urlscan.io logo urlscan.io
SecurityTrails logo

simpleflying.com Open in urlscan Pro
34.233.113.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Submission: On June 17 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 164 IPs in 12 countries across 148 domains to perform 794 HTTP transactions. The main IP is 34.233.113.241, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is simpleflying.com. The Cisco Umbrella rank of the primary domain is 78573.
TLS certificate: Issued by R3 on June 15th 2023. Valid for: 3 months.
This is the only time simpleflying.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 34.233.113.241 14618 (AMAZON-AES)
9 2a02:6ea0:c45... 60068 (CDN77 ^_^)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
9 18.67.65.75 16509 (AMAZON-02)
31 2607:f8b0:400... 15169 (GOOGLE)
2 18.160.18.69 16509 (AMAZON-02)
1 52.85.151.46 16509 (AMAZON-02)
1 54.231.203.145 16509 (AMAZON-02)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:1901:0:d... 15169 (GOOGLE)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
3 18.67.67.228 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
7 148.113.153.86 16276 (OVH)
11 2600:9000:24f... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 13.32.151.21 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
6 23 192.40.39.223 27381 (CASALE-MEDIA)
15 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 10 2606:4700:10:... 13335 (CLOUDFLAR...)
7 7 68.67.160.24 29990 (ASN-APPNEX)
13 13 15.197.193.217 16509 (AMAZON-02)
2 11 8.28.7.83 62713 (AS-PUBMATIC)
9 14 69.173.151.100 26667 (RUBICONPR...)
9 14 34.111.113.62 396982 (GOOGLE-CL...)
24 42 142.251.40.194 15169 (GOOGLE)
5 9 69.166.1.12 27630 (AS-XFERNET)
8 25 34.98.64.218 396982 (GOOGLE-CL...)
1 2 216.22.16.8 30633 (LEASEWEB-...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 99.84.191.112 16509 (AMAZON-02)
3 4 35.186.253.211 15169 (GOOGLE)
1 2400:52e0:1a0... 200325 (BUNNYCDN)
1 5 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 18.165.97.179 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 18.160.46.100 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:219... 16509 (AMAZON-02)
4 2620:100:a001::4 19750 (AS-CRITEO)
2 199.127.204.163 26120 (RHYTHMONE)
1 23.23.116.45 14618 (AMAZON-AES)
7 104.36.115.111 62713 (AS-PUBMATIC)
1 209.205.197.154 55081 (24SHELLS)
1 208.115.232.150 46475 (LIMESTONE...)
9 104.18.25.185 13335 (CLOUDFLAR...)
3 34.120.63.153 396982 (GOOGLE-CL...)
2 44.198.229.175 14618 (AMAZON-AES)
5 34.235.10.219 14618 (AMAZON-AES)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 143.198.127.82 14061 (DIGITALOC...)
6 147.28.129.37 54825 (PACKET)
12 20 68.67.179.166 29990 (ASN-APPNEX)
1 63.251.28.234 26558 (FREEWHEEL)
1 54.83.38.144 14618 (AMAZON-AES)
3 44.209.30.160 14618 (AMAZON-AES)
2 35.190.39.111 15169 (GOOGLE)
1 4 52.44.28.63 14618 (AMAZON-AES)
3 162.19.138.118 16276 (OVH)
8 72.247.71.192 16625 (AKAMAI-AS)
8 68.67.153.61 29990 (ASN-APPNEX)
2 5 2620:100:a001::c 19750 (AS-CRITEO)
2 7 8.28.7.81 62713 (AS-PUBMATIC)
2 74.119.119.139 19750 (AS-CRITEO)
1 23.49.101.144 16625 (AKAMAI-AS)
7 51.222.39.186 16276 (OVH)
2 52.87.79.114 14618 (AMAZON-AES)
14 34.196.26.39 14618 (AMAZON-AES)
8 167.71.25.23 14061 (DIGITALOC...)
2 3.219.149.83 14618 (AMAZON-AES)
8 54.84.92.154 14618 (AMAZON-AES)
19 25 141.95.98.65 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
4 23.192.50.109 16625 (AKAMAI-AS)
4 5 151.101.2.49 54113 (FASTLY)
2 2 199.38.167.130 54312 (ROCKETFUEL)
2 31 52.46.128.147 16509 (AMAZON-02)
13 13 52.22.231.91 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
1 1 23.105.12.151 30633 (LEASEWEB-...)
