmU0Ny04OTc2LTQwMzctOTMwYS1lMTExNDI2NzQxMWI=&gdpr=0&gdpr_consent=&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
364
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80OTU5NmU0Ny04OTc2LTQwMzctOTMwYS1lMTExNDI2NzQxMWI=&gdpr=0&gdpr_consent=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7A3E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48065
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:17 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:57:22 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 982D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=53df53d6-41a0-4e70-b2c8-112deb2da6d0
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 19 Sep 2022 18:36:18 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=53df53d6-41a0-4e70-b2c8-112deb2da6d0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 3B33
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=6120805245256493692&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=6120805245256493692brt53591663612578109748b7
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=6120805245256493692brt53591663612578109748b7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Mon, 19 Sep 2022 18:36:17 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=6120805245256493692brt53591663612578109748b7
usersync
usersync.gumgum.com/ Frame 734B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Yyi2osCo8XoAAIjLQqYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Yyi2osCo8XoAAIjLQqYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 18:36:18 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Yyi2osCo8XoAAIjLQqYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
59
X-SO-HostName
a-ad40267.dc2p.scaleout.jp
X-SO-IP
149.56.153.186
X-SO-Key
Yyi2osCo8XoAAIjLQqYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":59,"gdpr":false,"ipv4":"149.56.153.186","key":"Yyi2osCo8XoAAIjLQqYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40267"}
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40267
usersync
usersync.gumgum.com/ Frame 0CEA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Yyi2oRn-d19SCE-bk5iq7gAA%26475
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Yyi2oRn-d19SCE-bk5iq7gAA%26475
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d46d149c13a1d8-YYZ
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Yyi2oRn-d19SCE-bk5iq7gAA%26475
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OZCPiZMizFl6y1JrlDoRZUCVYmyZICg0ZSUnqYqF%2BfyvrHUZBrU3A7bbd5x%2FkQFHC7GlQotJACHO5VDAhLusdsCr%2BuIxkWF8Wu77KF07PzozLenlvTEqm5y7SyaVC%2BnZhXn6Gpi6RvyJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 44BA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=GKxsg7NdO6Ulj0UQfSvt&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=GKxsg7NdO6Ulj0UQfSvt&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT Mon, 19 Sep 2022 18:36:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=GKxsg7NdO6Ulj0UQfSvt&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 9C1E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 18:36:18 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 1019 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aeafd0e6947ea33fb66ac27d1039753ebc76fcbd97cc30437962bbb29fadcbff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49580
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 20 Sep 2022 08:22:38 GMT
usync.js
eus.rubiconproject.com/ Frame C21D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aeafd0e6947ea33fb66ac27d1039753ebc76fcbd97cc30437962bbb29fadcbff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49580
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 20 Sep 2022 08:22:38 GMT
match
c1.adform.net/serving/cookie/ Frame 60BF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame AFDF 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12827-YUL
x-timer
S1663612578.042449,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame 68E4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDQVFVN0dVVzBBQUE2dlNoaEJoUQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACAQU7GUW0AAA6vShhBhQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACAQU7GUW0AAA6vShhBhQ&pid=558502&do=add
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AACAQU7GUW0AAA6vShhBhQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAQU7GUW0AAA6vShhBhQ
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAQU7GUW0AAA6vShhBhQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 18:36:18 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAQU7GUW0AAA6vShhBhQ
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame FCF6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5a0a6328-b6a2-4400-8bd0-562584635c9b&gdpr=0&gdpr_consent=
42 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5a0a6328-b6a2-4400-8bd0-562584635c9b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:18 GMT
Expires
Mon, 19 Sep 2022 18:36:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master iad-pixel-x10 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5a0a6328-b6a2-4400-8bd0-562584635c9b&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E3C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xIJedFHIS6OFuL0wLbtJ7A%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xIJedFHIS6OFuL0wLbtJ7A%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 18:36:18 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48064
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Tue, 20 Sep 2022 07:57:22 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame E3C1
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEM0ODI1RTc0LTUxQzgtNEJBMy04NUI4LUJEMzAyREJCNDlFQxAAGg0Iou2imQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a0c245c7e837d9273a8e5dbef1e9e3b3da6b763f14ce1404961f8383261d51b2791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhMGMyNDVjN2U4MzdkOTI3M2E4ZTVkYmVmMWU5ZTNiM2RhNmI3NjNmMTRjZTE0MDQ5NjFmODM4MzI2MWQ1MWIyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhMGMyNDVjN2U4MzdkOTI3M2E4ZTVkYmVmMWU5ZTNiM2RhNmI3NjNmMTRjZTE0MDQ5NjFmODM4MzI2MWQ1MWIyNzkxNDI2YjU0MTdkY2UyMRAAGgwIou2imQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=cdfdb74a-fcb7-4739-a9b5-da4d08df0aee
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=cdfdb74a-fcb7-4739-a9b5-da4d08df0aee
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 18:36:18 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=cdfdb74a-fcb7-4739-a9b5-da4d08df0aee
date
Mon, 19 Sep 2022 18:36:18 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame E3C1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=eddb6328-b6a2-4500-9514-4b380244cff4
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=eddb6328-b6a2-4500-9514-4b380244cff4
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 19 Sep 2022 18:36:18 GMT
Server
MT3 4505 5b23575 master iad-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=eddb6328-b6a2-4500-9514-4b380244cff4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 18:36:17 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E3C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQ4MjVFNzQtNTFDOC00QkEzLTg1QjgtQkQzMDJEQkI0OUVD&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQ4MjVFNzQtNTFDOC00QkEzLTg1QjgtQkQzMDJEQkI0OUVD&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E3C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKB6DIZHGVO-UiRM7eu_KkQ&google_cver=1
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKB6DIZHGVO-UiRM7eu_KkQ&google_cver=1
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKB6DIZHGVO-UiRM7eu_KkQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E3C1
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 19 Sep 2022 18:36:18 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 18 Sep 2022 18:36:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E3C1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3200019522267894042&gdpr=0&gdpr_consent=&us_privacy=
1 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3200019522267894042&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3200019522267894042&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame E3C1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53df53d6-41a0-4e70-b2c8-112deb2da6d0
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53df53d6-41a0-4e70-b2c8-112deb2da6d0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
C4825E74-51C8-4BA3-85B8-BD302DBB49EC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E3C1 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C4825E74-51C8-4BA3-85B8-BD302DBB49EC?gdpr=0&gdpr_consent=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:bd6e:9687:3c8c:35dc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame E3C1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rGXpQl5E2uUAiQqn3_3H44Nqs5SuQsA-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rGXpQl5E2uUAiQqn3_3H44Nqs5SuQsA-~A&gdpr=0&gdpr_consent=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rGXpQl5E2uUAiQqn3_3H44Nqs5SuQsA-~A&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 18:36:18 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame C903 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=69ecedf5-1536-8adb-b994-e4cbf277f80f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
YCFWJRY82VW4SKXDVTZY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame C903 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663612578.042449,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12827-YUL
a5fdf7cc-9930-a368-484d-70a96513fea6
pr-bh.ybp.yahoo.com/sync/openx/ Frame C903 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/a5fdf7cc-9930-a368-484d-70a96513fea6?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:bd6e:9687:3c8c:35dc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame C903
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=313a9188-099c-3121-799a-665c9a4433ef&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=313a9188-099c-3121-799a-665c9a4433ef&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=53df53d6-41a0-4e70-b2c8-112deb2da6d0&ttd_puid=313a9188-099c-3121-799a-665c9a4433ef&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=53df53d6-41a0-4e70-b2c8-112deb2da6d0&ttd_puid=313a9188-099c-3121-799a-665c9a4433ef&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=53df53d6-41a0-4e70-b2c8-112deb2da6d0&ttd_puid=313a9188-099c-3121-799a-665c9a4433ef&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame C903
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWQ1NTQyNDItYzBlYi02Zjg1LTZjN2EtM2NlNTUwYTZmZDhm
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWQ1NTQyNDItYzBlYi02Zjg1LTZjN2EtM2NlNTUwYTZmZDhm&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWQ1NTQyNDItYzBlYi02Zjg1LTZjN2EtM2NlNTUwYTZmZDhm&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWQ1NTQyNDItYzBlYi02Zjg1LTZjN2EtM2NlNTUwYTZmZDhm&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C903
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI_o5YWwjsg9BtTblc24Npw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI_o5YWwjsg9BtTblc24Npw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI_o5YWwjsg9BtTblc24Npw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 02F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 18:36:17 GMT
expires
Tue, 19 Sep 2023 18:36:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=63e72aad-78ba-4502-891f-9d9ff3d2f6bc
Requested by
Host: e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
URL: https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 18:36:18 GMT
content-encoding
gzip
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame C21D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=L893Z44B-D-24LO
  • https://s.amazon-adsystem.com/ecm3?id=L893Z44B-D-24LO&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L893Z44B-D-24LO&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
NCJQ8F5SXXDEYKQMRZ8P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L893Z44B-D-24LO&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
Expires
0
crum
dsum-sec.casalemedia.com/ Frame 15B4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yyi2oRn-d19SCE-bk5iq7gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDcvLAPrR7RdYKdjACaLWcA&google_cver=1
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDcvLAPrR7RdYKdjACaLWcA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d170ef55407-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7XnD550GOPD83CpEBGVIn3JcgH8rAZelxWgzzEY74lHazAfWW2CwBzRJ%2BXQAB94Apv3mOhbrdFI%2F3IGU5rPOjc9DhCxJ7N%2F5Rbn0wp3ec%2BaMbB6kGkpch0o3%2Bh6guQbWPyp85SdoX8frw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDcvLAPrR7RdYKdjACaLWcA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 15B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yyi2oRn_d19SCE_bk5iq7gAAAdsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDDOxZfpWd4hnKztYbfC0Lg&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDDOxZfpWd4hnKztYbfC0Lg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d1668b8a1d8-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iILlqZBOWHysmNm9QzJ%2B6Skt9B6FLoFOLTo%2BjJor%2BnYkiJowyPfc2QIv75QOeEtiqeFt1w1G%2B%2FKDE53%2FO0Q64JrnGbGux7wI5H2PoAPvEJbHumpe86dMSWHZb8NpEj1lfJsNredKnbQjqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDDOxZfpWd4hnKztYbfC0Lg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 15B4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&expiration=1666204578&gdpr=0&gdpr_consent=
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&expiration=1666204578&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d166a3da226-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsxPTuJm4UJ1sIM4KK23z%2FQ6zk1YiAFZ8ryqHkPrUiZXzHyA4oYbbJrnIq59R1wcZDQkbC2QC6qZ6eWs6Zjqwcei6FwPyYGnrcJXXJ0xAuOR5TTZTUezxAZzIxOFd7L3qq0meic92gM%2B2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&expiration=1666204578&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame 15B4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yyi2oRn_d19SCE_bk5iq7gAAAdsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
6KK1WG64YHQJS3J5N3PE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
r.casalemedia.com/ Frame 15B4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d19baee5437-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNvhxiD9CGWbPWOahH4965dPc%2BJQjwFVHcJy4ATWIFwtTQCz6QCMJDnpwa%2B0EQrbEt8D%2BPWFtGZMzp%2F%2BK3CPJQQB4jVt8s8TNxlmNOigI00kw3jdvrjvmFCzz%2Fvb3JqNH6fd"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 18:36:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
crum
dsum-sec.casalemedia.com/ Frame 15B4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4242432423704910180&expiration=1664822178
43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4242432423704910180&expiration=1664822178
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d166a49a226-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2e4Z0iiZxV6KLFreove01h0qIzTHlpJN9aQ6Q8%2FjQ2oNTh59%2FrNnDrZ0uuqABjJ5a4Rp%2FUyNBdhT6ljYDPWor%2FIZ12ytXUz0GsXc4snZpht7B0CakBtIF47GkMm6h60n7FYfDQ4j0Licg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4242432423704910180&expiration=1664822178
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 15B4
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a40f9cb1-bdee-45d9-9624-fd5057013345&expiration=1695148578
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a40f9cb1-bdee-45d9-9624-fd5057013345&expiration=1695148578
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d169aa7a226-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5KLShdpCjsiYBhJ88DVPkFimgFpdvVbi0fslyQUa7YeeiZvWbw1Jvn9tACudtlpcDBI0h7zX%2FUPdQrEVfHoIM5RQBsGK8t0potd9u1UGS2o1iILZj8ZSJPu9PIuN8wTG20Q8reyonHl8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a40f9cb1-bdee-45d9-9624-fd5057013345&expiration=1695148578
Date
Mon, 19 Sep 2022 18:36:18 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame 15B4
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=103e82932f519e5&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAJN7x6F5-LmgNc1iLSAAAAAAA&expiration=1663698978&is_secure=true
43 B
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAJN7x6F5-LmgNc1iLSAAAAAAA&expiration=1663698978&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d17ce4ca217-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md1TpedgmlYJyrhdUKgIM0K3lTjS%2BSf8ciNZT7oTRurXUHSeTFrri3A5WqsgxKkQsw9ysIvHlHJlZrEdhXgXkA66FVlLrnKV7QeeeuL2HPza1paeN9yCnS6bBEBv2x5cNLuoZv9B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAJN7x6F5-LmgNc1iLSAAAAAAA&expiration=1663698978&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 15B4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Yyi2oRn_d19SCE_bk5iq7gAAAdsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
TM7HKRJCHKSNYGWXB8YT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B3B9 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=541ee0c1-f4c3-4158-9d16-6f78c6714bc9
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
3F1X5S1TXQS2RBNHM6YH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame B3B9
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.45.176.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-176-143.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame B3B9
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L893Z44B-D-24LO
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L893Z44B-D-24LO
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.45.176.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-176-143.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L893Z44B-D-24LO
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
v1
match.sharethrough.com/sync/ Frame B3B9
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6120805245256493692
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6120805245256493692
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.45.176.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-176-143.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a905259a-33b6-4a59-956b-30a8bfe8c620
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6120805245256493692
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame B3B9
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L893Z44B-D-24LO
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L893Z44B-D-24LO
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.45.176.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-176-143.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L893Z44B-D-24LO
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
usync.js
eus.rubiconproject.com/ Frame 9C1E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aeafd0e6947ea33fb66ac27d1039753ebc76fcbd97cc30437962bbb29fadcbff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49580
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 20 Sep 2022 08:22:38 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 02F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C13dgobYoY63wL6W-hAbJg5_IC47PmJZsscOjitsLwI23ARABIABg_eiigfADggEXY2EtcHViLTIwMTg0ODQ2MjEyMzczMjOgAZX1m98DyAEJ4AIAqAMBqgTNAk_Qg5KGnI8Df-gRmwRPvn4dnu7N1NDlCfIx6ONPVUJQsRJy4DVoCAV4cjmkkfBWa0TVC06Rawh21mumM1vEzOV1uWElpjrpWxU-8cX4mvGggFLeAOYBGJOpgueMWizpIhUpqwJEO87EXH9eKtyi5YcFVowIlN3-YKxIV6DRe908KjnSCu2yufOD4PlIeslNupBLW-Spu1JtTDE7APHxB17lzYz1DEu6EOw5LGyDD_t7ciEamH8h7jcAqDz-Z9k5t3EeskSSem6A_bEhP_uSroNLq08R_nwTty2WQL6C5exWNxLlAzU5oyxvodPxseocxyI-UWXR6pEsAsK84D8PngjaJEHf4wVHJ2pU7IHC48jgT1ctvDiY7DvWLXpWVn5O3IoyhAiMfEXN7KI9epabzUSaeNU7tOf1jqsh4o7eXHxotUPyBgiWlax6kJkfwuAEAYAG78XChNmX7NajAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA4IiGEQATIDioIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yMDE4NDg0NjIxMjM3MzIzGPzdcA&sigh=1tyS4n0H9pk&uach_m=[UACH]&cid=CAQSPgCsnQUxKjDNG9wxo5sYSPb4segqLyilOLI_XeTKLKTx76eko-An8fYDcc9cGseLb_FaC_gwdLytKKBXtWaRGAEgEw
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
log
hblg.media.net/ Frame 02F8 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=CA&ctr=7.247613E-4&viewability=58&device_id=4&cbdp=0.091&slotVisibility=1&dn=fortune.com&acid=938cf58a7dab4d91a780d95f3e41cfee&ugd=4&size=970x250&pvid=313&csip=rtb-appnexus-97449b58f-2r62l.SC&ogbdp=0.12&prvReqId=934679223643_2079261191_11781238723131&itype=ADX&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&scrid=1700080812896700970025000001000&mang=1&bidrestime=1663612577907&cid=8CU1PUZJN&rme=nurl
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 19 Sep 2022 18:36:18 GMT
log
qsearch-a.akamaihd.net/ Frame 02F8 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.1200&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=1.0&adtyp=0&req_id=Yyi2oQAM5BsE0YnEYwClbQ&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=70.5372&exp=&fdbk_id=&second_bidder=*&search_res=24&floor_bucket=0.00&gpid_format=&seat=BID_API&size=970x250&url_l1=2022&f_seg=&url_l2=09&prdp=0.0912&ogcbdp=0.1200&dfpbd=0.0912&server=1&ogerpm_wd_bkt=0-1&model_version=202209170639_generic_adx_1-cid_0&viewability=0.5800&dmm_r=0.0000&cut=24&dmm_l=0.0000&as_cache=0&tcyerpm=&sc=CA-QC&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.10&ugd_ver=&requrl=fortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&bidrestime=1663612577907&cc=CA&strg=harmony&ss=&current_hour=18&time_stamp=2022-09-19+18%3A36%3A17&model_key=generic_adx_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.1200&ct=Montreal&akey=&mnckfl=0&bdp_bucket=0.10&algo=default&dc=east_sc&splid=&dn=fortune.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&buyer_id=&dmm_m10=1327846&bdp_wider_bucket=1&acid=938cf58a7dab4d91a780d95f3e41cfee&infl=&o_ver=NT+10.0&br_ver=105.0.5195.125&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=3&visibility=1&totalTime=3775599&dmm_m1=2022-09-19+18%3A36%3A17.909524231&e_rpm=0.0000&dmm_m22=0.1200&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU1PUZJN&bcrid=1700080812896700970025000001000&rawbid=0.1200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-appnexus-97449b58f-2r62l.SC&dfp_bucket=0.0&adblk=3137182254&itype=adx&pvid_seat=313_BID_API&cliIP=0&advurl=search.yahoo.com%2F&level_base=0&crid=117812387&sat=1&br_id=265&cut_bkt=25&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.12
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.63.77.163 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-63-77-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 19 Sep 2022 18:36:18 GMT
nmedianet.js
contextual.media.net/ Frame 02F8 		337 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU573VJ2
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d079ed9ed9d9448b879e7feef5c1b3f14e15271f0377755d6fe8b8f396e68a35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-21
content-encoding
gzip
server
Apache
etag
"5e530b865cff5445c198feed265e5dbc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 19 Sep 2022 18:36:18 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-34
expires
Mon, 19 Sep 2022 18:41:18 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 02F8 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Mon, 19 Sep 2022 18:36:18 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=32193
access-control-allow-credentials
true
content-length
62892
expires
Tue, 20 Sep 2022 03:32:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 02F8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 18:33:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 02F8 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 18:22:40 GMT
l
www.google.com/ads/measurement/ Frame 02F8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZWua_fasykjrUy1GAWnXEqbHuEP2tjtStR8cBwJSx-wCFhxH2mBvoVVfo_0NIReL4SKtorDpeeGm8fvGpjtXLV3lxeg
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 02F8 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:26:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 14:26:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02F8 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 18:36:18 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E2D3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dpb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3DPM_UID
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXT2MIP9&fv=1&fy=37&ke=1&suylg=271%2C272%2C295%2C203%2C175%2C159%2C79%2C108%2C356%2C97%2C310%2C201%2C3007%2C368%2C29%2C291%2C241%2C267%2C141%2C265%2C229%2C209%2C292%2C251%2C282&yvVbqf=1&uhiXuo=https%3A%2F%2Ft.co%2F&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://c.aaxads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48064
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:18 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:57:22 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
checksync.php
hbx.media.net/ Frame 8282 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXT2MIP9&cmode=1&cv=35&prvid=29,97,109,175,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXT2MIP9&fv=1&fy=37&ke=1&suylg=271%2C272%2C295%2C203%2C175%2C159%2C79%2C108%2C356%2C97%2C310%2C201%2C3007%2C368%2C29%2C291%2C241%2C267%2C141%2C265%2C229%2C209%2C292%2C251%2C282&yvVbqf=1&uhiXuo=https%3A%2F%2Ft.co%2F&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5dc08cc34906444e942bad46c5ebb968f944f3100dfff73cc8452b04a5da26f3
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://c.aaxads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=147909
content-encoding
gzip
content-length
9761
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
Wed, 21 Sep 2022 11:41:27 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
aacxc.php
c.aaxads.com/ Frame 16CD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dzem%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26...
  • https://stags.bluekai.com/site/23178?id=u8jv3sNaccSLnXoBtA94&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YZOMFQXQYLEOMXGG33NF5QWCY3YMMXHA2DQH5SXQY3I...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6YZOMFQXQYLEOMXGG33NF5QWCY3YMMXHA2DQH5SXQY3IMFXGOZJ5NVSWI2LBNZSXIJTGOY6TCJTSPF3GYZZ5OU4GU5RTONHGCY3DKNGG4WDPIJ2ECOJUEZ2WQ2KYOVXT2...
  • https://c.aaxads.com/aacxc.php?fv=1&ryvlg=u8jv3sNaccSLnXoBtA94&uhiXuo=&wbsh=zem&ylg=36125783473066141781455402000V10&yvlg=3066141781455402000V10
69 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/aacxc.php?fv=1&ryvlg=u8jv3sNaccSLnXoBtA94&uhiXuo=&wbsh=zem&ylg=36125783473066141781455402000V10&yvlg=3066141781455402000V10
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXT2MIP9&fv=1&fy=37&ke=1&suylg=271%2C272%2C295%2C203%2C175%2C159%2C79%2C108%2C356%2C97%2C310%2C201%2C3007%2C368%2C29%2C291%2C241%2C267%2C141%2C265%2C229%2C209%2C292%2C251%2C282&yvVbqf=1&uhiXuo=https%3A%2F%2Ft.co%2F&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-193-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2425b660230bb48d5acfa6dc31dc7d417c427523544e605e23272bb135c6b658
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.aaxads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 19 Sep 2022 18:36:18 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
69
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:18 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
P3p
CP="We do not support P3P header."
Location
https://c.aaxads.com/aacxc.php?fv=1&ryvlg=u8jv3sNaccSLnXoBtA94&uhiXuo=&wbsh=zem&ylg=36125783473066141781455402000V10&yvlg=3066141781455402000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
187
Expires
Thu, 01 Dec 1994 16:00:00 GMT
aacxc.php
c.aaxads.com/ Frame 16CD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Damb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3D%23...
  • https://c.aaxads.com/aacxc.php?fv=1&yvlg=3066141781455402000V10&wbsh=amb&uhiXuo=&ylg=36125783473066141781455402000V10&ryvlg=3200019522267894042
69 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3066141781455402000V10&wbsh=amb&uhiXuo=&ylg=36125783473066141781455402000V10&ryvlg=3200019522267894042
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXT2MIP9&fv=1&fy=37&ke=1&suylg=271%2C272%2C295%2C203%2C175%2C159%2C79%2C108%2C356%2C97%2C310%2C201%2C3007%2C368%2C29%2C291%2C241%2C267%2C141%2C265%2C229%2C209%2C292%2C251%2C282&yvVbqf=1&uhiXuo=https%3A%2F%2Ft.co%2F&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-193-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2425b660230bb48d5acfa6dc31dc7d417c427523544e605e23272bb135c6b658
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.aaxads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 19 Sep 2022 18:36:18 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
69
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:18 GMT