4 7 198.148.27.139 19189 (PULSEPOINT)
9 9 216.200.232.249 30419 (MEDIAMATH...)
5 23 162.248.18.37 62713 (AS-PUBMATIC)
1 2 169.197.150.8 398989 (DEEPINTENT)
2 2 2620:116:800b... 14618 (AMAZON-AES)
2 2 74.119.119.150 19750 (AS-CRITEO)
2 2 173.231.178.116 32475 (SINGLEHOP...)
4 6 54.198.195.78 14618 (AMAZON-AES)
4 4 50.17.63.122 14618 (AMAZON-AES)
1 2 107.20.114.132 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
9 34.149.40.38 15169 (GOOGLE)
7 38 52.223.22.214 16509 (AMAZON-02)
1 2 35.172.246.77 14618 (AMAZON-AES)
6 6 34.133.71.175 396982 (GOOGLE-CL...)
6 6 2620:112:f002... 6336 (TURN-US-ASN)
5 7 34.200.65.202 14618 (AMAZON-AES)
3 6 8.28.7.84 62713 (AS-PUBMATIC)
2 6 2600:1f18:4e9... 14618 (AMAZON-AES)
14 14 2606:ae80:145... 25751 (VALUECLICK)
4 4 52.201.57.82 14618 (AMAZON-AES)
22 22 35.211.178.172 19527 (GOOGLE-2)
3 3 3.234.11.15 14618 (AMAZON-AES)
1 2 54.204.181.100 14618 (AMAZON-AES)
1 2 38.68.201.140 174 (COGENT-174)
6 6 207.198.113.90 13768 (COGECO-PEER1)
4 4 185.167.164.43 198622 (ADFORM)
4 4 107.21.21.236 14618 (AMAZON-AES)
21 2607:f8b0:400... 15169 (GOOGLE)
1 2606:ae80:147... 25751 (VALUECLICK)
3 13 104.127.172.242 16625 (AKAMAI-AS)
3 3 35.214.159.67 15169 (GOOGLE)
1 6 23.52.158.180 16625 (AKAMAI-AS)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 1 52.5.227.160 14618 (AMAZON-AES)
1 2600:9000:250... 16509 (AMAZON-02)
4 18.160.41.20 16509 (AMAZON-02)
2 2 23.105.12.171 30633 (LEASEWEB-...)
1 3.233.37.172 14618 (AMAZON-AES)
7 7 72.251.238.254 32475 (SINGLEHOP...)
5 10 63.251.86.49 32475 (SINGLEHOP...)
23 3.227.148.228 14618 (AMAZON-AES)
1 1 52.71.209.114 14618 (AMAZON-AES)
1 1 178.250.7.11 44788 (ASN-CRITE...)
7 7 162.248.18.32 62713 (AS-PUBMATIC)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
1 1 188.166.17.21 14061 (DIGITALOC...)
4 4 8.43.72.98 26667 (RUBICONPR...)
2 10 34.202.191.141 14618 (AMAZON-AES)
1 1 3.224.103.82 14618 (AMAZON-AES)
1 2 52.201.52.94 14618 (AMAZON-AES)
12 13 199.127.204.142 26120 (RHYTHMONE)
1 1 35.190.90.30 15169 (GOOGLE)
5 5 35.207.24.140 15169 (GOOGLE)
8 8 64.202.112.159 22075 (AS-OUTBRAIN)
4 5 23.197.21.62 16625 (AKAMAI-AS)
1 1 18.215.8.84 14618 (AMAZON-AES)
6 6 80.77.87.163 46636 (NATCOWEB)
5 5 54.227.209.210 14618 (AMAZON-AES)
1 1 8.2.110.134 46636 (NATCOWEB)
2 2 188.42.34.65 7979 (SERVERS-COM)
9 9 67.202.105.23 32748 (STEADFAST)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 67.220.228.201 16509 (AMAZON-02)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 2001:4860:480... 15169 (GOOGLE)
6 23.52.156.48 16625 (AKAMAI-AS)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2a04:4e42:600... 54113 (FASTLY)
1 34.120.135.53 396982 (GOOGLE-CL...)