Redirect headers

location
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3066141781455402000V10&wbsh=amb&uhiXuo=&ylg=36125783473066141781455402000V10&ryvlg=3200019522267894042
pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
container.html
2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0851 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 18:36:17 GMT
expires
Tue, 19 Sep 2023 18:36:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0851 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVdosorYoY5z1AofAhAavlZDYBo7PmJZsscOjitsLwI23ARABIABg_eiigfADggEXY2EtcHViLTIwMTg0ODQ2MjEyMzczMjOgAZX1m98DyAEJ4AIAqAMBqgTSAk_QjM0wN5ky9zcCGjBM3urfiFPTLR3PpGUC5_QKHc0h-A4l0flvbh9zBQg1XbE8y8dKn4IhNTs8u4OOSBzOAYPtN6aSr1R2qncq3Lu45-cva71gxhfSkIoQN8_gPXluegbYJqxqjqxtAbbIG60yGtaugpz9BHNURkeewaGf3exOTyU4hnyKiDlqUtFewJDZHgHQeMiqkdaCc0RfTqSaKrltB15h96qbyCzKcquIErqcbTM9TcGWyrW0qIg1QAx5L-IrLVOSXsVUBzW43eMu6F2-qfgvrV01CbNYEKfIXxMeBp2sy6bBmTj-qspnZ4eYEzAB0Ff4guLmo7BZgUENIa511esuDTSEPpWbqVBQzGLpQwyOgUGzgumYrjaZEYMDnLzyf9RTZ9DAMUcGnEv0b6zXZTS2z-5brmIGbdDY6IG2Bf-1_yMhSdTQWYJzhEXUdWzs4AQBgAaMtt7rlLOeiOwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIwMTg0ODQ2MjEyMzczMjMY_N1w&sigh=2mElmtZlhys&uach_m=[UACH]&cid=CAQSPgCsnQUx24vO_1RStxfSS_XNmOj_qu5JZDwnADBg254ylIS3QEsmc9aojVySuMTrmY8Qni5LST_v2e_4UZu_GAE
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
log
hblg.media.net/ Frame 0851 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=CA&ctr=4.646624E-5&viewability=87&device_id=4&cbdp=0.026&slotVisibility=1&dn=fortune.com&acid=771eb297017c45d89037544e2f94c358&ugd=4&size=300x250&pvid=319&csip=rtb-appnexus-97449b58f-jd25v.SC&ogbdp=0.05&prvReqId=1515518472990_1115805741_11781238713191&itype=ADX&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&scrid=1700080812896700300025000001000&mang=1&bidrestime=1663612578172&cid=8CU1PUZJN&rme=nurl
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 19 Sep 2022 18:36:18 GMT
log
qsearch-a.akamaihd.net/ Frame 0851 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=&other_prv=319&jar_err=&current_day=1.0&adtyp=0&req_id=Yyi2ogABvAsKs_TTug1AaA&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=46.0560&exp=&fdbk_id=&second_bidder=*&search_res=48&floor_bucket=0.00&gpid_format=&seat=319&size=300x250&url_l1=2022&f_seg=&url_l2=09&prdp=0.0260&ogcbdp=0.0500&dfpbd=0.0260&server=1&ogerpm_wd_bkt=0-1&model_version=202209191607_generic_adx_2-cid_2&viewability=0.8700&dmm_r=0.4640&cut=48&dmm_l=0.4640&as_cache=1&tcyerpm=&sc=CA-QC&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=fortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&bidrestime=1663612578172&cc=CA&strg=harmony&ss=&current_hour=18&time_stamp=2022-09-19+18%3A36%3A18&model_key=generic_adx_2-cid_2&rvshhon=&mul_ratio=0.0000&bdp=0.0500&ct=Montreal&akey=&mnckfl=0&bdp_bucket=0.05&algo=unison12&dc=east_sc&splid=&dim4=exploration&dn=fortune.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=771eb297017c45d89037544e2f94c358&infl=&o_ver=NT+10.0&br_ver=105.0.5195.125&bdmm_m6=1.0000&bdmm_m7=1.1780&bdmm_m5=0.7440&ver=8.14.1&totalTimeBucket=3&visibility=1&totalTime=3111890&dmm_m1=2022-09-19+18%3A36%3A18.175909968&e_rpm=0.0410&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.8760&cid=8CU1PUZJN&bcrid=1700080812896700300025000001000&rawbid=0.0500&seat_id=319&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-appnexus-97449b58f-jd25v.SC&dfp_bucket=0.0&adblk=4001481123&itype=adx&pvid_seat=319_319&cliIP=0&advurl=search.yahoo.com%2F&level_base=0&crid=117812387&sat=1&br_id=265&cut_bkt=50&gpid=&iwb=1&dmm_d22=0.00&second_bid=0.000000&sc_pvid=319&capd=0&other_bids=0.05
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.63.77.163 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-63-77-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 19 Sep 2022 18:36:18 GMT
nmedianet.js
contextual.media.net/ Frame 0851 		337 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU573VJ2
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
71e38f5ff4c83a73463447a2687e4517a51435ed1626b3a6851a18699983c55d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-21
content-encoding
gzip
server
Apache
etag
"5e530b865cff5445c198feed265e5dbc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 19 Sep 2022 18:36:18 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-31
expires
Mon, 19 Sep 2022 18:41:18 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 0851 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Mon, 19 Sep 2022 18:36:18 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=32193
access-control-allow-credentials
true
content-length
62892
expires
Tue, 20 Sep 2022 03:32:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 0851 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 18:33:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 0851 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 18:22:40 GMT
l
www.google.com/ads/measurement/ Frame 0851 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBG4-o-f9prieSsyC2XYXZ5RwRIDMTUL3k_wRACKbcZG_o0a838QQUHl48jUY2UiBdfxxpatxToqujmC-vVpArVhiYBQ
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0851 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:26:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 14:26:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0851 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 18:36:18 GMT
usync.html
eus.rubiconproject.com/ Frame 22A2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXT2MIP9&cmode=1&cv=35&prvid=29,97,109,175,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hbx.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 18:36:18 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 18:36:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.php
contextual.media.net/ Frame 8282
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119320&expires=5&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXT2MIP9&cmode=1&cv=35&prvid=29,97,109,175,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1
Protocol
H2
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 18:36:18 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:18 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 8282 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXT2MIP9&cmode=1&cv=35&prvid=29,97,109,175,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
217295
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 8282
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066141781455471000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066141781455471000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=168d7390-53b8-4b8f-8a54-c15741216a94&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=168d7390-53b8-4b8f-8a54-c15741216a94&cs=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXT2MIP9&cmode=1&cv=35&prvid=29,97,109,175,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1
Protocol
H2
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 18:36:18 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:18 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=168d7390-53b8-4b8f-8a54-c15741216a94&cs=1
date
Mon, 19 Sep 2022 18:36:18 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
smtr
contextual.media.net/ Frame E64E 		88 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=824385419&size=970x250&cc=CA&chnm=HARMONY&pid=8PO1RKFI1&tpid=TD14426&https=1&vif=2&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&nse=5&vi=1663612578256011760&ugd=4&adt1=8CU1PUZJN&adt2=117812387&bae=B44/4B/Bxx&bcpf=B44%2F8fOnRrolnfOur84B%2FBxx&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808128967&kapc=10&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjv9%7C%7C77OvW&kata=aton&ekalog=%3DVvfWfX%7C%7CPPVrvwW%20rklBZQ1k7_lire%7C%7C_TVrvF%7C%7Cc0_rvFH9%7C%7CbVrvW%7C%7CcVvfWf9%7C%7CbVvfWf9%7C%7C_0_rvhhWWAff9FHihfWH%7C%7CqVrvH&pgid=p1483169743t202209191836&goent=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=QC&tcf_cmp=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU573VJ2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
510214edfe47e35bab2ad5a098695f80b013d0a01dafcccd1a2500992fa30e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
33481
content-type
text/html
date
Mon, 19 Sep 2022 18:36:19 GMT
expires
Mon, 19 Sep 2022 18:36:19 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
21-km8s
x-sc-w
21-sd9m
bping.php
lg3.media.net/ Frame 02F8 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=595&&vgd_cdv=799&gdpr=0&prid=8PRVCXX19&cid=8CU573VJ2&crid=824385419&vi=1663612578256011760&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886994965&r=1663612578642&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1663612578195550503&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU1PUZJN&vgd_hb_audit_2=117812387&vgd_pgid=p1483169743t202209191836&vgd_pgids=1&vgd_uspa=0&hvsid=00001663612578639025035145544201&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 18:36:18 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=57952
content-length
15
checksync.php
contextual.media.net/ Frame BA2A 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1PUZJN&prvid=99%2C77%2C20000%2C2033%2C293%2C294%2C241%2C132%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C307%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
283844ca59ea5bad57ba6065c3e1fd02b5b150beb3cf0b0f719a10e3ff98d81d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=147862
content-encoding
gzip
content-length
9413
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
Wed, 21 Sep 2022 11:40:40 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 02F8 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5074&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=5&spSource=0&ifst=0&vid=Yyi2oQAM5BsE0YnEYwClbQ&s_city=atlanta&ugd=4&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&bcat%3C%3E=1000010%23%231000008%23%231000007%23%231000005%23%231000004%23%2310060%23%231000003%23%2310509%23%231000031%23%231000030%23%231000027%23%231000024%23%231000023%23%231000019%23%231000018%23%2310080%23%2310784%23%2310085%23%2310087%23%2310088%23%231000037%23%231000036%23%2313612%23%231000035%23%2310163&exp=ssProfile%3D3%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D3%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=7.247613E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=4&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.120&size=970x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&mx_crsw_bckt=B2&commit_id=5a197c05&scrid=1700080812896700970025000001000&itypeid=17&mx_SPRIG=2&viewability=58&renderer=0&be=0&rtime=32.0&adj0=0.0&tmax=300&s_ip=172.217.36.130&adj2=0.0&adj1=0.0&feedback_id=Yyi2oQAM5BsE0YnEYwClbQ&adtypes=0&mx_aabpc=0&reqid=Yyi2oQAM5BsE0YnEYwClbQ&sc=CA-QC&mowxReqId=938cf58a7dab4d91a780d95f3e41cfee_1&ifdp=0&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&bidrestime=1663612577907&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CU573VJ2-927635774-39-15&coppa_enf=true&bdp=0.120&ct=Montreal&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CU585TW4&dnt_enf=false&mx_ssBucket=3&vls=0&asn=514&mang=1&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=fortune.com&pgcatiab2=115&dt=O&acid=938cf58a7dab4d91a780d95f3e41cfee&actltime=42&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C95&dfpBd=0.091&sckfl=0&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU573VJ2&epcexp=false&pubid=pub-ADX-101639958875&mx_bsProfile=0&cid=8CU1PUZJN&bcrid=1700080812896700970025000001000&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=970x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU585TW4&tgtval=pub-ADX-101639958875&__expireat=1663613178162&lmt_status=N&reftype=3&viewability_vendor=EXCHANGE&prvAccId=824385419&ckfl=0&lper=1&mx_tgs=728x90%7C750x200%7C930x180%7C970x90%7C970x250&dummy_vsid=false&cbdp=0.091&pvdTmax=255&ltime=41.0&epc=927635774&ctr_vendor=EXCHANGE&prvReqId=934679223643_2079261191_11781238723131&zip=H2V&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-2018484621237323&ybnca_erpm=0.12&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=47&mx_PC=1&wsip=mowx-lite-95c599848-gndvf&currsrc_date=2022-09-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-19+18%3A36%3A17&policy_enf=2&mx_ssProfile=3&mx_SC=0&reftime=60&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&mx_mrpp_key=bidapi-gcp-sc&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_Pmz3BkilHYAYQ86Pic1ZHiDokWtvb8WWop4hHwMrvENE8UiVZs0WdK495tjtZl5dc7f&dmm_ogerpm=false&csip=rtb-appnexus-97449b58f-2r62l.SC&mx_bsBucket=0&mx_aurt=0&mx_crsw_exp=desktopTop1&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.12&tpbTkn=false&adblk=3137182254&fpuReq=0&vcmplrt=-1.0&crid=117812387&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44085%23%2344123%23%2344148%23%237141%23%237179%23%2317195%23%237204&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D40~ogerpm%3D0.12~vw_exc%3D0.58~vis_sd%3D466~dc2%3D1~bat%3D0%2C0%2C1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022091906~iurl_b%3D1661.46~url_tkc%3D0~std%3D~MP%3D.*employ.*~last%3D~vis_url_b%3D0.72~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D20~riipua%3D7%2C7~et%3D27~rc%3D1~rps_sd%3D2022091912~vis_b%3D514.32~url_b%3D0.6~url_tvi%3D0~url_l%3D40~gcat%3D500312~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.12~bm%3D1~sid%3D824385419~sd%3D0~uid%3Dh8M13a0zfzXLK4N8H~btd%3D242836410673351303370167391132886607069661109781625062459923518493687697507173793792~d2p_l%3D30~3pcf%3D1027.25~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.97~ogd2p_b%3D0.94~vurl_b%3D0.93~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D61.3~vurl_l%3D30~CI%3D2740~nts%3D5~MP2%3D.*%2Fuber-.*~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D1.08~PF%3D0~isif%3D0~lc%3D1~bid%3D0.12~dc%3D8~vl2r_b%3D3.47~ivurl_l%3D30~supply_tag_id%3D%7Eviewability%3D0.58%7Eamp%3D1%7Ecbdp%3D0.091%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-2018484621237323%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3137182254%7Esobp%3D%7Ectr%3D7.247613E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.120%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D25%7Edogb%3D0-1~ibc%3D1~mxe%3DdesktopTop1~mxbn%3DB2~ddt%3D-1~nsz%3D5~tgs%3D728x90%7C750x200%7C930x180%7C970x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D255&utime=752&sf=0&cpr=0.8174530525774151
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
max-age=3600
date
Mon, 19 Sep 2022 18:36:18 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Tue, 20 Sep 2022 00:36:18 GMT
truncated
/ Frame 02F8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
757dc8fe2a99c74fa3010dd19e322c7748569f2e432027445237a8bf849d872b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
smtr
contextual.media.net/ Frame 911A 		81 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=821747664&size=300x250&cc=CA&chnm=HARMONY&pid=8PO7E3CC0&tpid=TD14426&https=1&vif=2&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&nse=5&vi=1663612578521477274&ugd=4&adt1=8CU1PUZJN&adt2=117812387&bae=B44/4B/Bxq&bcpf=B44%2F4B%2F8fOnRrolnfOur8Bxq&bdrId=319&ntv=0&matchstring=bcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808128967&kapc=5&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjv9%7C%7C77OvW&kata=aton&ekalog=PPVrvwW%20%3D5GF_9Ih_06Lmh%7C%7CbVvfWf9%7C%7C_0_rvhhiuHuHAXhWFhXF%7C%7CbVrvW%7C%7CqVrvX%7C%7C%3DVvfWfX%7C%7C_TVrvF%7C%7Cc0_rvFH9%7C%7CcVvfWf9&pgid=p1483169743t202209191836&goent=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=QC&tcf_cmp=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU573VJ2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
600a97aef58f76b9cf4e7e9bdd386cc4bb6bec6b6c2500fdba50fd9a9127ff45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
32673
content-type
text/html
date
Mon, 19 Sep 2022 18:36:19 GMT
expires
Mon, 19 Sep 2022 18:36:19 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
21-f7b8
x-sc-w
21-8c9g
bping.php
lg3.media.net/ Frame 0851 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=595&&vgd_cdv=799&gdpr=0&prid=8PRVCXX19&cid=8CU573VJ2&crid=821747664&vi=1663612578521477274&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886993991&r=1663612578735&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1663612578197045301&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU1PUZJN&vgd_hb_audit_2=117812387&vgd_pgid=p1483169743t202209191836&vgd_pgids=1&vgd_uspa=0&hvsid=00001663612578732025035145548202&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 18:36:18 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=57952
content-length
15
tap.php
pixel.rubiconproject.com/ Frame 1019
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yfofZS4jvWMk-W1Ki66WRw?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6497680077557677032
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6497680077557677032
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Content-Type
image/gif

Redirect headers

date
Mon, 19 Sep 2022 18:36:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6497680077557677032
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 1019
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tizEef54SBWCzg1tq6UtRw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tizEef54SBWCzg1tq6UtRw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tizEef54SBWCzg1tq6UtRw
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
7W5H6B8E3FJBZSWC35G8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tizEef54SBWCzg1tq6UtRw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1019
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmUxMjJjMDQ4Y2Q0MmFmMDkyMjBhMmMxZTRlYTIxY2IzMTUyZWU0YQ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmUxMjJjMDQ4Y2Q0MmFmMDkyMjBhMmMxZTRlYTIxY2IzMTUyZWU0YQ&us_privacy=1---
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H3
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmUxMjJjMDQ4Y2Q0MmFmMDkyMjBhMmMxZTRlYTIxY2IzMTUyZWU0YQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1019
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5M1o0NEItRC0yNExP&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5M1o0NEItRC0yNExP&us_privacy=1---
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H3
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5M1o0NEItRC0yNExP&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 1019
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L893Z44B-D-24LO&us_privacy=1---
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L893Z44B-D-24LO&us_privacy=1---
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:18 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F1769D679ED64AAC8925950CC5CCA8FD Ref B: YTO01EDGE0710 Ref C: 2022-09-19T18:36:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpC/zPmG8/EKOhM4dnmw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L893Z44B-D-24LO&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1019
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=53df53d6-41a0-4e70-b2c8-112deb2da6d0&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=53df53d6-41a0-4e70-b2c8-112deb2da6d0&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=53df53d6-41a0-4e70-b2c8-112deb2da6d0&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 1019
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOr_iXyBirYRYZnoN78lots&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOr_iXyBirYRYZnoN78lots&google_cver=1
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOr_iXyBirYRYZnoN78lots&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1019 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:19 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
4HEZ63YWTZF9JKBWHY0J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
checksync.php
contextual.media.net/ Frame 0530 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1PUZJN&prvid=99%2C77%2C20000%2C2033%2C293%2C294%2C241%2C132%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C307%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
283844ca59ea5bad57ba6065c3e1fd02b5b150beb3cf0b0f719a10e3ff98d81d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=147862
content-encoding
gzip
content-length
9413
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 18:36:18 GMT
expires
Wed, 21 Sep 2022 11:40:40 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 0851 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5731&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Yyi2ogABvAsKs_TTug1AaA&s_city=morganton&ugd=4&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&bcat%3C%3E=1000010%23%231000008%23%231000007%23%231000005%23%231000004%23%2310060%23%231000003%23%2310509%23%231000031%23%231000030%23%231000027%23%231000024%23%231000023%23%231000019%23%231000018%23%2310080%23%2310784%23%2310085%23%2310087%23%2310088%23%231000037%23%231000036%23%2313612%23%231000035%23%2310163&exp=ssProfile%3D4%7Csfl%3Dfalse%7CssBucket%3D3%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=4.646624E-5&mx_TAF=3&device_id=4&ae=false&mx_UCC=4&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=319&og_cbdp=0.050&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&mx_crsw_bckt=B2&commit_id=5a197c05&scrid=1700080812896700300025000001000&itypeid=17&mx_SPRIG=2&viewability=87&renderer=0&be=0&rtime=34.0&adj0=0.0&tmax=300&s_ip=74.125.19.17&adj2=0.0&adj1=0.0&feedback_id=Yyi2ogABvAsKs_TTug1AaA&adtypes=0&mx_aabpc=0&reqid=Yyi2ogABvAsKs_TTug1AaA&sc=CA-QC&mowxReqId=771eb297017c45d89037544e2f94c358_1&ifdp=0&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&bidrestime=1663612578172&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CU573VJ2-872458285-39-26&coppa_enf=true&bdp=0.050&ct=Montreal&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CU585TW4&dnt_enf=false&mx_ssBucket=3&vls=0&asn=514&mang=1&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=fortune.com&pgcatiab2=115&dt=O&acid=771eb297017c45d89037544e2f94c358&actltime=43&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C95&dfpBd=0.026&sckfl=0&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU573VJ2&epcexp=false&pubid=pub-ADX-101639958875&mx_bsProfile=0&cid=8CU1PUZJN&bcrid=1700080812896700300025000001000&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=300x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU585TW4&tgtval=pub-ADX-101639958875&__expireat=1663613178427&lmt_status=N&reftype=3&viewability_vendor=EXCHANGE&prvAccId=821747664&ckfl=0&lper=1&mx_tgs=200x200%7C250x250%7C300x250&dummy_vsid=false&cbdp=0.026&pvdTmax=253&ltime=42.0&epc=872458285&ctr_vendor=EXCHANGE&prvReqId=1515518472990_1115805741_11781238713191&zip=H2V&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-2018484621237323&brsrclk=0&sbdrid=99&mx_bsBucketRa=0&rtttime=50&mx_PC=1&wsip=mowx-lite-95c599848-hdt9g&currsrc_date=2022-09-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-19+18%3A36%3A18&policy_enf=2&mx_ssProfile=4&mx_SC=1&reftime=60&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=319&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_PkWwMGQ8bRkU5MLOatnGaTEb9DffbhxTF-pqEDdLDJPVi40sy6FfUU-6ZRr4Wu3yWO5&dmm_ogerpm=false&csip=rtb-appnexus-97449b58f-jd25v.SC&mx_bsBucket=0&mx_aurt=0&mx_crsw_exp=desktopTop1&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.05&tpbTkn=false&adblk=4001481123&fpuReq=1&vcmplrt=-1.0&crid=117812387&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44085%23%2344123%23%2344148%23%237141%23%237179%23%2317195%23%237204&opbidflr=0.010&impId=1&rme=adm&bdata=~bx_len%3D1440~bhp%3D0~bid%3D0.050~bx_asn%3D514~bx_cs%3D0~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_lvmp%3D00000000000000000000000000000000000000000000000000~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000001~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_tmax%3D250~city%3DMONTREAL~ck_fl%3D0~dc%3Dgcp-us-east1-d~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.00~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_new~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D2~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d34%3D17195%2C7141%2C7179%2C7204~dmm_d36%3DNA~dmm_d37%3DT~dmm_d39%3Djson%2Fbid%2FgetOrtbResponse~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.009~dmm_m1%3D0.041~dmm_m10%3D1.000~dmm_m11%3D1.000~dmm_m12%3D0.876~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.991~dmm_m16%3D0.464~dmm_m17%3D1.000~dmm_m2%3D0.010~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.005~dmm_m34%3D1.000~dmm_m39%3D861.000~dmm_m40%3D861.000~dmm_m41%3D1.000~dmm_m42%3D1.000~dmm_m44%3D0.991~dmm_m45%3D227.000~dmm_m46%3D65092.000~dmm_m47%3D305.000~dmm_m48%3D84056.000~dmm_m5%3D0.744~dmm_m6%3D1.000~dmm_m7%3D1.178~dmm_m9%3D1.000~dmm_r%3D0.464~e_rpm%3D0.041~erpm%3D0.041~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_ip%3D2607-5300-0060-0000-0000-0000-0000-0000~r_sc%3DCA-QC~rbo%3D5_3~ref_cnt%3D0~sgmt%3Dempty~std%3Dna~vbr%3D0~visibility%3D1~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.026%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-2018484621237323%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D4001481123%7Esobp%3D%7Ectr%3D4.646624E-5%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.050%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~~mxe%3DdesktopTop1~mxbn%3DB2&utime=597&sf=0&cpr=0.20173738551685605
Requested by
Host: 2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
URL: https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
max-age=3600
date
Mon, 19 Sep 2022 18:36:18 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Tue, 20 Sep 2022 00:36:18 GMT
truncated
/ Frame 0851 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c53d4bf55c7bca166ee1cb285a86fb0c193dc5104181cc64e283dca7b92145b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 22A2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aeafd0e6947ea33fb66ac27d1039753ebc76fcbd97cc30437962bbb29fadcbff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49580
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 20 Sep 2022 08:22:38 GMT
usersync
usersync.gumgum.com/ Frame 9C1E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=L893Z44B-D-24LO
  • https://usersync.gumgum.com/usersync?b=mag&i=L893Z44B-D-24LO&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L893Z44B-D-24LO&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L893Z44B-D-24LO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
cksync
cs.media.net/ Frame BA2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA2NjE0MTc4MTQ1NTQ3MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPqDFrs56HO8V_oUHPw7jHM&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPqDFrs56HO8V_oUHPw7jHM&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1PUZJN&prvid=99%2C77%2C20000%2C2033%2C293%2C294%2C241%2C132%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C307%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPqDFrs56HO8V_oUHPw7jHM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame BA2A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53df53d6-41a0-4e70-b2c8-112deb2da6d0
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1PUZJN&prvid=99%2C77%2C20000%2C2033%2C293%2C294%2C241%2C132%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C307%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53df53d6-41a0-4e70-b2c8-112deb2da6d0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync
cs.media.net/ Frame 0530
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA2NjE0MTc4MTQ1NTQ3MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPqDFrs56HO8V_oUHPw7jHM&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPqDFrs56HO8V_oUHPw7jHM&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1PUZJN&prvid=99%2C77%2C20000%2C2033%2C293%2C294%2C241%2C132%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C307%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPqDFrs56HO8V_oUHPw7jHM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 0530
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53df53d6-41a0-4e70-b2c8-112deb2da6d0
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53df53d6-41a0-4e70-b2c8-112deb2da6d0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1PUZJN&prvid=99%2C77%2C20000%2C2033%2C293%2C294%2C241%2C132%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C307%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53df53d6-41a0-4e70-b2c8-112deb2da6d0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
truncated
/ Frame E64E 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E64E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E64E 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
Raleway-bold.woff
res-a.akamaihd.net/__media__/fonts/Raleway-bold/ Frame E64E 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Raleway-bold/Raleway-bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=824385419&size=970x250&cc=CA&chnm=HARMONY&pid=8PO1RKFI1&tpid=TD14426&https=1&vif=2&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&nse=5&vi=1663612578256011760&ugd=4&adt1=8CU1PUZJN&adt2=117812387&bae=B44/4B/Bxx&bcpf=B44%2F8fOnRrolnfOur84B%2FBxx&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808128967&kapc=10&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjv9%7C%7C77OvW&kata=aton&ekalog=%3DVvfWfX%7C%7CPPVrvwW%20rklBZQ1k7_lire%7C%7C_TVrvF%7C%7Cc0_rvFH9%7C%7CbVrvW%7C%7CcVvfWf9%7C%7CbVvfWf9%7C%7C_0_rvhhWWAff9FHihfWH%7C%7CqVrvH&pgid=p1483169743t202209191836&goent=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=QC&tcf_cmp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.63.77.202 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-63-77-202.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e789f7935d6d7776a0c2341570220c445bc1c493381518c085e641f9128b8938

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:19 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-7cc4"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31940
truncated
/ Frame 911A 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 911A 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 911A 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
Raleway-bold.woff
res-a.akamaihd.net/__media__/fonts/Raleway-bold/ Frame 911A 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Raleway-bold/Raleway-bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=821747664&size=300x250&cc=CA&chnm=HARMONY&pid=8PO7E3CC0&tpid=TD14426&https=1&vif=2&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&nse=5&vi=1663612578521477274&ugd=4&adt1=8CU1PUZJN&adt2=117812387&bae=B44/4B/Bxq&bcpf=B44%2F4B%2F8fOnRrolnfOur8Bxq&bdrId=319&ntv=0&matchstring=bcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808128967&kapc=5&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjv9%7C%7C77OvW&kata=aton&ekalog=PPVrvwW%20%3D5GF_9Ih_06Lmh%7C%7CbVvfWf9%7C%7C_0_rvhhiuHuHAXhWFhXF%7C%7CbVrvW%7C%7CqVrvX%7C%7C%3DVvfWfX%7C%7C_TVrvF%7C%7Cc0_rvFH9%7C%7CcVvfWf9&pgid=p1483169743t202209191836&goent=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=QC&tcf_cmp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.63.77.202 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-63-77-202.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e789f7935d6d7776a0c2341570220c445bc1c493381518c085e641f9128b8938