4 9 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
4 18.165.98.81 16509 (AMAZON-02)
1 108.139.29.12 16509 (AMAZON-02)
1 209.204.239.164 27381 (CASALE-MEDIA)
4 174.129.148.57 14618 (AMAZON-AES)
2 4 3.216.3.198 14618 (AMAZON-AES)
2 2 35.211.233.246 15169 (GOOGLE)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 146.20.128.141 27357 (RACKSPACE)
16 52.85.151.90 16509 (AMAZON-02)
1 1 162.210.196.208 30633 (LEASEWEB-...)
1 23.227.139.243 55081 (24SHELLS)
2 151.101.193.108 54113 (FASTLY)
2 24.199.80.64 14061 (DIGITALOC...)
3 104.18.10.47 13335 (CLOUDFLAR...)
15 23.49.100.28 16625 (AKAMAI-AS)
6 168.119.146.39 24940 (HETZNER-AS)
1 1 3.233.84.12 14618 (AMAZON-AES)
2 2 54.148.98.145 16509 (AMAZON-02)
1 1 192.132.33.46 18568 (BIDTELLECT)
1 52.44.30.82 14618 (AMAZON-AES)
11 34.98.72.95 396982 (GOOGLE-CL...)
2 34.199.73.116 14618 (AMAZON-AES)
1 37.157.5.133 198622 (ADFORM)
1 34.120.253.250 396982 (GOOGLE-CL...)
17 2600:1f13:800... 16509 (AMAZON-02)
2 2 52.205.64.79 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 18.165.98.105 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 54.87.127.173 14618 (AMAZON-AES)
1 1 64.247.192.250 11320 (LIGHTEDGE...)
2 2 185.184.10.30 203690 (RTB-HOUSE...)
1 1 67.202.105.34 32748 (STEADFAST)
1 67.202.105.31 32748 (STEADFAST)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 2600:9000:230... 16509 (AMAZON-02)
1 35.190.114.150 15169 (GOOGLE)
1 34.120.28.40 396982 (GOOGLE-CL...)
1 34.120.232.38 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
6 34.117.239.71 396982 (GOOGLE-CL...)
35 34.111.8.32 396982 (GOOGLE-CL...)
2 4 35.207.10.239 15169 (GOOGLE)
1 1 35.211.118.13 19527 (GOOGLE-2)
1 1 8.2.110.33 46636 (NATCOWEB)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 1 139.162.84.221 63949 (AKAMAI-LI...)
1 35.186.193.173 15169 (GOOGLE)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 195.5.165.20 44968 (IPROM-AS)
1 162.55.120.196 24940 (HETZNER-AS)
2 2 104.66.251.81 16625 (AKAMAI-AS)
1 44.206.150.230 14618 (AMAZON-AES)
1 52.206.51.4 14618 (AMAZON-AES)
1 54.217.67.170 16509 (AMAZON-02)
1 34.107.191.194 396982 (GOOGLE-CL...)
1 34.149.130.207 15169 (GOOGLE)
2 34.204.156.95 14618 (AMAZON-AES)
4 34.117.4.53 396982 (GOOGLE-CL...)
16 2620:100:a001... 19750 (AS-CRITEO)
794 164
15    34.233.113.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-113-241.compute-1.amazonaws.com
simpleflying.com
9    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
static1.simpleflyingimages.com
cdn.adsninja.ca
3    2607:f8b0:4006:817::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:81f::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
9    18.67.65.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-75.iad89.r.cloudfront.net
tagan.adlightning.com
31    2607:f8b0:4006:816::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
2    18.160.18.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-69.iad12.r.cloudfront.net
launchpad.privacymanager.io
1    52.85.151.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-46.iad89.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    54.231.203.145 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
adtechvideo.s3.amazonaws.com
10    2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
childlikeform.com
5    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
id.hadron.ad.gt
pixels.ad.gt
3    18.67.67.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-67-228.iad89.r.cloudfront.net
c.amazon-adsystem.com
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
seg.ad.gt
7    148.113.153.86 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy01.cl04.ovh.mrf.io
mbid.marfeelrev.com
11    2600:9000:24f4:5000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2607:f8b0:4006:820::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
3    13.32.151.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-21.iad66.r.cloudfront.net
geo.privacymanager.io
8    2607:f8b0:4006:80a::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
23    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
15    2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
10    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
ids.ad.gt
7    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
13    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
11    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
14    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
14    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
42    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
9    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
25    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
valnetbidder-d.openx.net
us-u.openx.net
google-bidout-d.openx.net
2    216.22.16.8 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
1    2607:f8b0:4006:820::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2607:f8b0:4006:81d::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:824::2006 (Flushing, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    99.84.191.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-112.iad89.r.cloudfront.net
ats-wrapper.privacymanager.io
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    2400:52e0:1a00::940:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
video.adsninja.ca
5    2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    18.165.97.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-97-179.iad55.r.cloudfront.net
aax.amazon-adsystem.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2199:b200:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
4    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    199.127.204.163 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    23.23.116.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-116-45.compute-1.amazonaws.com
hb.yellowblue.io
7    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    209.205.197.154 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.sync.viewdeos.com
1    208.115.232.150 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
9    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
as-sec.casalemedia.com
3    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    44.198.229.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-229-175.compute-1.amazonaws.com
prebid-server.rubiconproject.com
5    34.235.10.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-10-219.compute-1.amazonaws.com
tlx.3lift.com
3    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    143.198.127.82 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebid.cootlogix.com
6    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
20    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    63.251.28.234 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    54.83.38.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-38-144.compute-1.amazonaws.com
krk.kargo.com
3    44.209.30.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-30-160.compute-1.amazonaws.com
hb.minutemedia-prebid.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
4    52.44.28.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-28-63.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
3    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
8    72.247.71.192 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-71-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    68.67.153.61 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.nym2.adnexus.net
prebid.adnxs.com
5    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
7    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    23.49.101.144 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-101-144.deploy.static.akamaitechnologies.com
a.teads.tv
7    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
2    52.87.79.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-79-114.compute-1.amazonaws.com
krk2.kargo.com
14    34.196.26.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-26-39.compute-1.amazonaws.com
pbs.nextmillmedia.com
8    167.71.25.23 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
exchange.cootlogix.com
2    3.219.149.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-149-83.compute-1.amazonaws.com
g2.gumgum.com
8    54.84.92.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-92-154.compute-1.amazonaws.com
report2.hb.brainlyads.com
25    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    2607:f8b0:4006:822::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
4    23.192.50.109 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-50-109.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
5    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
31    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
13    52.22.231.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-231-91.compute-1.amazonaws.com
match.prod.bidr.io
2    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    23.105.12.151 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
7    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
9    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
23    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    173.231.178.116 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-8.sys.adgear.com