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:19 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-7cc4"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31940
cksync.php
contextual.media.net/ Frame 22A2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=L893Z44B-D-24LO
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L893Z44B-D-24LO&us_privacy=1---
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L893Z44B-D-24LO&us_privacy=1---
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
23.200.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 18:36:19 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:36:19 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L893Z44B-D-24LO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
bql.php
lg3.media.net/ Frame E64E 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6256&&&vgd_l2type=sca&fp=PT8W0IJkx0EH5caw3DMcpk9KjUktF7TnoIxnjuKPE9pDcqYqReMRH2TRDcfwLH7-QmdYgrTidsQe1EypiD0Ys2cxgLtFEc4Lz70V4Gqbyk6g3uFaTq0GI8HVYSleGci4&cme=klCfpZIxXE0sEKo02y_mJRW1cG-binh-fHQbHuTErvL8pc2WkhiCU_TPeu-Km4q49IqvJ75iLCLB5U-dATgWasG123wYlT_5oX_l_tzkvgC5aJQa6qkY1yCEpqhXPYaWnzDIJUGQjI9yIsnXfrj7AyLB8nVpEVASLlG20VvldkGf1DWLsFqDxyZCgZ3jqI83lL0-r8SPclXMYoWZNpiZNDsJXagqRLr2fKQSqL-qzIA%3D%7C%7C6gOMcg2QROfNjrKQTYjVLhAhpIQ6KxiqJ6pPb7Zss0JNbSE_NvXthduo5p5SpEDemZQeiT0qwTvMnvyva_91tPNgGNzIv6i9Vht3_c-r6LlkFw-pco0ICA%3D%3D%7Ca8S36fyr9qSGOrmtiCGxOG4hedH9GewKj_dM_3tutolLPpTw3MA9xW3mmFxafW04xHLdPM9guqqk17x8Pqsc5huHqQa6cv6xF9WBEjEnUXMcDYdu1IhWelyX4fZ78TGPUZ97huhd9EJDuyvDgH6e4XxfbhXLpWjICsPfU8WkuNhpF13V5dRIybJvCqVydx05JoSNzsMlzNr3XgFZFDo2kzV422DnaJcKq4pGWl_-KUc%3D%7Cu8A6SM53vAcyc1si4KNt69fytlzshv1H%7CJwgYdc1KQkHtA_IwkbwIRBGw5WimlpA_%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=15062&q=&prv=&type=&ps=&hint=&td=&cc=CA&wsip=170721316&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_fm_lang=EN&vgd_dnquo=00_XX&ksu=224&fdkt=265&vgde_kbbh=fuoyxQBuG&kwd[]=Payroll+Withholding+Calculator&kwt[]=265&kbc[]=154&kwp[]=1&kid[]=21964053&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.31%7C2%3D2.64%7Cps%3D1.069%7C3%3D0.57%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Payroll+Withholding+Calculator&kwd[]=Online+Side+Hustle+Ideas&kwt[]=265&kbc[]=49280&kwp[]=2&kid[]=350905586&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.65%7C2%3D6.79%7Cps%3D1.080%7C3%3D0.87%7C4%3D2.95&ktd[]=824650629376&ktrkt[]=Online+Side+Hustle+Ideas&kwd[]=Expense+Report+Spreadsheet&kwt[]=265&kbc[]=49568&kwp[]=3&kid[]=10265722&kbc2[]=tnid%3D-1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.46%7C2%3D4.05%7Cps%3D1.085%7C3%3D0.19%7C4%3D1.00&ktd[]=288232300314034432&ktrkt[]=Expense+Report+Spreadsheet&kwd[]=Mileage+Log+Template&kwt[]=265&kbc[]=49568&kwp[]=4&kid[]=19249790&kbc2[]=tnid%3D314993%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.46%7C2%3D4.05%7Cps%3D1.085%7C3%3D0.18%7C4%3D1.00&ktd[]=288232850069848320&ktrkt[]=Mileage+Log+Template&kwd[]=Mileage+Log+Sheet&kwt[]=265&kbc[]=44592&kwp[]=5&kid[]=19249787&kbc2[]=tnid%3D-1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.46%7C2%3D4.05%7Cps%3D1.085%7C3%3D0.35%7C4%3D1.00&ktd[]=288231750558220544&ktrkt[]=Mileage+Log+Sheet&kwd[]=Top+10+Side+Hustle+Ideas&kwt[]=265&kbc[]=49280&kwp[]=6&kid[]=350922956&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.30%7C2%3D6.02%7Cps%3D1.080%7C3%3D0.18%7C4%3D1.38&ktd[]=274894815488&ktrkt[]=Top+10+Side+Hustle+Ideas&kwd[]=Get+Your+W2&kwt[]=265&kbc[]=154&kwp[]=7&kid[]=89416450&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.31%7C2%3D2.64%7Cps%3D1.069%7C3%3D0.17%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Get+Your+W2&kwd[]=Best+High+Dividend+Stock&kwt[]=355&kbc[]=ebf82c92c889d53731e2078ed3562ca7.d2s&kwp[]=8&kid[]=205772782&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.04%7C2%3D6.12%7Cps%3D0.099%7C3%3D0.74%7C4%3D1.89&ktd[]=274911592704&ktrkt[]=Best+High+Dividend+Stock&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=355&kbc[]=ebf82c92c889d53731e2078ed3562ca7.d2s&kwp[]=9&kid[]=324947967&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D2.74%7C2%3D8.33%7Cps%3D0.099%7C3%3D0.93%7C4%3D4.17&ktd[]=274894815488&ktrkt[]=No.1+Stock+to+Buy+Now&cid=8CU573VJ2&vwid=1663612578256011760&vi=1663612578256011760&tdAdd[]=ib%3D0&vsid=3066141781455471&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=799&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU1PUZJN&vgd_hb_audit_2=117812387&vgd_katid=808128967&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3Dna%7C%7Caghl%3D0%7C%7Cttd%3D8&vgd_kalog=CI%3D2825%7C%7CUUID%3Dh8qDfzwGsaftTz9Dv%7C%7CTLID%3D6%7C%7CMPTD%3D640%7C%7CSID%3D8%7C%7CMI%3D2820%7C%7CSI%3D2820%7C%7CTPTD%3D778832206497284%7C%7CHID%3D4&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721316&vgd_nrrv=13273&vgd_nrrmf=1c84a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_go_pid=8PO1RKFI1&&vgd_ifrmode=14&vgd_l1rakh=1663612578195550503&sttm=1663612578639&upk=1663612579.18084&hvsid=00001663612578639025035145544201&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080812896700970025000001000&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D16276&&vgd_vstrid=3066141781455471&vgde_bdata=QOfvzxjj~8xLjMjvH9~myJLEYv9.uf~eBMJ-Nv9.XW~e8QMQOvHFF~ONfvu~G17v9%2C9%2Cu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ff9iui9F~8xLjMGvuFFu.HF~xLjM7UNv9~Q7Ov~c0v.*JYEjm5.*~j1Q7v~e8QMxLjMGv9.hf~8EvuiTAL6VAPc8Lr%2Fsc8AKgIf~kGGv9~e8QMxLjMjvf9~L88Ex1vh%2Ch~J7vfh~LNvu~LEQMQOvf9ff9iuiuf~e8QMGvXuH.Af~xLjMGv9.F~xLjM7e8v9~xLjMjvH9~yN17vX99Auf~GGvuiF~eev9~jfLMGvu999~JLEYv9.uf~GYvu~Q8OvWfHAWXHui~QOv9~x8OvwWcuA19lkltTCHIWq~G7OvfHfWAFHu9FhAAXuA9AAh9uFhAiuuAfWWFF9h9FiFFuu9ihWuFfX9FfHXiifAXuWHiAFWhFihX9huhAhiAhif~OfEMjvA9~AENkvu9fh.fX~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.ih~myOfEMGv9.iH~exLjMGv9.iA~QQvIK~x8Bvou~NJv9~LEQMGvFu.A~exLjMjvA9~%3DVvfhH9~z7QvX~c0fv.*SxGJLo.*~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.9W~0sv9~8Q8kv9~jNvu~G8Ov9.uf~ONvW~ejfLMGvA.Hh~8exLjMjvA9~QxEEj5M71yM8Ov~e8JB1G8j875v9.XW~1YEvu~NGOEv9.9iu~OYYvw1LYmz5~Qx8Ov~O7NvJ1Q7MQN~-8OvKrtoExGof9uWHWHFfufAhAfA~O1jyvOJk1xj7~w7Yjvu~1OGjUvAuAhuWffXH~QmGEv~N7Lvh.fHhFuA4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.uf9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vfX~OmyGv9ou~8GNvu~Y-JvOJQU7mE_mEu~Y-GzvRf~OO7vou~zQlvX~7yQvhfW-i9%7ChX9-f99%7CiA9-uW9%7Cih9-i9%7Cih9-fX9~GQGv9~GQEv9~7Y-vfXX&vgd_optout=0&vgd_cfud=220909&vgd_scsver=316&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_rensize=970_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001663612578639025035145544201&subBdr=196&bdrid=313&rc=0&rand=1663612579067&acid=938cf58a7dab4d91a780d95f3e41cfee&matm=1663612579067&vgd_ltimesrc=1&vgd_ltime=1204&vgd_rtime=779&vgd_etm=15&vgd_l1hcsd=A21%7C6192&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=3198&vgd_pgid=p1483169743t202209191836&vgd_adprefflag=11&vgd_adpref_diff=110&vgd_csip=rtb-appnexus-97449b58f-2r62l.SC&vgd_sbSup=1&vgd_nrrs=13273&vgd_cntrdt=SF%7C2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=824385419&size=970x250&cc=CA&chnm=HARMONY&pid=8PO1RKFI1&tpid=TD14426&https=1&vif=2&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&nse=5&vi=1663612578256011760&ugd=4&adt1=8CU1PUZJN&adt2=117812387&bae=B44/4B/Bxx&bcpf=B44%2F8fOnRrolnfOur84B%2FBxx&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808128967&kapc=10&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjv9%7C%7C77OvW&kata=aton&ekalog=%3DVvfWfX%7C%7CPPVrvwW%20rklBZQ1k7_lire%7C%7C_TVrvF%7C%7Cc0_rvFH9%7C%7CbVrvW%7C%7CcVvfWf9%7C%7CbVvfWf9%7C%7C_0_rvhhWWAff9FHihfWH%7C%7CqVrvH&pgid=p1483169743t202209191836&goent=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=QC&tcf_cmp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 18:36:19 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=57041
content-length
15
bql.php
lg3.media.net/ Frame 911A 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6010&&&vgd_l2type=sca&fp=mXXCGSbyQ01g53Dwqs9EKglIiQJ07rrjHR6OObKpW54mCgvZuDYeLfNxdBI8O25hfuU-mmW2Ck6i15fwLc8810ymDUE_41vJkzAXnJmaMBpiQwsXlZJJpDvLxjEAnsLg&cme=rXX0XiJOk0rcm9S0ACazY0HV9giTEhIzFNVsO4cVDHGSU5Dz_J08AqlzVfPzzHgXwi1HCJicckkGhjQHtPti5wmb8Pu68r5xmXAntQWQe6PhQvNMuDusLRne5RMPwtNmuRz5f6C0EgpNIQR077XD14xXG59Gj_Tfe8HsaPz8YgJeB9uJKaUXyFTRdz01ma_4X5MTw5O-RvOp15lFcP62TMP6LQs-iBuP%7C%7Cu8A6SM53vAcyc1si4KNt69fytlzshv1H%7CJwgYdc1KQkHtA_IwkbwIRBGw5WimlpA_%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C6gOMcg2QROfNjrKQTYjVLhAhpIQ6KxiqJ6pPb7Zss0JNbSE_NvXthduo5p5SpEDemZQeiT0qwTvMnvyva_91tPNgGNzIv6i9Vht3_c-r6LlkFw-pco0ICA%3D%3D%7CfQvNHJb4Ruy9iR4W_ZtiLcqQL8Wqi21n4ZS30yBqXWZHsUMdkjYQpwzkkxBS5aq0tYUimgBmNjW-wjKqa0epRNC1gITMNmKDSqXhRm2DZNtUVZ3WAX1pYaVb9RhpFQinQmZN0RYtA7udPW2HcdycXDBhfAbLVAwCfifPMh2HoBrrtAAxOdd85TjRRqYcb2twjLyOdbEI1wlTEzFr9lBwAm45pa7__LpM1LBxYB8ZWDf9CmS8cbIDJw%3D%3D%7C&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=&cc=CA&wsip=170721610&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_fm_lang=EN&vgd_dnquo=00_XX&ksu=224&fdkt=265&vgde_kbbh=fuoyxQBuG&kwd[]=Payroll+Withholding+Calculator&kwt[]=265&kbc[]=154&kwp[]=1&kid[]=21964053&kbc2[]=1%3D0.31%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D2.64%7Cps%3D1.069%7C3%3D0.57%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Payroll+Withholding+Calculator&kwd[]=Online+Side+Hustle+Ideas&kwt[]=265&kbc[]=49280&kwp[]=2&kid[]=350905586&kbc2[]=1%3D1.65%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D6.79%7Cps%3D1.080%7C3%3D0.87%7C4%3D2.95&ktd[]=824650629376&ktrkt[]=Online+Side+Hustle+Ideas&kwd[]=Best+High+Dividend+Stock&kwt[]=355&kbc[]=ebf82c92c889d53731e2078ed3562ca7.d2s&kwp[]=3&kid[]=205772782&kbc2[]=1%3D1.04%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D6.12%7Cps%3D0.990%7C3%3D0.74%7C4%3D1.89&ktd[]=274911592704&ktrkt[]=Best+High+Dividend+Stock&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=355&kbc[]=ebf82c92c889d53731e2078ed3562ca7.d2s&kwp[]=4&kid[]=324947967&kbc2[]=1%3D2.37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D7.19%7Cps%3D0.990%7C3%3D0.93%7C4%3D4.17&ktd[]=4503874522185984&ktrkt[]=No.1+Stock+to+Buy+Now&kwd[]=Expense+Report+Spreadsheet&kwt[]=265&kbc[]=49568&kwp[]=5&kid[]=10265722&kbc2[]=tnid%3D-1%7C1%3D1.46%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D4.05%7Cps%3D1.085%7C3%3D0.19%7C4%3D1.00&ktd[]=288232300314034432&ktrkt[]=Expense+Report+Spreadsheet&cid=8CU573VJ2&vwid=1663612578521477274&vi=1663612578521477274&tdAdd[]=ib%3D0&vsid=3066141781455471&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=799&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU1PUZJN&vgd_hb_audit_2=117812387&vgd_kalog=UUID%3Dh8qCyb6T0N7TPJro7%7C%7CSI%3D2820%7C%7CTPTD%3D779141435786756%7C%7CSID%3D8%7C%7CHID%3D5%7C%7CCI%3D2825%7C%7CTLID%3D6%7C%7CMPTD%3D640%7C%7CMI%3D2820&vgd_katid=808128967&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3Dna%7C%7Caghl%3D0%7C%7Cttd%3D8&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721610&vgd_nrrv=13273&vgd_nrrmf=1c84a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_go_pid=8PO7E3CC0&&vgd_ifrmode=14&vgd_l1rakh=1663612578197045301&sttm=1663612578732&upk=1663612579.29023&hvsid=00001663612578732025035145548202&verid=3111299&vgd_matchstr=bcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&sbdrId=99&vgd_ecrid=1700080812896700300025000001000&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D16276&&vgd_vstrid=3066141781455471&vgde_bdata=~G-MjJzvuHH9~GwEv9~G8Ov9.9X9~G-M1QzvXuH~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MjeYEv99999999999999999999999999999999999999999999999999~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvA99-fX9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-M7Y1-vfX9~N875vcaI_D4KT~NUMkjv9~ONvyNEoxQoJ1Q7uoO~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.99~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMzJB~OYYMOfFv9~OYYMOfhv9~OYYMOfWvf~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAHvuhuiX%2ChuHu%2Chuhi%2Chf9H~OYYMOAFvIK~OYYMOAhv_~OYYMOAivdQmzSG8OSyJ7aL7GDJQEmzQJ~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.99i~OYYMYuv9.9Hu~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.WhF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiu~OYYMYuFv9.HFH~OYYMYuhvu.999~OYYMYfv9.9u9~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAAv9.99X~OYYMYAHvu.999~OYYMYAivWFu.999~OYYMYH9vWFu.999~OYYMYHuvu.999~OYYMYHfvu.999~OYYMYHHv9.iiu~OYYMYHXvffh.999~OYYMYHFvFX9if.999~OYYMYHhvA9X.999~OYYMYHWvWH9XF.999~OYYMYXv9.hHH~OYYMYFvu.999~OYYMYhvu.uhW~OYYMYivu.999~OYYMLv9.HFH~JMLEYv9.9Hu~JLEYv9.9Hu~wNv9n%2Bn9~8w1v9~875EJvKrt~LM8EvfF9hoXA99o99F9o9999o9999o9999o9999o9999~LMQNv%3DKog%3D~LGmvXMA~LJkMNz7v9~QyY7vJYE75~Q7Ovz1~eGLv9~e8Q8G8j875vu~QxEEj5M71yM8Ov~e8JB1G8j875v9.Wh~1YEvu~NGOEv9.9fF~OYYvw1LYmz5~Qx8Ov~O7NvJ1Q7MQN~-8OvKrtoExGof9uWHWHFfufAhAfA~O1jyvxz8Qmzuf~w7Yjvu~1OGjUvH99uHWuufA~QmGEv~N7LvH.FHFFfH4oX~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9X9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vX9~OmyGv9ou~8GNvu~~Y-JvOJQU7mE_mEu~Y-GzvRf&vgd_optout=0&vgd_cfud=220909&vgd_scsver=316&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001663612578732025035145548202&subBdr=99&bdrid=319&rc=0&rand=1663612579108&acid=771eb297017c45d89037544e2f94c358&matm=1663612579108&vgd_ltimesrc=1&vgd_ltime=1070&vgd_rtime=672&vgd_etm=12&vgd_l1hcsd=A21%7C6192&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=3962&vgd_pgid=p1483169743t202209191836&vgd_adprefflag=11&vgd_adpref_diff=110&vgd_csip=rtb-appnexus-97449b58f-jd25v.SC&vgd_sbSup=1&vgd_nrrs=13273&vgd_cntrdt=SF%7C2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=821747664&size=300x250&cc=CA&chnm=HARMONY&pid=8PO7E3CC0&tpid=TD14426&https=1&vif=2&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&nse=5&vi=1663612578521477274&ugd=4&adt1=8CU1PUZJN&adt2=117812387&bae=B44/4B/Bxq&bcpf=B44%2F4B%2F8fOnRrolnfOur8Bxq&bdrId=319&ntv=0&matchstring=bcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&kttle=SafeFrame%20Container&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808128967&kapc=5&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C1ywjv9%7C%7C77OvW&kata=aton&ekalog=PPVrvwW%20%3D5GF_9Ih_06Lmh%7C%7CbVvfWf9%7C%7C_0_rvhhiuHuHAXhWFhXF%7C%7CbVrvW%7C%7CqVrvX%7C%7C%3DVvfWfX%7C%7C_TVrvF%7C%7Cc0_rvFH9%7C%7CcVvfWf9&pgid=p1483169743t202209191836&goent=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=QC&tcf_cmp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 18:36:19 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=57041
content-length
15
wl
t.pubmatic.com/ 		17 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=162221
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:19 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=162221
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162221/7652/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:19 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://fortune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 02F8 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDHWXkOPBBmqWlawzK6csRJkErMsqqw1r0jrR-8WFiA_eRYXFru3_U1RzB49YaFcfQcgptE9pNEQ6q0V6QQ6ZuHbMi&sig=Cg0ArKJSzLrc8FMvbi5gEAE&id=lidar2&mcvt=1000&p=25,315,279,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3137182254&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663612578134&rpt=574&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame 02F8 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=5&spSource=0&ifst=0&vid=Yyi2oQAM5BsE0YnEYwClbQ&s_city=atlanta&ugd=4&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&bcat%3C%3E=1000010%23%231000008%23%231000007%23%231000005%23%231000004%23%2310060%23%231000003%23%2310509%23%231000031%23%231000030%23%231000027%23%231000024%23%231000023%23%231000019%23%231000018%23%2310080%23%2310784%23%2310085%23%2310087%23%2310088%23%231000037%23%231000036%23%2313612%23%231000035%23%2310163&exp=ssProfile%3D3%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D3%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=7.247613E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=4&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.120&size=970x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&mx_crsw_bckt=B2&commit_id=5a197c05&scrid=1700080812896700970025000001000&itypeid=17&mx_SPRIG=2&viewability=58&renderer=0&be=0&rtime=32.0&adj0=0.0&tmax=300&s_ip=172.217.36.130&adj2=0.0&adj1=0.0&feedback_id=Yyi2oQAM5BsE0YnEYwClbQ&adtypes=0&mx_aabpc=0&reqid=Yyi2oQAM5BsE0YnEYwClbQ&sc=CA-QC&mowxReqId=938cf58a7dab4d91a780d95f3e41cfee_1&ifdp=0&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&bidrestime=1663612577907&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CU573VJ2-927635774-39-15&coppa_enf=true&bdp=0.120&ct=Montreal&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CU585TW4&dnt_enf=false&mx_ssBucket=3&vls=0&asn=514&mang=1&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=fortune.com&pgcatiab2=115&dt=O&acid=938cf58a7dab4d91a780d95f3e41cfee&actltime=42&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C95&dfpBd=0.091&sckfl=0&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU573VJ2&epcexp=false&pubid=pub-ADX-101639958875&mx_bsProfile=0&cid=8CU1PUZJN&bcrid=1700080812896700970025000001000&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=970x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU585TW4&tgtval=pub-ADX-101639958875&__expireat=1663613178162&lmt_status=N&reftype=3&viewability_vendor=EXCHANGE&prvAccId=824385419&ckfl=0&lper=1&mx_tgs=728x90%7C750x200%7C930x180%7C970x90%7C970x250&dummy_vsid=false&cbdp=0.091&pvdTmax=255&ltime=41.0&epc=927635774&ctr_vendor=EXCHANGE&prvReqId=934679223643_2079261191_11781238723131&zip=H2V&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-2018484621237323&ybnca_erpm=0.12&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=47&mx_PC=1&wsip=mowx-lite-95c599848-gndvf&currsrc_date=2022-09-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-19+18%3A36%3A17&policy_enf=2&mx_ssProfile=3&mx_SC=0&reftime=60&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&mx_mrpp_key=bidapi-gcp-sc&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_Pmz3BkilHYAYQ86Pic1ZHiDokWtvb8WWop4hHwMrvENE8UiVZs0WdK495tjtZl5dc7f&dmm_ogerpm=false&csip=rtb-appnexus-97449b58f-2r62l.SC&mx_bsBucket=0&mx_aurt=0&mx_crsw_exp=desktopTop1&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.12&tpbTkn=false&adblk=3137182254&fpuReq=0&vcmplrt=-1.0&crid=117812387&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44085%23%2344123%23%2344148%23%237141%23%237179%23%2317195%23%237204&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D40~ogerpm%3D0.12~vw_exc%3D0.58~vis_sd%3D466~dc2%3D1~bat%3D0%2C0%2C1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022091906~iurl_b%3D1661.46~url_tkc%3D0~std%3D~MP%3D.*employ.*~last%3D~vis_url_b%3D0.72~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D20~riipua%3D7%2C7~et%3D27~rc%3D1~rps_sd%3D2022091912~vis_b%3D514.32~url_b%3D0.6~url_tvi%3D0~url_l%3D40~gcat%3D500312~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.12~bm%3D1~sid%3D824385419~sd%3D0~uid%3Dh8M13a0zfzXLK4N8H~btd%3D242836410673351303370167391132886607069661109781625062459923518493687697507173793792~d2p_l%3D30~3pcf%3D1027.25~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.97~ogd2p_b%3D0.94~vurl_b%3D0.93~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D61.3~vurl_l%3D30~CI%3D2740~nts%3D5~MP2%3D.*%2Fuber-.*~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D1.08~PF%3D0~isif%3D0~lc%3D1~bid%3D0.12~dc%3D8~vl2r_b%3D3.47~ivurl_l%3D30~supply_tag_id%3D%7Eviewability%3D0.58%7Eamp%3D1%7Ecbdp%3D0.091%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-2018484621237323%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3137182254%7Esobp%3D%7Ectr%3D7.247613E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.120%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D25%7Edogb%3D0-1~ibc%3D1~mxe%3DdesktopTop1~mxbn%3DB2~ddt%3D-1~nsz%3D5~tgs%3D728x90%7C750x200%7C930x180%7C970x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D255&utime=752&sf=0&cpr=0.8174530525774151&evttyp=1