cm.adgrx.com
6    54.198.195.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-195-78.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    50.17.63.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-63-122.compute-1.amazonaws.com
pm.w55c.net
2    107.20.114.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-114-132.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
9    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
38    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    35.172.246.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-246-77.compute-1.amazonaws.com
thrtle.com
6    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
6    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
7    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
6    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
6    2600:1f18:4e9:5a01:1182:3903:eb81:31e2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
14    2606:ae80:1451:17::1370 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
triplelift-match.dotomi.com
casale-match.dotomi.com
33across-match.dotomi.com
4    52.201.57.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-57-82.compute-1.amazonaws.com
sync.ipredictive.com
22    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    3.234.11.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-11-15.compute-1.amazonaws.com
ads.creative-serving.com
2    54.204.181.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-181-100.compute-1.amazonaws.com
rtb.adentifi.com
2    38.68.201.140 (Bergenfield, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
6    207.198.113.90 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    107.21.21.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-21-236.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
21    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
1    2606:ae80:1471:15::500 (United States)

ASN25751 (VALUECLICK, US)
proc.ad.cpe.dotomi.com
13    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
3    35.214.159.67 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 67.159.214.35.bc.googleusercontent.com
csync.loopme.me
6    23.52.158.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-158-180.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
c21lg-d.media.net
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    52.5.227.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-227-160.compute-1.amazonaws.com
jadserve.postrelease.com
1    2600:9000:2501:5a00:17:c484:6380:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-tam.minutemedia-prebid.com
4    18.160.41.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-20.iad55.r.cloudfront.net
ms-cookie-sync.presage.io
2    23.105.12.171 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
1    3.233.37.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-37-172.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
7    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
10    63.251.86.49 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
23    3.227.148.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-148-228.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
cs.minutemedia-prebid.com
1    52.71.209.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-209-114.compute-1.amazonaws.com
rtb.gumgum.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
7    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
10    34.202.191.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-191-141.compute-1.amazonaws.com
ads.yieldmo.com
1    3.224.103.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-103-82.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
2    52.201.52.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-52-94.compute-1.amazonaws.com
um2.eqads.com
13    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
5    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
8    64.202.112.159 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
5    23.197.21.62 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-21-62.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    18.215.8.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-8-84.compute-1.amazonaws.com
match.sharethrough.com
6    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
5    54.227.209.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-209-210.compute-1.amazonaws.com
ssp.disqus.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
2    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
9    67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    23.52.156.48 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-156-48.deploy.static.akamaitechnologies.com
svastx.moatads.com
z.moatads.com
px.moatads.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
9    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    18.165.98.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-81.iad55.r.cloudfront.net
ib.3lift.com
1    108.139.29.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-12.jfk50.r.cloudfront.net
check.analytics.rlcdn.com
1    209.204.239.164 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a1474.casalemedia.com
4    174.129.148.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-148-57.compute-1.amazonaws.com
pixel.adsafeprotected.com
4    3.216.3.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-3-198.compute-1.amazonaws.com
fw.adsafeprotected.com
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    146.20.128.141 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
16    52.85.151.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-90.iad89.r.cloudfront.net
valnet-tagan.adlightning.com
1    162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.sync.viewdeos.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    24.199.80.64 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
3    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
15    23.49.100.28 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-100-28.deploy.static.akamaitechnologies.com
contextual.media.net
6    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
1    3.233.84.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-84-12.compute-1.amazonaws.com
aorta.clickagy.com
2    54.148.98.145 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-98-145.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
1    52.44.30.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-30-82.compute-1.amazonaws.com
geo.moatads.com
11    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
2    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
1    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
17    2600:1f13:800:7780:48ef:ebc1:9abc:bc76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    52.205.64.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-64-79.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550e:4106:3062:270c:cbbd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    18.165.98.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-105.iad55.r.cloudfront.net