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:19 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 19 Sep 2022 18:36:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0851 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIoQw22uSJk3-y_-X3jbes3spixXkX-KfAnLDZpMqOwA1c4Ua-s9N4e2u22BpFt-4QJzVoww12wgKtQNUUSmW209yr&sig=Cg0ArKJSzKkc5Ud2AUjvEAE&id=lidar2&mcvt=1000&p=742,1172,996,1472&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=4001481123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663612578406&rpt=389&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame 0851 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Yyi2ogABvAsKs_TTug1AaA&s_city=morganton&ugd=4&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&bcat%3C%3E=1000010%23%231000008%23%231000007%23%231000005%23%231000004%23%2310060%23%231000003%23%2310509%23%231000031%23%231000030%23%231000027%23%231000024%23%231000023%23%231000019%23%231000018%23%2310080%23%2310784%23%2310085%23%2310087%23%2310088%23%231000037%23%231000036%23%2313612%23%231000035%23%2310163&exp=ssProfile%3D4%7Csfl%3Dfalse%7CssBucket%3D3%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=4.646624E-5&mx_TAF=3&device_id=4&ae=false&mx_UCC=4&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=319&og_cbdp=0.050&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&mx_crsw_bckt=B2&commit_id=5a197c05&scrid=1700080812896700300025000001000&itypeid=17&mx_SPRIG=2&viewability=87&renderer=0&be=0&rtime=34.0&adj0=0.0&tmax=300&s_ip=74.125.19.17&adj2=0.0&adj1=0.0&feedback_id=Yyi2ogABvAsKs_TTug1AaA&adtypes=0&mx_aabpc=0&reqid=Yyi2ogABvAsKs_TTug1AaA&sc=CA-QC&mowxReqId=771eb297017c45d89037544e2f94c358_1&ifdp=0&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&bidrestime=1663612578172&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CU573VJ2-872458285-39-26&coppa_enf=true&bdp=0.050&ct=Montreal&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CU585TW4&dnt_enf=false&mx_ssBucket=3&vls=0&asn=514&mang=1&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=fortune.com&pgcatiab2=115&dt=O&acid=771eb297017c45d89037544e2f94c358&actltime=43&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C95&dfpBd=0.026&sckfl=0&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU573VJ2&epcexp=false&pubid=pub-ADX-101639958875&mx_bsProfile=0&cid=8CU1PUZJN&bcrid=1700080812896700300025000001000&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=300x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU585TW4&tgtval=pub-ADX-101639958875&__expireat=1663613178427&lmt_status=N&reftype=3&viewability_vendor=EXCHANGE&prvAccId=821747664&ckfl=0&lper=1&mx_tgs=200x200%7C250x250%7C300x250&dummy_vsid=false&cbdp=0.026&pvdTmax=253&ltime=42.0&epc=872458285&ctr_vendor=EXCHANGE&prvReqId=1515518472990_1115805741_11781238713191&zip=H2V&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-2018484621237323&brsrclk=0&sbdrid=99&mx_bsBucketRa=0&rtttime=50&mx_PC=1&wsip=mowx-lite-95c599848-hdt9g&currsrc_date=2022-09-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-19+18%3A36%3A18&policy_enf=2&mx_ssProfile=4&mx_SC=1&reftime=60&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=319&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_PkWwMGQ8bRkU5MLOatnGaTEb9DffbhxTF-pqEDdLDJPVi40sy6FfUU-6ZRr4Wu3yWO5&dmm_ogerpm=false&csip=rtb-appnexus-97449b58f-jd25v.SC&mx_bsBucket=0&mx_aurt=0&mx_crsw_exp=desktopTop1&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.05&tpbTkn=false&adblk=4001481123&fpuReq=1&vcmplrt=-1.0&crid=117812387&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44085%23%2344123%23%2344148%23%237141%23%237179%23%2317195%23%237204&opbidflr=0.010&impId=1&rme=adm&bdata=~bx_len%3D1440~bhp%3D0~bid%3D0.050~bx_asn%3D514~bx_cs%3D0~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_lvmp%3D00000000000000000000000000000000000000000000000000~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000001~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_tmax%3D250~city%3DMONTREAL~ck_fl%3D0~dc%3Dgcp-us-east1-d~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.00~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_new~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D2~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d34%3D17195%2C7141%2C7179%2C7204~dmm_d36%3DNA~dmm_d37%3DT~dmm_d39%3Djson%2Fbid%2FgetOrtbResponse~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.009~dmm_m1%3D0.041~dmm_m10%3D1.000~dmm_m11%3D1.000~dmm_m12%3D0.876~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.991~dmm_m16%3D0.464~dmm_m17%3D1.000~dmm_m2%3D0.010~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.005~dmm_m34%3D1.000~dmm_m39%3D861.000~dmm_m40%3D861.000~dmm_m41%3D1.000~dmm_m42%3D1.000~dmm_m44%3D0.991~dmm_m45%3D227.000~dmm_m46%3D65092.000~dmm_m47%3D305.000~dmm_m48%3D84056.000~dmm_m5%3D0.744~dmm_m6%3D1.000~dmm_m7%3D1.178~dmm_m9%3D1.000~dmm_r%3D0.464~e_rpm%3D0.041~erpm%3D0.041~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_ip%3D2607-5300-0060-0000-0000-0000-0000-0000~r_sc%3DCA-QC~rbo%3D5_3~ref_cnt%3D0~sgmt%3Dempty~std%3Dna~vbr%3D0~visibility%3D1~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.026%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-2018484621237323%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D4001481123%7Esobp%3D%7Ectr%3D4.646624E-5%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.050%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~~mxe%3DdesktopTop1~mxbn%3DB2&utime=597&sf=0&cpr=0.20173738551685605&evttyp=1
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:19 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 19 Sep 2022 18:36:19 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E3C1 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162221&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bqi.php
lg3.media.net/ Frame 02F8 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2531&lf=3&&vgd_hb_audit_1=8CU1PUZJN&vgd_hb_audit_2=117812387&vgd_l2type=sca&gdpr=0&prid=8PRVCXX19&cid=8CU573VJ2&crid=824385419&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&vi=1663612578256011760&ugd=4&cc=CA&sc=QC&bdrid=313&subBdr=196&startTime=1663612578631&vgd_l1rakh=1663612578195550503&l1ch=1&sttm=1663612578639&upk=1663612579.18084&hvsid=00001663612578639025035145544201&acid=938cf58a7dab4d91a780d95f3e41cfee&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D40~ogerpm%3D0.12~vw_exc%3D0.58~vis_sd%3D466~dc2%3D1~bat%3D0%2C0%2C1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022091906~iurl_b%3D1661.46~url_tkc%3D0~std%3D~MP%3D.*employ.*~last%3D~vis_url_b%3D0.72~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D20~riipua%3D7%2C7~et%3D27~rc%3D1~rps_sd%3D2022091912~vis_b%3D514.32~url_b%3D0.6~url_tvi%3D0~url_l%3D40~gcat%3D500312~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.12~bm%3D1~sid%3D824385419~sd%3D0~uid%3Dh8M13a0zfzXLK4N8H~btd%3D242836410673351303370167391132886607069661109781625062459923518493687697507173793792~d2p_l%3D30~3pcf%3D1027.25~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.97~ogd2p_b%3D0.94~vurl_b%3D0.93~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D61.3~vurl_l%3D30~CI%3D2740~nts%3D5~MP2%3D.*%2Fuber-.*~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D1.08~PF%3D0~isif%3D0~lc%3D1~bid%3D0.12~dc%3D8~vl2r_b%3D3.47~ivurl_l%3D30~supply_tag_id%3D%7Eviewability%3D0.58%7Eamp%3D1%7Ecbdp%3D0.091%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-2018484621237323%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3137182254%7Esobp%3D%7Ectr%3D7.247613E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.120%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D25%7Edogb%3D0-1~ibc%3D1~mxe%3DdesktopTop1~mxbn%3DB2~ddt%3D-1~nsz%3D5~tgs%3D728x90%7C750x200%7C930x180%7C970x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D255&matchstring=hr%3D0%7Cbcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&vgd_sc=QC&infr=1&twna=1&stime=1663612578304&vgd_ecrid=1700080812896700970025000001000&l1hcsd=l1!A21|6192&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p1483169743t202209191836&vgd_pgids=1
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 18:36:20 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=59326
content-length
15
bqi.php
lg3.media.net/ Frame 0851 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3232&lf=3&&vgd_hb_audit_1=8CU1PUZJN&vgd_hb_audit_2=117812387&vgd_l2type=sca&gdpr=0&prid=8PRVCXX19&cid=8CU573VJ2&crid=821747664&requrl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack&vi=1663612578521477274&ugd=4&cc=CA&sc=QC&bdrid=319&subBdr=99&startTime=1663612578725&vgd_l1rakh=1663612578197045301&l1ch=1&sttm=1663612578732&upk=1663612579.29023&hvsid=00001663612578732025035145548202&acid=771eb297017c45d89037544e2f94c358&verid=3111299&vgd_bdata=~bx_len%3D1440~bhp%3D0~bid%3D0.050~bx_asn%3D514~bx_cs%3D0~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_lvmp%3D00000000000000000000000000000000000000000000000000~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000001~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_tmax%3D250~city%3DMONTREAL~ck_fl%3D0~dc%3Dgcp-us-east1-d~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.00~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_new~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D2~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d34%3D17195%2C7141%2C7179%2C7204~dmm_d36%3DNA~dmm_d37%3DT~dmm_d39%3Djson%2Fbid%2FgetOrtbResponse~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.009~dmm_m1%3D0.041~dmm_m10%3D1.000~dmm_m11%3D1.000~dmm_m12%3D0.876~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.991~dmm_m16%3D0.464~dmm_m17%3D1.000~dmm_m2%3D0.010~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.005~dmm_m34%3D1.000~dmm_m39%3D861.000~dmm_m40%3D861.000~dmm_m41%3D1.000~dmm_m42%3D1.000~dmm_m44%3D0.991~dmm_m45%3D227.000~dmm_m46%3D65092.000~dmm_m47%3D305.000~dmm_m48%3D84056.000~dmm_m5%3D0.744~dmm_m6%3D1.000~dmm_m7%3D1.178~dmm_m9%3D1.000~dmm_r%3D0.464~e_rpm%3D0.041~erpm%3D0.041~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_ip%3D2607-5300-0060-0000-0000-0000-0000-0000~r_sc%3DCA-QC~rbo%3D5_3~ref_cnt%3D0~sgmt%3Dempty~std%3Dna~vbr%3D0~visibility%3D1~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.026%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-2018484621237323%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D4001481123%7Esobp%3D%7Ectr%3D4.646624E-5%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.050%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~~mxe%3DdesktopTop1~mxbn%3DB2&matchstring=bcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&vgd_matchstr=bcat%3D22%2C11%2Ca%2C13%2Cm0%2C16%2Cg%2Ch%2Cgo%2C1z%2Ci2%2Cyd%2Ci5%2C4%2Cod%2C7%2Ca9%2Cqj%2Cjc%2Chb%2Cy5%2Cmk%7Ccsh%3D1&vgd_sc=QC&infr=1&twna=1&stime=1663612578449&vgd_ecrid=1700080812896700300025000001000&l1hcsd=l1!A21|6192&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p1483169743t202209191836&vgd_pgids=1
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 18:36:20 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=59326
content-length
15
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		76 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=cfQj2fM3zj&tbc=%7Bkpex%7DR7-Fg2aJY0M4tYvYhA4wedqqeIUQhuWkXXSfwPFACSLoawb0yPd119VBIOUxmKcB&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp133
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d0f80e94206315ae3925b200b5a4b73559ea896db224c1e5758b6feac33546
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d46d24e8ac4bcb-YUL
date
Mon, 19 Sep 2022 18:36:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-138-244
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
p3p
CP="NON DSP COR OUR IND"
server-time
0.001
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mkozgirkxcy
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
648
date
Mon, 19 Sep 2022 18:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 20:25:32 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1768155718&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Uber%20employees%20are%20being%20taunted%20with%20obscene%20images%20in%20a%20devastating%20hack%20%7C%20Fortune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OFT1CTKDWTAV____templateId_OTZ5HXLTMLS6____templateVariantId_OTV7CVEEK2PNE____aid_cfQj2fM3zj&el=Show%20offer%20offerId%3AOFT1CTKDWTAV%20templateId%3AOTZ5HXLTMLS6%20templateVariantId%3AOTV7CVEEK2PNE%20aid%3AcfQj2fM3zj&_u=6GDAAEABQAAAAC~&jid=1040833034&gjid=30229253&cid=723129747.1663612577&tid=UA-97981691-5&_gid=1631482056.1663612577&_r=1&_slc=1&z=2095694097
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fortune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 43C6 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t.co
URL: https://t.co/fRis76bQtN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
648
date
Mon, 19 Sep 2022 18:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 20:25:32 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97981691-5&cid=723129747.1663612577&jid=1040833034&gjid=30229253&_gid=1631482056.1663612577&_u=6GDAAEABQAAAAC~&z=1397871833
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 18:36:20 GMT
content-type
text/plain
access-control-allow-origin
https://fortune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97981691-5&cid=723129747.1663612577&jid=1040833034&_u=6GDAAEABQAAAAC~&z=1608799258
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97981691-5&cid=723129747.1663612577&jid=1040833034&_u=6GDAAEABQAAAAC~&z=1608799258
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AC4B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25285735&p=162221&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
995ab02912f912a7c6fcc73ed1eb6430372a21996c1703bad3371f21c07790a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:19 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame CA3D
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f4d611c6-3849-11ed-8789-f3ed13a1c250
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f4d611c6-3849-11ed-8789-f3ed13a1c250
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:21 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f4d611c6-3849-11ed-8789-f3ed13a1c250
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-5
server
Cowboy
Pug
image2.pubmatic.com/AdServer/ Frame 1FA7
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_70e1ce8e0ca3452f87ee3
42 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_70e1ce8e0ca3452f87ee3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 04:06:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Mon, 19 Sep 2022 18:36:20 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_70e1ce8e0ca3452f87ee3
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
usersync.aspx
dis.criteo.com/dis/ Frame F325 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 18:36:20 GMT
expires
Mon, 19 Sep 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
512154
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
33141
tags.bluekai.com/site/ Frame AC4B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b2e93faa22e60bf978765a4a1f611986&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=36d0f8f31289da6e
62 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=36d0f8f31289da6e
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
23.208.216.233 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=36d0f8f31289da6e
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame AC4B
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&addseg=10,33,39
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date
Mon, 19 Sep 2022 18:36:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame AC4B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:21 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:21 GMT
Frontend-ID
1
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame AC4B 		43 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-81.iad55.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:21 GMT
via
1.1 10a35db7a5db275f537a340dc439408c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD55-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
AHNSP590oytVHESZrTAowEY5UDBiUr6yCa6fsztI6I3ILHePfi09LQ==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame AC4B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=70108df5-f3d8-480d-bd9e-69c20d5aa43b&gdpr=0&gdpr_consent=
1 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=70108df5-f3d8-480d-bd9e-69c20d5aa43b&gdpr=0&gdpr_consent=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=70108df5-f3d8-480d-bd9e-69c20d5aa43b&gdpr=0&gdpr_consent=
Date
Mon, 19 Sep 2022 18:36:20 GMT
X-CI-RTID
aee3d23b-88b8-4d43-afd6-93b97699adcb
Connection
keep-alive
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame AC4B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6120805245256493692&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6120805245256493692&gdpr=0&gdpr_consent=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:20 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4cb52d60-fd9c-4ad5-8306-1396bd5d8f7d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6120805245256493692&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AC4B
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2f28942d45115e6&is_secure=true&networkId=17100&version=1&nuid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJN7x6F5-MKwNH6d-7AAAAAAA&expiration=1663698981&nuid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJN7x6F5-MKwNH6d-7AAAAAAA&expiration=1663698981&nuid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJN7x6F5-MKwNH6d-7AAAAAAA&expiration=1663698981&nuid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame AC4B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:20 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame AC4B 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.150.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-150-196.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:21 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AC4B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pXrAafF_k2S-ecdh9nDfaPctwzS-eMNi93Eh4F8G
42 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pXrAafF_k2S-ecdh9nDfaPctwzS-eMNi93Eh4F8G
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pXrAafF_k2S-ecdh9nDfaPctwzS-eMNi93Eh4F8G
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AC4B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5c70ac8d-6535-4480-85a0-b7bb33e50db8
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5c70ac8d-6535-4480-85a0-b7bb33e50db8
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d8757838-8394-463a-a318-ee6073e743e0&user_group=1&ssp=pubmatic&bsw_param=5c70ac8d-6535-4480-85a0-b7bb33e50db8
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5c70ac8d-6535-4480-85a0-b7bb33e50db8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 18:36:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 2D96 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37849025&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
80513ead1e25a42afaf38af2d1263c99eaa1caf8b1d60dc4cf10133fece78d0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1270
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame F089
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PH7o0YwTTxxV0DRxJPtyuZU4mbo
42 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PH7o0YwTTxxV0DRxJPtyuZU4mbo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 18:36:20 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PH7o0YwTTxxV0DRxJPtyuZU4mbo
Pug
simage2.pubmatic.com/AdServer/ Frame 4D2F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K6Qj15lZ1OAlCZ5&gdpr=0&gdpr_consent=
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K6Qj15lZ1OAlCZ5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 18:36:20 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K6Qj15lZ1OAlCZ5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0e6dbf232294a7b99@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame E676 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3B52
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693982020361
42 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693982020361
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693982020361
ecm3
s.amazon-adsystem.com/ Frame F0A9 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC4825E74-51C8-4BA3-85B8-BD302DBB49EC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
327KFMK8ZHDJ3G937AJ2
/
io.narrative.io/ Frame 2D96
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C4825E74-51C8-4BA3-85B8-BD302DBB49EC
  • https://io.narrative.io/?io.narrative.guid.v2=f4e415f0-3849-11ed-b714-0a73341a89eb&companyId=673&id=pubmatic_id:C4825E74-51C8-4BA3-85B8-BD302DBB49EC
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=f4e415f0-3849-11ed-b714-0a73341a89eb&companyId=673&id=pubmatic_id:C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
35.171.38.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-38-224.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 18:36:21 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=f4e415f0-3849-11ed-b714-0a73341a89eb&companyId=673&id=pubmatic_id:C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Date
Mon, 19 Sep 2022 18:36:21 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 2D96 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.247.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-247-87.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.164
content-type
image/gif
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 2D96
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ee7cb541-db7f-4b25-9c12-fe2c9e627cc5%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&ttd_puid=ee7cb541-db7f-4b25-9c12-fe2c9e627cc5%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&ttd_puid=ee7cb541-db7f-4b25-9c12-fe2c9e627cc5%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:21 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=53df53d6-41a0-4e70-b2c8-112deb2da6d0&ttd_puid=ee7cb541-db7f-4b25-9c12-fe2c9e627cc5%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
sn.ashx
pmp.mxptint.net/ Frame 2D96
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F67767CC_58033CE0&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
38.67.14.233 Fernandina Beach, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-346599381; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:21 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-346599381; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 19 Sep 2022 18:36:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2D96
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4242432423704910180
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4242432423704910180
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-vmg_ox-db5_cnv_an-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:21 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4242432423704910180
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
events
api.permutive.com/v2.0/batch/ 		201 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=63e72aad-78ba-4502-891f-9d9ff3d2f6bc
Requested by
Host: e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
URL: https://e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app/e3c12f53-768d-4aa2-8e31-b8d0ee6320b1-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3b51d88c3d9407a97c3126f17a6ef95e8975f9d839b03083b6c39b8bea497c06