aa.agkn.com
1    2606:4700::6812:16ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
1    64.247.192.250 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
PTR: core-1.msp.lightedge.com
sync.colossusssp.com
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
1    67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
hde.tynt.com
1    2607:f8b0:4006:81c::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    2600:9000:2305:a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    35.190.114.150 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 150.114.190.35.bc.googleusercontent.com
data.cdnbasket.net
1    34.120.28.40 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.28.120.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.120.232.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.232.120.34.bc.googleusercontent.com
view.cdnbasket.net
1    2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
35    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
contextual-analytics.wunderkind.co
events.bouncex.net
4    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
1    35.211.118.13 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
1    8.2.110.33 (United States)

ASN46636 (NATCOWEB, US)
us.shb-sync.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    139.162.84.221 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1564-221.members.linode.com
gocm.c.appier.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    104.66.251.81 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-66-251-81.deploy.static.akamaitechnologies.com
px.owneriq.net
1    44.206.150.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-150-230.compute-1.amazonaws.com
crb.kargo.com
1    52.206.51.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-51-4.compute-1.amazonaws.com
sync.bfmio.com
1    54.217.67.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-67-170.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    34.107.191.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.191.107.34.bc.googleusercontent.com
ids.cdnwidget.com
1    34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com
idr.cdnwidget.com
2    34.204.156.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-156-95.compute-1.amazonaws.com
bpi.rtactivate.com
4    34.117.4.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.4.117.34.bc.googleusercontent.com
ssp.wknd.ai
16    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
Apex Domain
Subdomains		 Transfer
69 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1020
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 564
ads.pubmatic.com — Cisco Umbrella Rank: 547
image6.pubmatic.com — Cisco Umbrella Rank: 822
simage2.pubmatic.com — Cisco Umbrella Rank: 761
image4.pubmatic.com — Cisco Umbrella Rank: 1216
image8.pubmatic.com — Cisco Umbrella Rank: 737
simage4.pubmatic.com — Cisco Umbrella Rank: 1351
107 KB
67 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
260 KB
47 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 638
eb2.3lift.com — Cisco Umbrella Rank: 421
ib.3lift.com — Cisco Umbrella Rank: 1559
103 KB
45 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
551 KB
38 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 444
s.amazon-adsystem.com — Cisco Umbrella Rank: 337
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032
89 KB
37 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 476
ib.adnxs.com — Cisco Umbrella Rank: 249
prebid.adnxs.com — Cisco Umbrella Rank: 1896
acdn.adnxs.com — Cisco Umbrella Rank: 611
104 KB
36 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 628
pixel.adsafeprotected.com — Cisco Umbrella Rank: 745
fw.adsafeprotected.com — Cisco Umbrella Rank: 957
dt.adsafeprotected.com — Cisco Umbrella Rank: 557
429 KB
34 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 656
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1005
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1134
eus.rubiconproject.com — Cisco Umbrella Rank: 639
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1178
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 6457
68 KB
33 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2127
2 KB
33 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1386
htlb.casalemedia.com — Cisco Umbrella Rank: 626
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621
dsum.casalemedia.com — Cisco Umbrella Rank: 1634
a1474.casalemedia.com — Cisco Umbrella Rank: 111585
r.casalemedia.com — Cisco Umbrella Rank: 1485
as-sec.casalemedia.com — Cisco Umbrella Rank: 1972
62 KB
30 openx.net
u.openx.net — Cisco Umbrella Rank: 740
rtb.openx.net — Cisco Umbrella Rank: 1042
valnetbidder-d.openx.net — Cisco Umbrella Rank: 32812
us-u.openx.net — Cisco Umbrella Rank: 492
oajs.openx.net — Cisco Umbrella Rank: 1383
google-bidout-d.openx.net — Cisco Umbrella Rank: 1387
5 KB
27 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 839
id5-sync.com — Cisco Umbrella Rank: 434
73 KB
26 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2114
dis.criteo.com — Cisco Umbrella Rank: 601
dis.eu.criteo.com — Cisco Umbrella Rank: 8669
bidder.criteo.com — Cisco Umbrella Rank: 742
19 KB
25 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 4121
cs-tam.minutemedia-prebid.com — Cisco Umbrella Rank: 12067
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 4031
13 KB
25 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2344
valnet-tagan.adlightning.com — Cisco Umbrella Rank: 106286
292 KB
24 media.net
prebid.media.net — Cisco Umbrella Rank: 1574
cs.media.net — Cisco Umbrella Rank: 1628
contextual.media.net — Cisco Umbrella Rank: 645
hbx.media.net — Cisco Umbrella Rank: 1369
c21lg-d.media.net — Cisco Umbrella Rank: 2720
88 KB
23 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 361
r.bidswitch.net — Cisco Umbrella Rank: 8174
10 KB
17 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 772
ce.lijit.com — Cisco Umbrella Rank: 1036
17 KB
17 ad.gt
a.ad.gt — Cisco Umbrella Rank: 3116
seg.ad.gt — Cisco Umbrella Rank: 9281
p.ad.gt — Cisco Umbrella Rank: 3654
ids.ad.gt — Cisco Umbrella Rank: 2558
id.hadron.ad.gt — Cisco Umbrella Rank: 2463
pixels.ad.gt — Cisco Umbrella Rank: 3445
21 KB
15 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1154
events-ssc.33across.com — Cisco Umbrella Rank: 2482
6 KB
15 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4315
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4001
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5746
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 8602
medianet-match.dotomi.com — Cisco Umbrella Rank: 11375
triplelift-match.dotomi.com — Cisco Umbrella Rank: 4628
casale-match.dotomi.com — Cisco Umbrella Rank: 3996
33across-match.dotomi.com — Cisco Umbrella Rank: 4414
5 KB
15 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1563
mp.4dex.io — Cisco Umbrella Rank: 2734
u.4dex.io — Cisco Umbrella Rank: 4015
54 KB
15 simpleflying.com