Request headers

Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 18:36:21 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://fortune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame 7A3E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39014545&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a1c7b77d3dbc73489104e84879704b9d9e71c44586dbc71c9536b17c6fb96035

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1672
content-type
text/html; charset=UTF-8
i.match
s.tribalfusion.com/z/ Frame FB25
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
74d46d2979f8ece6-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
74d46d28b933ece6-YUL
content-type
text/html
date
Mon, 19 Sep 2022 18:36:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1054
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 6815
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=a40f9cb1-bdee-45d9-9624-fd5057013345&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.36.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-36-54.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:21 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 19 Sep 2022 18:36:21 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame E465
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74d46d28a9e77148-YUL
content-length
0
date
Mon, 19 Sep 2022 18:36:21 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
Pug
simage2.pubmatic.com/AdServer/ Frame 8EF1
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=xEt6934aM
42 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=xEt6934aM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=xEt6934aM
vary
Origin
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame C628
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7168989811529430770&uid=Q716898981152943...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168989811529430770
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168989811529430770
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=69291
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 19 Sep 2022 18:36:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168989811529430770
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
image2.pubmatic.com/AdServer/ Frame 3745
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LAwq4uHZCv-C5jN2pbYoYw
42 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LAwq4uHZCv-C5jN2pbYoYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LAwq4uHZCv-C5jN2pbYoYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame 304B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 19 Sep 2022 18:36:21 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 3EA0
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a9f94b7-a964-4c7a-87d8-44b2cb3f9e19-tucta223c25&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a9f94b7-a964-4c7a-87d8-44b2cb3f9e19-tucta223c25&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 19 Sep 2022 18:36:21 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12822-YUL
x-timer
S1663612581.289958,VS0,VE18

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 19 Sep 2022 18:36:21 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a9f94b7-a964-4c7a-87d8-44b2cb3f9e19-tucta223c25&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12833-YUL
x-timer
S1663612581.228732,VS0,VE18
x-vcl-time-ms
18
cookiesync
core.iprom.net/ Frame 8ECB 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:21 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-dee24bf4148a@version_1.525v2
X-core-time
1ms
X-server-arch
v2
usersync
usersync.gumgum.com/ Frame 7038 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 19 Sep 2022 18:36:21 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 7A3E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6120805245256493692
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6120805245256493692
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 18:36:21 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7cafaf4d-beca-4832-85b6-fe4b3c4e7009
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6120805245256493692
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E2D3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6978875&p=156176&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dpb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e71343062cd1dd6c311ccf48f87893e238fc2435041ed97ac4ef9890132c8827

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1105
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 7BCF
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=025157ac-781b-4d21-8e49-bd20ff420fca
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=025157ac-781b-4d21-8e49-bd20ff420fca
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dpb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 18:36:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 19 Sep 2022 18:36:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=025157ac-781b-4d21-8e49-bd20ff420fca
strict-transport-security
max-age=15724800; includeSubDomains
epx
um.simpli.fi/ Frame 5709
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://um.simpli.fi/epx
43 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/epx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dpb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.171.234.26 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
26.234.171.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
content-type
image/gif
date
Mon, 19 Sep 2022 18:36:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
pragma
no-cache

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 19 Sep 2022 18:36:21 GMT
expires
Sun, 18 Sep 2022 18:36:21 GMT
location
https://um.simpli.fi/epx
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame CB59
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dpb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 18:36:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 19 Sep 2022 18:36:21 GMT
expires
Sun, 18 Sep 2022 18:36:21 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8EC54A6829BD4C6ABB9350DA90352755
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
aacxc.php
c.aaxads.com/ Frame D7D2 		69 B
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3066141781455402000V10&wbsh=pb&uhiXuo=&ylg=36125783473066141781455402000V10&ryvlg=C4825E74-51C8-4BA3-85B8-BD302DBB49EC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dpb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.193.239 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-193-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2425b660230bb48d5acfa6dc31dc7d417c427523544e605e23272bb135c6b658
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
69
content-type
image/gif
date
Mon, 19 Sep 2022 18:36:21 GMT
expires
Mon, 19 Sep 2022 18:36:21 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
x-mnet-hl2
E
Pug
simage2.pubmatic.com/AdServer/ Frame E2D3
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ce2e0897-061f-4734-bb89-f7dc6a679ebe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ce2e0897-061f-4734-bb89-f7dc6a679ebe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ce2e0897-061f-4734-bb89-f7dc6a679ebe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 19 Sep 2022 18:36:21 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame E2D3 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: fortune.com
URL: https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.63.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-63-11.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 18:36:21 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
collect
i.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://fortune.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://fortune.com
date
Mon, 19 Sep 2022 18:36:20 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
SPug
simage4.pubmatic.com/AdServer/ Frame AC4B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162221&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 2D96 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 7A3E 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame E2D3 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156176&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3066141781455402000V10%26wbsh%3Dpb%26uhiXuo%3D%26ylg%3D36125783473066141781455402000V10%26ryvlg%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:36:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.dianomi.com
URL
https://www.dianomi.com/smartads.epl?id=4953
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MANIFEST object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| fortuneGTM function| makeStub function| profitwell function| setNptTechAdblockerCookie object| script object| ntv object| queryly function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| googletag object| tp function| ___tp function| BlockAdBlock object| blockAdBlock object| truste object| template undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| twq function| fbq function| _fbq object| _fbq_gtm_ids object| _comscore function| __tcfapi object| permutive object| apstag function| __uspapi function| UET function| UET_init function| UET_push object| COMSCORE function| udm_ object| PARSELY object| twttr object| google_optimize function| lintrk boolean| _already_called_lintrk object| ueto_f0a39f39cb object| uetq function| setImmediate function| clearImmediate object| ggeac object| google_js_reporting_queue object| ntvConfig boolean| apstagLOADED object| PianoESPConfig object| ns_p object| gaplugins object| gaGlobal object| gaData object| aax object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| PWT object| OWT boolean| SENT_LIGHTBOX_PV undefined| google_measure_js_timing function| $ function| jQuery string| relatedtrackurl string| htmlcontent function| clarity object| msgData object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id

210 Cookies

Domain/Path Name / Value
fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack Name: ntvSession
Value: {}
.mrtnsvr.com/sync Name: userId
Value: xEt6934aM
.t.co/ Name: muc
Value: a5f4898c-af9d-4f32-83b8-2b8c777d11d5
.t.co/ Name: muc_ads
Value: a5f4898c-af9d-4f32-83b8-2b8c777d11d5
.bit.ly/ Name: _bit
Value: m8jiAf-9fb519c31da9c7371a-00W
.fortune.com/ Name: _gcl_au
Value: 1.1.674595183.1663612576
.fortune.com/ Name: _pprv
Value: %7B%22consent%22%3A%7B%220%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%221%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%222%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%223%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%224%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%225%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%226%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%227%22%3A%7B%22mode%22%3A%22opt-in%22%7D%7D%7D
.fortune.com/ Name: _pctx
Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsAcAnAMwBexArMQPb4AuAtgAwQBsUIANCAK4DOMAE59sAOx65c3fkIDKdCHX7YQEUdVFcQfBHRgYxE3AF8gA
.fortune.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22l893z3533z0ql8o9%22%7D
.fortune.com/ Name: usprivacy
Value: 1---
.fortune.com/ Name: notice_behavior
Value: none
id.tinypass.com/ Name: AWSELBCORS
Value: D54D83371CA73269B30D9CD8F7A2329AB776287862274343263B441C07542FF48E5D6C7E0663DC3D4A2FA0CCC41A3CE459F8DE1019C7AC821A6C0B82E1CCC63B8F13E9C47F
.bing.com/ Name: MUID
Value: 0336996CCAF86F9F27FF8B48CBD26EC2
.bat.bing.com/ Name: MR
Value: 0
.fortune.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://fortune.com/2022/09/16/uber-employees-barraged-with-obscene-images-in-major-hack/%22%2C%22sref%22:%22https://t.co/%22%2C%22sts%22:1663612576555%2C%22slts%22:0}
.fortune.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=89cf9f587e69be78c1c138dd7a0e93bb%22%2C%22session_count%22:1%2C%22last_session_ts%22:1663612576555}
fortune.com/ Name: __adblocker
Value: false
.fortune.com/ Name: _uetsid
Value: f23a1230384911ed81e05795197369b4
.fortune.com/ Name: _uetvid
Value: f23a4230384911ed827b0f8b0f6f1f2e
.piano.io/ Name: __cf_bm
Value: SLOsLuaG1WEJ3pkRkWI1P.bXzf20lzBvTjlwbc0ULw8-1663612576-0-AZ4+A+b/T7vi6HyUE/rhEo2iaRwWBk9aRz+01olV4Jr9CysD+qh4pw3XtxBR5uXAVOKKHqLbYpbvSUVcVT67v5Q=
.fortune.com/ Name: permutive-id
Value: f8f715b9-2b87-4f14-9976-cbf81469355d
.fortune.com/ Name: __tbc
Value: %7Bkpex%7DR7-Fg2aJY0M4tYvYhA4wedqqeIUQhuWkXXSfwPFACSLoawb0yPd119VBIOUxmKcB
.fortune.com/ Name: __pat
Value: -14400000
.fortune.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-2022-09-19-18-36-16-180-3xmJnwDTX89z36dQ-bfb34749f2712b845cbe6bbc037ad5ad%22%2C%22domain%22%3A%22.fortune.com%22%2C%22time%22%3A1663612576712%7D
.fortune.com/ Name: xbc
Value: %7Bkpex%7DjcRmkXscIIwmvP0gUPD7sIZpqwDR8jYaFtHdPJdujSfFgEaGC-lGqBEjLBJYH4gUbl-CKqWwSMhLRC8BsMd2z0UXxXLsEqTEU1RlKrMQuwqDTZTelprp9vGNNx9GZtc_Jtc4zm-KF5-2Dr3pPRfPyfAVNbK2-hprS7zvuwZgmUceMOaavsDGp2_ucq2_id5b-V3vBI7JwmwQSgD4-_PyuUsv2EZXdE4LVJGDskd3uDczRtvI30rmIsIiRyF7FlEYVGnOvvjpuNk3WrBy3MLfOO2xBInK8dl5riA_LZ6RvYLNJ14CoKf5XtYh3f28scAhhaz5vLd5JSAp8TjRNGSwOBQRAxVsH5YAGMwqqIwOa9FK3iwjH1PDVDeOh1F-NpeoLi0mizDYZmJP8O3Br8xbJi7687bHuTcDRWO_MQ5m3LU
.linkedin.com/ Name: li_sugr
Value: 7ad6e964-207c-4e77-bacd-e58a402730b9
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&de650044-5c54-4a5b-8761-e8bcb0aa9739"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2915:u=1:x=1:i=1663612576:t=1663698976:v=2:sig=AQFx6vrnI0Hk0MTIa5kHvMS-0s1hOpt7"
.fortune.com/ Name: _ga
Value: GA1.2.723129747.1663612577
.fortune.com/ Name: _gid
Value: GA1.2.1631482056.1663612577
.twitter.com/ Name: personalization_id
Value: "v1_fJvqjoPeHqIsF5E0qAlVYQ=="
.fortune.com/ Name: _gat_UA-97981691-5
Value: 1
.scorecardresearch.com/ Name: UID
Value: 15E46191e3e806962dfc1251663612576
.tinypass.com/ Name: ch_sid
Value: D8SSSN3QxcbRnlM
.tinypass.com/ Name: LANG
Value: en_US
.fortune.com/ Name: _fbp
Value: fb.1.1663612576829.1443635448
.linkedin.com/ Name: UserMatchHistory
Value: AQLcMARzVKYrqAAAAYNXCWRJvzXeyj3NB-gZNPj_Hpx656trl2GFgGTMMhjGy1iBPTGB5IKk32ZwRw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJVB3GASPfKUgAAAYNXCWRJyDHaqaKwD9DuWc3lwoKCoeTH5n2wVeqyHuV70prZ5V5DQ1u-YvShAeX44J_Wtg
.facebook.com/ Name: fr
Value: 0mG0lPD4cJaV8f4oK..BjKLag...1.0.BjKLag.
fortune.com/ Name: querylyvid
Value: 469190799
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220919183616c71691e3-58ea-4a90-824f-4bd2eae07fa1AQG5-pL7n07NnuSz0m7yWtdiHahzKCbl"
www.clarity.ms/ Name: CLID
Value: 22ea2e73f8194ff0a1cfd7a206800d09.20220919.20230919
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.fortune.com/ Name: __pil
Value: en_US
.fortune.com/ Name: _clck
Value: 15o76vv|1|f50|0
.adsymptotic.com/ Name: U
Value: ca4cd6dae0ec7b1a412f57fcef8e8cf2
.rubiconproject.com/ Name: khaos
Value: L893Z44B-D-24LO
.amazon-adsystem.com/ Name: ad-id
Value: A1_FkurwwkB3lCWC9X3EXKo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: icu
Value: ChkIsLiEARAKGAEgASgBMKHtopkGOAFAAUgBEKHtopkGGAA.
.adnxs.com/ Name: uuid2
Value: 6120805245256493692
.fortune.com/ Name: _clsk
Value: jkxs5q|1663612577699|1|0|i.clarity.ms/collect
fortune.com/ Name: aasd
Value: 5%7C1663612577740
fortune.com/ Name: __aaxsc
Value: 2
.gumgum.com/ Name: vst
Value: u_49596e47-8976-4037-930a-e1114267411b
.openx.net/ Name: i
Value: e296aed1-a01b-0ed6-234c-aeb4fe630012|1663612577
.simpli.fi/ Name: suid
Value: 8EC54A6829BD4C6ABB9350DA90352755
.casalemedia.com/ Name: CMID
Value: Yyi2oRn-d19SCE-bk5iq7gAA
.casalemedia.com/ Name: CMPS
Value: 475
.casalemedia.com/ Name: CMPRO
Value: 475
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C4825E74-51C8-4BA3-85B8-BD302DBB49EC
.openx.net/ Name: pd
Value: v2|1663612577|vMgakWgyiK
.turn.com/ Name: uid
Value: 3200019522267894042
.zemanta.com/ Name: zuid
Value: u8jv3sNaccSLnXoBtA94
.outbrain.com/ Name: obuid
Value: 282e49ce-d1dc-46c1-9955-aa3c0cba669a
.sharethrough.com/ Name: stx_user_id
Value: 541ee0c1-f4c3-4158-9d16-6f78c6714bc9
.adsrvr.org/ Name: TDID
Value: 53df53d6-41a0-4e70-b2c8-112deb2da6d0
.technoratimedia.com/ Name: tads_uid
Value: 4CDA0D90037F47AA87AE71D2CF5693E0
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220919143618-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.deepintent.com/ Name: CDIUSER
Value: di_70e1ce8e0ca3452f87ee3
.emxdgt.com/ Name: uid
Value: 53591663612578109748b7
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3c7ee8d1-8c13-4f1c-55d0-347124fb72b9.QVAIDL9safr0RKh5onRnAKv3scw6VYc%2FBvVeewP0TfA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APH7o0YwTTxxV0DRxJPtyuZU4mbo.xd3vpYi0%2FEuvJZCxLVRp44SZ%2F8wNlRE2kLMJ%2BL1wSqI
.yahoo.com/ Name: A3
Value: d=AQABBKK2KGMCEAgiTB21L7wdPaDvEed7plYFEgEBAQEIKmMyYwAAAAAA_eMAAA&S=AQAAAsv3F7_J756K1mdz-rVxdY0
.ipredictive.com/ Name: cu
Value: 70108df5-f3d8-480d-bd9e-69c20d5aa43b|1663612578110
.mathtag.com/ Name: uuid
Value: eddb6328-b6a2-4500-9514-4b380244cff4
.adform.net/ Name: C
Value: 1
.rlcdn.com/ Name: rlas3
Value: H3S7UTU3mSfr7mDQJ77CwO52oIAA+EpN+5Jydstp1YQ=
.adform.net/ Name: uid
Value: 4242432423704910180
.emxdgt.com/ Name: apn_id
Value: 6120805245256493692
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2796:18z8~2796"
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:5a0a6328-b6a2-4400-8bd0-562584635c9b&KRTB&16736-uid:5a0a6328-b6a2-4400-8bd0-562584635c9b&KRTB&23019-uid:5a0a6328-b6a2-4400-8bd0-562584635c9b&KRTB&23208-uid:5a0a6328-b6a2-4400-8bd0-562584635c9b
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3200019522267894042&KRTB&23150-3200019522267894042
.bidr.io/ Name: bito
Value: AACAQU7GUW0AAA6vShhBhQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-53df53d6-41a0-4e70-b2c8-112deb2da6d0&KRTB&22918-53df53d6-41a0-4e70-b2c8-112deb2da6d0&KRTB&23031-53df53d6-41a0-4e70-b2c8-112deb2da6d0
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:8EC54A6829BD4C6ABB9350DA90352755
.bidswitch.net/ Name: tuuid
Value: 5c70ac8d-6535-4480-85a0-b7bb33e50db8
.bidswitch.net/ Name: c
Value: 1663612578
.bidswitch.net/ Name: tuuid_lu
Value: 1663612578
.doubleclick.net/ Name: IDE
Value: AHWqTUk3TyTSrHVIJusMEn1btHLUvw_LKVL9eo6te010eIrISEQ8EglKZzG1DOwDE6Q
.rlcdn.com/ Name: pxrc
Value: CKLtopkGEgUI6AcQABIFCOhHEAA=
.openx.net/ Name: univ_id
Value: 537072971|53df53d6-41a0-4e70-b2c8-112deb2da6d0|1663612578253844
.aaxads.com/ Name: aax-vsid
Value: 3066141781455402000V10
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEKB6DIZHGVO-UiRM7eu_KkQ&KRTB&22987-CAESEKB6DIZHGVO-UiRM7eu_KkQ&KRTB&23025-CAESEKB6DIZHGVO-UiRM7eu_KkQ&KRTB&23386-CAESEKB6DIZHGVO-UiRM7eu_KkQ
beacon.lynx.cognitivlabs.com/ Name: UID
Value: a40f9cb1-bdee-45d9-9624-fd5057013345
.sitescout.com/ Name: ssi
Value: 9b1cb722-81d2-417d-b2f4-36d3ad1590f9#1663612578297
.360yield.com/ Name: tuuid
Value: cfb88db2-f1af-4aec-a059-746209a21a29
.360yield.com/ Name: tuuid_lu
Value: 1663612578
.creativecdn.com/ Name: u
Value: GKxsg7NdO6Ulj0UQfSvt
.creativecdn.com/ Name: ts
Value: 1663612578
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fortune.com/ Name: __gads
Value: ID=1e60cdcf3f7c8c2f-22ecf03e32b40058:T=1663612577:S=ALNI_MZg5wI8mN_9o8HJAO2mGBK4NZ5SPg
.fortune.com/ Name: __gpi
Value: UID=00000575ebb477cb:T=1663612577:RT=1663612577:S=ALNI_MY_ZSb55CTDeN6LgR4T7YOL5-FC3w
.pippio.com/ Name: did
Value: 9v6VQgr766Fw1_g3
.pippio.com/ Name: didts
Value: 1663612578
.pippio.com/ Name: nnls
Value:
.contextweb.com/ Name: V
Value: yzV9gNFwkDYo
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g71|7dN.0.AACAQU7GUW0AAA6vShhBhQ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4337af8fa370c825
.pswec.com/ Name: tuuid
Value: 5687e45e-9c89-4d96-b019-2720ba000758
.pswec.com/ Name: c
Value: 1663612578
.pswec.com/ Name: tuuid_lu
Value: 1663612578
.technoratimedia.com/ Name: tads_uidp_73
Value: AACAQU7GUW0AAA6vShhBhQ
.aaxads.com/ Name: 201AAX
Value: 3200019522267894042~~1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 4e86e363b009cbdc86c320816d473ec9
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEm1MEs1NjNOMjCwTE5KSbYwSzY2MrAwNEsxMTdOTbZkAIJkjW2LQDQUAABQsAqb"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI1ti2CEhBAQAXAgHk"
.socdm.com/ Name: SOC
Value: Yyi2osCo8XoAAIjLQqYAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACAQU7GUW0AAA6vShhBhQ
.media.net/ Name: visitor-id
Value: 3066141781455471000V10
.pippio.com/ Name: pxrc
Value: CKLtopkGEgQIAhAAEgYI7OsBEAA=
.tapad.com/ Name: TapAd_TS
Value: 1663612578622
.tapad.com/ Name: TapAd_DID
Value: ee7cb541-db7f-4b25-9c12-fe2c9e627cc5
.aaxads.com/ Name: 141AAX
Value: u8jv3sNaccSLnXoBtA94~~1
.linksynergy.com/ Name: rmuid
Value: cdfdb74a-fcb7-4739-a9b5-da4d08df0aee
.linksynergy.com/ Name: icts
Value: 2022-09-19T18:36:18Z
.mfadsrvr.com/ Name: tuuid
Value: 168d7390-53b8-4b8f-8a54-c15741216a94
.mfadsrvr.com/ Name: c
Value: 1663612578
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663612578
.mfadsrvr.com/ Name: ssh
Value: !medianet,1663612578
.media.net/ Name: data-bs
Value: 5c70ac8d-6535-4480-85a0-b7bb33e50db8~~1
.casalemedia.com/ Name: CMTS
Value: 041
.media.net/ Name: data-mf
Value: 168d7390-53b8-4b8f-8a54-c15741216a94~~1
.media.net/ Name: data-g
Value: CAESEPqDFrs56HO8V_oUHPw7jHM~~6
.media.net/ Name: data-ttd
Value: 53df53d6-41a0-4e70-b2c8-112deb2da6d0~~1
.smartadserver.com/ Name: pid
Value: 7318505572738817141
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bH4pTUwntlBge1WuCoMxA8a+JUixCbOKdokEu2gZrfHPtAjfGypdzcqA0KBqmSsHJgiPnBiMlBpv3aOgzXjMDayNzLHk9DcBFXS3iLUirbV3Q==
.media.net/ Name: data-r
Value: L893Z44B-D-24LO~~1
.pubmatic.com/ Name: SPugT
Value: 1663612580
.fortune.com/ Name: _gat_pianoTracker
Value: 1
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220220919%22%7D
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2MzYxMjU4MDk0NCwiMjQiOjE2NjM2MTI1NzgzNDAsIjM5IjoxNjYzNjEyNTc4MzQwLCI3IjoxNjYzNjEyNTc4MzQwfQ
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6120805245256493692&KRTB&23339-6120805245256493692
.pubmatic.com/ Name: DPSync3
Value: 1664755200%3A201_197_219_221_226_236_228_245%7C1664150400%3A164_248%7C1663632000%3A174
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_70e1ce8e0ca3452f87ee3
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-70108df5-f3d8-480d-bd9e-69c20d5aa43b&KRTB&23011-70108df5-f3d8-480d-bd9e-69c20d5aa43b&KRTB&23355-70108df5-f3d8-480d-bd9e-69c20d5aa43b
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-9b1cb722-81d2-417d-b2f4-36d3ad1590f9-6328b6a2-4341
.adgrx.com/ Name: ADGRX_UID
Value: f4d611c6-3849-11ed-8789-f3ed13a1c250
.fiftyt.com/ Name: fifid
Value: cece4548-c72f-4624-6fda-a0d821d9e1bf
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.agkn.com/ Name: ab
Value: 0001%3AgI2lYgYxWVjKdWXKHIu%2FSd%2B54EyhZ0I6
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-PH7o0YwTTxxV0DRxJPtyuZU4mbo
.quantserve.com/ Name: d
Value: EPYBCwGRJ_ijAA
.quantserve.com/ Name: mc
Value: 6328b6a5-050e9-9dd1e-113d8
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-f4d611c6-3849-11ed-8789-f3ed13a1c250&KRTB&23275-f4d611c6-3849-11ed-8789-f3ed13a1c250
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4242432423704910180&KRTB&23263-4242432423704910180
.semasio.net/ Name: SEUNCY
Value: 352409E1118D254D
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIiOf3-_udjTsQBRIbCgxzaGFyZXRocm91Z2gSCwjg7db8-52NOxAFEhYKB3J1Ymljb24SCwjy0IyB_J2NOxAFEhQKBXRhcGFkEgsIqt7mlvydjTsQBRgBIAEoAjILCKrW6cOSno07EAU4AVoFdGFwYWRgAg..
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-pXrAafF_k2S-ecdh9nDfaPctwzS-eMNi93Eh4F8G&KRTB&19420-pXrAafF_k2S-ecdh9nDfaPctwzS-eMNi93Eh4F8G&KRTB&22979-pXrAafF_k2S-ecdh9nDfaPctwzS-eMNi93Eh4F8G&KRTB&23403-pXrAafF_k2S-ecdh9nDfaPctwzS-eMNi93Eh4F8G
.dotomi.com/ Name: DotomiTest
Value: 2f28942d45115e6
.fiftyt.com/ Name: cs
Value: MTY2MzYxMjU4MXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fJVSzjuHtZNFYX9UQk41TZ1cuWlN4_gY8k0PHWJ47DD4
.fiftyt.com/ Name: fppm
Value: 20220919183621
.acuityplatform.com/ Name: auid
Value: 693982020361
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQVVhFyaemGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFVYRcmno90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
io.narrative.io/ Name: io.narrative.guid.v2
Value: f4e415f0-3849-11ed-b714-0a73341a89eb
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6306
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-693982020361
.w55c.net/ Name: wfivefivec
Value: K6Qj15lZ1OAlCZ5
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAJN7x6F5-MKwNH6d-7AAAAAAA&KRTB&22713-AAAJN7x6F5-MKwNH6d-7AAAAAAA&KRTB&22715-AAAJN7x6F5-MKwNH6d-7AAAAAAA
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:K6Qj15lZ1OAlCZ5
.pubmatic.com/ Name: PugT
Value: 1663612581
.mxptint.net/ Name: mxpim
Value: R1D530_F67767CC_58033CE0.1.00000000000000006328B6A5
.onaudience.com/ Name: cookie
Value: f751cf3069048012
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1D530_F67767CC_58033CE0&KRTB&23092-R1D530_F67767CC_58033CE0
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-a40f9cb1-bdee-45d9-9624-fd5057013345&KRTB&23340-a40f9cb1-bdee-45d9-9624-fd5057013345
.taboola.com/ Name: t_gid
Value: 7a9f94b7-a964-4c7a-87d8-44b2cb3f9e19-tucta223c25
ads.playground.xyz/ Name: connect.sid
Value: s%3Ayr1v2ofOgry5iymPrHpnkzxVXC2UbyJL.mv8s9XHTkgbBeQ40b2MMgRjiqNauR0JvzkSyer6Y%2B2c
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 0ZkJcRDVZNrQZwXwHiP4pMtn6uKrmetUPvL%2BA84vN1xh5N9Hka7gybnu614xgSK8bEB9hgAeJpeCfMbdOU8pRA%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-xEt6934aM&KRTB&23413-xEt6934aM
pool.admedo.com/ Name: tuuid
Value: d8757838-8394-463a-a318-ee6073e743e0
pool.admedo.com/ Name: c
Value: 1663612581
pool.admedo.com/ Name: tuuid_lu
Value: 1663612581
.csync.loopme.me/ Name: viewer_token
Value: 6725fb73-f478-41c8-9f1a-f2563e18d4e0
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7168989811529430770P
.owneriq.net/ Name: pmc
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.tribalfusion.com/ Name: ANON_ID
Value: aJnseFp26Ub8e4OCbB8J493ZaUHAkPmpCBC1D3FqSA9nUUCWFZbP22LQX4ejOnLfEGKCDlr44bI5XjbcyV2pPZb
.onaudience.com/ Name: done_redirects109
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 156176:4
.pubmatic.com/ Name: SyncRTB3
Value: 1664150400%3A38_2_223_15%7C1664841600%3A35%7C1664409600%3A63%7C1668729600%3A69%7C1664755200%3A243_234_240_13_238_57_21_204_55_22_222_220_239_96_104_3_48_178_231_249_7_166_189_8_5_99_165_176_56_81_233_54_71%7C1666137600%3A224
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Dbb1797b3-87de-42b2-96d0-b432cc92b301
.bnmla.com/ Name: rx_uuid
Value: bb1797b3-87de-42b2-96d0-b432cc92b301
.bnmla.com/ Name: rx_maxage_10738
Value: 1664908581
.bnmla.com/ Name: rx_sspid_10738
Value: 6_170
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7168989811529430770&KRTB&22521-Q7168989811529430770
.aaxads.com/ Name: 079AAX
Value: C4825E74-51C8-4BA3-85B8-BD302DBB49EC~~1
.inmobi.com/ Name: idsp_c
Value: 025157ac-781b-4d21-8e49-bd20ff420fca
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-5c70ac8d-6535-4480-85a0-b7bb33e50db8
.adsby.bidtheatre.com/ Name: __kuid
Value: ce2e0897-061f-4734-bb89-f7dc6a679ebe.432826581
.c.appier.net/ Name: _auid
Value: LAwq4uHZCv-C5jN2pbYoYw
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-LAwq4uHZCv-C5jN2pbYoYw&KRTB&23130-LAwq4uHZCv-C5jN2pbYoYw

7 Console Messages

Source Level URL
Text
network error URL: https://www.dianomi.com/js/contextfeed.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.dianomi.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Ffortune.com%2F2022%2F09%2F16%2Fuber-employees-barraged-with-obscene-images-in-major-hack%2F&prx_referrer=https%3A%2F%2Ft.co%2F&ntv_mvi
Message:
Failed to load resource: the server responded with a status of 504 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2987eabd522893c851d3c308605ccbe1.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.ca
adservice.google.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
analytics.twitter.com
api.permutive.com
api.queryly.com
aud.pubmatic.com
b1sync.zemanta.com
bat.bing.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bit.ly
buy.tinypass.com
c.aaxads.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
casale-match.dotomi.com
cdn.parsely.com
cdn.tinypass.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
consent.trustarc.com
consent.truste.com
content.fortune.com
contextual.media.net
core.iprom.net
creativecdn.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
data.queryly.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.edge.permutive.app
e3c12f53-768d-4aa2-8e31-b8d0ee6320b1.prmutv.co
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fortune.com
gocm.c.appier.net
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.clarity.ms
ib.adnxs.com
id.tinypass.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
io.narrative.io
jadserve.postrelease.com
js-sec.indexww.com
l3.aaxads.com
lg3.media.net
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mweb.ck.inmobi.com
p.adsymptotic.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
public.profitwell.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
qsearch-a.akamaihd.net
r.casalemedia.com
related.queryly.com
res-a.akamaihd.net
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.co
t.pswec.com
t.pubmatic.com
tags.bluekai.com
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trustarc.mgr.consensu.org
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.fiftyt.com
warp.media.net
www.aaxdetect.com
www.clarity.ms
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.linkedin.com
www.npttech.com
www.queryly.com
x.bidswitch.net
sync.1rx.io
www.dianomi.com
104.112.10.99
104.112.11.4
104.112.12.25
104.126.73.161
104.18.100.194
104.18.18.126
104.18.19.126
104.18.23.230
104.244.42.67
104.244.42.69
104.36.115.109
104.36.115.111
104.36.115.121
104.45.178.220
104.81.240.21
107.178.246.49
107.178.254.65
124.146.215.50
129.159.70.95
13.107.42.14
13.224.202.36
13.224.205.195
13.224.214.53
13.224.214.65
13.82.218.135
141.94.170.77
142.250.64.98
146.75.36.157
15.204.162.61
151.101.1.44
151.101.193.108
151.101.2.49
159.65.196.12
169.197.150.7
172.104.64.149
173.223.72.70
173.231.178.85
18.154.227.38
18.164.116.69
18.164.96.18
18.165.98.81
18.208.53.138
18.215.210.133
184.29.193.239
184.86.229.123
185.167.164.42
185.184.8.90
195.5.165.20
198.148.27.140
199.187.193.181
207.198.113.87
209.54.182.161
23.200.168.23
23.208.216.233
23.221.200.79
23.50.66.244
23.63.77.163
23.63.77.202
23.64.60.212
2600:141b:13::17d7:82d1
2600:1f18:4e9:5a05:bd6e:9687:3c8c:35dc
2602:803:c002:200::115
2606:4700:20::681a:d56
2606:4700:4400::6812:230b
2606:4700::6810:4fa5
2606:4700::6810:f015
2606:4700::6811:190e
2606:4700::6811:b6b1
2606:4700::6811:b9b1
2606:4700::6812:551
2606:4700::6813:ad6c
2606:4700:e6::ac40:c60b
2606:ae80:1471:12::410
2607:f8b0:4004:c09::9d
2607:f8b0:4006:806::200a
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::200a
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2620:1ec:27::cafe:1539
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42::300
2a04:fa87:fffd::c000:4254
3.223.247.87
3.232.202.111
3.33.220.150
3.82.84.88
34.102.163.6
34.102.253.54
34.107.254.252
34.171.234.26
34.194.161.83
34.229.3.43
34.98.67.3
35.171.38.224
35.172.65.165
35.172.99.217
35.190.60.146
35.201.96.126
35.207.24.140
35.210.53.219
35.211.178.172
35.241.9.51
35.244.159.8
38.67.14.233
44.209.207.157
5.161.47.120
50.57.31.206
52.167.85.21
52.204.150.196
52.23.113.215
52.45.176.143
52.45.33.138
52.85.131.58
52.95.122.74
54.211.117.205
54.225.63.11
64.202.112.63
67.199.248.11
68.67.160.26
68.67.161.208
69.173.151.100
69.195.148.66
69.90.254.78
70.42.32.223
72.44.36.54
74.119.119.150
74.121.140.14
74.222.140.158
8.28.7.109
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.97
99.84.37.96
02a62bf27d5d3c30e8781bbe1d6082963856d233353dfacd31d8aaeaf5b17079
03ead4d7ec3a383e20db7d547500b9cf3928faac7997367e1893d9f62b6b4045
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
0491cd40b63014bcdea91827463e6868e7c785e29ff051a24f00eb8a7a9be62a
059331dedcfb3bb7ad7b676771afd4f4bab13b6a23f4a8b1191c9defeced31bf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ba7aa8b89ac2eea1b2ba0e46d12fa2d5908531d1a50c3eb8e6424c6bc57de6
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
140a59e23e17fb2db96ca2d46ab94e56495a813717ff6bfaf6bf6557f308baae
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19814c27aa6055c713b1c2a7c674a9524073d23a4e03e02172bedc7024e3b09d
1a1cfa3552291015462ae73d5e19468e11eefb3f31c48c342ddf88017bd4afdd
1be5d78423cb102d0e0deca0dfe43cdac7c17d25ce10de1abc8eaba77abbe438
1cb81a69cc0c4bf896384806e578b445c5bbe767ccb0c943b1c6bbace4a77f53
1d55d4f67b08a166d379773bf9fff326a8dae9daae0da2da7e3670b117658d54
20be244c4edf6909ee139b41ce99dc2a9d9dc2dd8272ae79d3994c11af308198
20f64ff0bdb20e6bb025cf37af30d536c308d6c892b393893b648a080c7d38ed
21dbb6def135a8742425ea11e7dc90ba143d2ed21ea6ad590b24fbf5b016a765
23cf7f62902700ebff3965cbefe3035381d586fa4beaeb7f2aa0bae3d354b9aa
2425b660230bb48d5acfa6dc31dc7d417c427523544e605e23272bb135c6b658
244fb24a9241db5816d0fdbd7b37a12b18cbab9fc2fcb650358b041ef9e6e77e
253ad413815e433a2d8128d1c7f6fac2834369494c0da3a4f8c76d6d854cff95
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
283844ca59ea5bad57ba6065c3e1fd02b5b150beb3cf0b0f719a10e3ff98d81d
2c672eb9031790146f139e0a9ea780dc084f1144e90f27199f002f1653e8e4bb
2f3457ee45fd2945cd922f8761edcad427bc116803e5bd69000c45e18da3156a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
33dc89018fe5aed90ddd9f9615cba7412569abfad7d4995d81001e532aac79c9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3b51d88c3d9407a97c3126f17a6ef95e8975f9d839b03083b6c39b8bea497c06
3c1af09c262dcc1d83009c0c9ce51128332fe38f788f270f146f17fed539e214
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd7d2b2585b27ad643c05cfc91cab1c9a421a2fdd23f73aaef91e4f64d381d6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f329fea5104cf341e2e6fa7d81ffc0278f808eeafa70c7b2540c5ad2f41892c
3f88adf5feabb115fa35dd2ea8f232ec72c1e542b23d46c478e97735868d61df
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b373f2aa0df9753611ccb9b312c5c35780954d8eef9ed01de48aa896a81f9d
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43d0f80e94206315ae3925b200b5a4b73559ea896db224c1e5758b6feac33546
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
45a0be6f72246e044ba041f21d551be5cdbbdc4ce20ddf27f6f5f191da428ede
463b2cb380310ff46fc138eb9117590d62eab649eaa3388e9177322b02b3f1ba
478e6af52fb68e56ea81b5b785d63530428644c5f656abef360da891644c3243
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49de94ebe2f83144c7588d1111c8f96014ee1df2cb7560fd73cafdff9aa8d30e
4af3e69d918351f3f3824ba2e2b199f5040455f5ea96713b6e7df8bf17ed8a37
4b722b3feafcfd9fb99a9d123b2e5ef2acb13d024e9883d97715cdb7de423fb0
4bcde9db767415183254eb5e5fcaa0fc4afa6203438b023369d09a0c38443713
4cf912f1bb6819adddb92b9e5b94a6233403536fde45518be1f52f5bc88a7d84
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50f09e30713b6f5876aacdb0700967aa996b1d0c8a1c2b28757d271e0d81507e
510214edfe47e35bab2ad5a098695f80b013d0a01dafcccd1a2500992fa30e10
524310f635603dd2d8e955b8a84c5dae11f76a36148a14cc82bfa934871d95a0
525a443fc223f054b1513e295c58dc80b8ed16b0aba5ed9c871363d4b8dfafd9
539570e7e2548c3dbf5ebaf2d8ed9bb7a8d15b0a133ba6864a97251a8642cf1b
5525fe0659c283e57d8ca8f0ff56cba585bd7fe8532df9387c0a824ae35dec76
55601ba0f109ac2f7c295ecabe14e4009ac427dc333eb81aa0da1a9f8ee62e1e
567b177abe46ff2626cc8e6f35914adfdca6e52da1c8acc13c52f2f3f5774eff
57f4916c90754c22aa2bb85b919b22dbf5bc3e01ac4ee39070585c08461d7b1c
5834656be9209eff52e4ab26fe8d17bad503b6db056c93f9eef31395a6f5b85b
5c32586fbc722aebdad46b36dea2a1c9fa15db9e5a849bdf00732da91c25b203
5dc08cc34906444e942bad46c5ebb968f944f3100dfff73cc8452b04a5da26f3
5fa3c1e3a72f3d8ce923d03a59272ba4d58249cfcf6c5be78ed83c2c51c88355
600a97aef58f76b9cf4e7e9bdd386cc4bb6bec6b6c2500fdba50fd9a9127ff45
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
603934056dff6ec018d7b8152bd393a01896003f225439ac5886462e847ccd82
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
63ab8480fe37b50fe05a027d25e59719c798c199b383b02e8f1f0174e77bc8ff
65366e35f44229505d72ac21531c56a1f345ed1bdd5c88fa18003ff55077aae3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e104eb984d3b0ffa5ba73224daa7f86af3387959f007f705d50d8a97ba64f17
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
71e38f5ff4c83a73463447a2687e4517a51435ed1626b3a6851a18699983c55d
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
757dc8fe2a99c74fa3010dd19e322c7748569f2e432027445237a8bf849d872b
775aef69b6bb7fa9dba3a3f5ed6548900a31da3c109d849e14cc093bb468d746
789f6ea4b6cafbba7bfc5b034efb47ea4d711464b0eca962ead776247789cebb
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79a9d02d62ba8e0c6650830016360ad971702625d15c2f09b7e6738960d3a0c9
7c6898cecf87f0bd8de569b79d00a058ade384fa9d6cf5b64ebc1a9781c51af0
80513ead1e25a42afaf38af2d1263c99eaa1caf8b1d60dc4cf10133fece78d0d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
859bc40270030118f6766b6be1a31e593445ebce2460f4e86d7e792cd49834d8
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88d7e4dfc0c6596495db87af34f2568d1be1537e496ac62dc4891e5576d47f24
890ba93f1552bded3cecea8a4c8efac2b647cbec53066976d759c92edba6526b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
9290f05fb3424f254353ece6d10f0360a2e37714219ca5f36ad5eaee9a98aecf
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
950c4f2431028b6bf216f3aa0399c9c6c5e38a0273fb632e965c12e0814ac752
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
97476151836150a36d0bf7433d26bc0655d465c2439487cfa511e0a186ac2ae8
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
995a5c73cdb06e5f92cb7f719c7ee29e2e7bc469499424fc8f63f7d2c188d3a8
995ab02912f912a7c6fcc73ed1eb6430372a21996c1703bad3371f21c07790a2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a1d382679489babe6b5d0ee9f3ad3ec391ef46089879c43a82676965230c8a1
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9de65091be63aa33e678ea73c676e76cd34dfe36edeb5ef24261db9dbbbf68ab
9ea67f062d95061414467e41ee31da457f9aba91276a8444b4d1a9a572caf34c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c7b77d3dbc73489104e84879704b9d9e71c44586dbc71c9536b17c6fb96035
a1f2c51589765f9a9499e0150378942da1e040c5af67e8c1585c65df2e0eeeb3
a42ff7bb74c439ba61ad23d88161f3eb1a09b6ec57679ecb3fa57c393d487a32
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a514876a0c7efb037a90cceb8c1f72d2a94f1b1936376de06fdc23c07e331c0f
a5f6fab3a937200eac3252cae4daf874f53e7395665c0032144b01a2f99cc54d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c11a782f5aa74c8f54ce7612bb661be87ff9ba807c9f95ea25db39262fb9d4
aa68ee153909eb591887fa77b3bc6a1bc3708659520b7234b5ed49dd72288c34
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeafd0e6947ea33fb66ac27d1039753ebc76fcbd97cc30437962bbb29fadcbff
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b07d27861690243b7b5d95a9df2556d54eb4d355f20edb9e4250f031f47a6596
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5ca043943e642e2f4c220ff787bd978fcbf1d642b191ffe6c564778a967c4b9
ba1814a8ec6f75b2b04cb5abe1f34802ddf4ed401b25696e789bd62a3f8fdfdd
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bcd4134b0da9f0228dfbb06a21baf7460051685b5e22d4481a8ae4f14f1b2fac
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bfb357d44c08f3b7ef10587b6b70f4171087d478298261f8d5477057540d376a
c15f0562b55027fea019b965a89690a4a9fb6aadd7f39bacc427be9e2fb8e624
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c49ca01860d0fcc492e428a57fbf7bac0291a55aec86b5a5fec5978b1c0901c0
c53d4bf55c7bca166ee1cb285a86fb0c193dc5104181cc64e283dca7b92145b0
c6261ca74976a2b5c9b2a492baed2360acf0ee54835528f7c7f6517e00521f7a
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9d0f642b7aad40c6f7336f36e2f925357142ec0d93210d1524cbfa29d31e7f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d045dc415bb458b14b4f4f6be2f5c92794dc1cca04e00d7ffc72724b5f7497ca
d079ed9ed9d9448b879e7feef5c1b3f14e15271f0377755d6fe8b8f396e68a35
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d40696bc4b5b9ea9b2da31c5ee28c13af4046935d1caf28f1786fe3d53bf6ce1
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d608adbfa57a72009f7d3f6426bb3326c96de7c4fd37984d076b1f7f2fd8a876
d8c1d773d76f2a1bbce08b1d0d46d3413bb6ffae732aa3bf4c0823b12d4b6caf
dca39abed928ad482320d9a39de6e8cf7f0be80b4b08710107521e00dacb65a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e07fd98391b60a2a0fae6f020fd357dafa5bea58ab62d45c09190a29536367c2
e0db05ca421ddd5f9a15ad3389d28f999589686177af3e7859f20c50248f105a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71343062cd1dd6c311ccf48f87893e238fc2435041ed97ac4ef9890132c8827
e789f7935d6d7776a0c2341570220c445bc1c493381518c085e641f9128b8938
e99b820fdf1436051086020e27ae6ebd0e982c31b712dd45b13222eb7a6489a3
ea579d7d23bb267a326abb02571bf4258d7495830df9c1db55ba9f1ea6b76eeb
eb503b1c37f0c282f17296944170a8e4daff78e61b2456b59b11c807d98b18e9
eb92decdba565a4e468aeb25d8bb13256e6fb1740b49b777e16a5046fe4d678e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd89ae666c6ea64de012d87c323fcbbf627b385bc8983081344e68ce317caa8
ed4d74cf35f19eb0bfc45aad5dcf4fa5a5d0ceb464bd4464fd246566022c3dc8
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f214aed10a4a4afd63cfff5d479fefa59982dedeb75e2cb3a033d95ec66a1
f177e51c1913c9ec63bcfaf44654efe56b6082d7c7c7d3c937d3a088ff0f446e
f392578775cd8233a4b50137aafc013c948a0009b2d9b9b1f0d37c94dcc9176d
f573c2e1dfb5d93082165fe7b99287a3e81f4f17453a76c90e56ceba0c55fa5c
f7228511d795c7314e11ebb235d64dd1ac455f762c1a533af2e8658cbed8d7fe
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
fbd7ed4f93721d1fd01062540e84d0c3fa8a5297ef5daff964e7ea5f532930ad