simpleflying.com — Cisco Umbrella Rank: 78573
414 KB
14 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 4726
9 KB
14 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 513
2 KB
13 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2173
tag.bounceexchange.com — Cisco Umbrella Rank: 3277
api.bounceexchange.com — Cisco Umbrella Rank: 2515
246 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 340
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
6 KB
13 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 602
7 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 375
7 KB
12 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 5891
exchange.cootlogix.com — Cisco Umbrella Rank: 9495
sync.cootlogix.com — Cisco Umbrella Rank: 3205
4 KB
11 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 751
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4358
api.rlcdn.com — Cisco Umbrella Rank: 1090
idsync.rlcdn.com — Cisco Umbrella Rank: 426
2 KB
11 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6466
ads.yieldmo.com — Cisco Umbrella Rank: 689
8 KB
10 google.com
ampcid.google.com — Cisco Umbrella Rank: 2322
adservice.google.com — Cisco Umbrella Rank: 107
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 256
3 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
23 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 618
6 KB
9 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 566
5 KB
9 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1089
8 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
6 KB
8 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 5056
6 KB
7 moatads.com
svastx.moatads.com — Cisco Umbrella Rank: 2992
z.moatads.com — Cisco Umbrella Rank: 620
geo.moatads.com — Cisco Umbrella Rank: 795
px.moatads.com — Cisco Umbrella Rank: 541
115 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 648
7 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 874
4 KB
7 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3599
sync.richaudience.com — Cisco Umbrella Rank: 2090
4 KB
7 marfeelrev.com
mbid.marfeelrev.com — Cisco Umbrella Rank: 20310
7 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
360 KB
7 privacymanager.io
launchpad.privacymanager.io — Cisco Umbrella Rank: 3796
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 4219
geo.privacymanager.io — Cisco Umbrella Rank: 2038
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3257
77 KB
7 simpleflyingimages.com
static1.simpleflyingimages.com — Cisco Umbrella Rank: 199619
82 KB
6 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1103
4 KB
6 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 756
4 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 1039
3 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 976
3 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 792
2 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1026
c3.a-mo.net Failed
666 B
6 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 830
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281
2 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1019
bcp.crwdcntrl.net — Cisco Umbrella Rank: 952
sync.crwdcntrl.net — Cisco Umbrella Rank: 948
25 KB
5 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1564
2 KB
5 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 589
3 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1160
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 635
track.adform.net — Cisco Umbrella Rank: 3621
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
1 KB
5 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1588
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8210
ssbsync.smartadserver.com — Cisco Umbrella Rank: 867
2 KB
4 wknd.ai
ssp.wknd.ai — Cisco Umbrella Rank: 9820
110 B
4 behave.com
ssp.behave.com — Cisco Umbrella Rank: 3368
2 KB
4 gstatic.com
csi.gstatic.com
fonts.gstatic.com
29 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 408
1 KB
4 presage.io
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 9493
3 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 662
ice.360yield.com — Cisco Umbrella Rank: 2409
1 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1069
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1012
3 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1371
98 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1875
rtb.gumgum.com — Cisco Umbrella Rank: 1673
usersync.gumgum.com — Cisco Umbrella Rank: 2018
4 KB
4 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 3058
krk2.kargo.com — Cisco Umbrella Rank: 5699
crb.kargo.com — Cisco Umbrella Rank: 1801
2 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 583
55 KB
4 childlikeform.com
childlikeform.com — Cisco Umbrella Rank: 41109
102 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 4554
page.cdnbasket.net — Cisco Umbrella Rank: 4567
view.cdnbasket.net — Cisco Umbrella Rank: 4556
1014 B
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 671
i6.liadm.com — Cisco Umbrella Rank: 2341
2 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 701
3 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1024
691 B
3 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4938
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1117
1 KB
3 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3949
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3980
cs.yellowblue.io — Cisco Umbrella Rank: 3215
1 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408
us.creativecdn.com — Cisco Umbrella Rank: 2982
3 KB
3 adsninja.ca
cdn.adsninja.ca — Cisco Umbrella Rank: 21883
video.adsninja.ca — Cisco Umbrella Rank: 32482
214 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 495
fonts.googleapis.com — Cisco Umbrella Rank: 80
348 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
237 KB
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1881
217 B
2 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 3392
idr.cdnwidget.com — Cisco Umbrella Rank: 3817
913 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1856
1 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1841
hde.tynt.com — Cisco Umbrella Rank: 4519
3 KB
2 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 8926
458 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
2 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 3616
914 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2903
971 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
10 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1846
1 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4077
563 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4922
678 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 6777
967 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1337
407 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1466
685 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 920
s.tribalfusion.com — Cisco Umbrella Rank: 2022
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1669
833 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1615
1011 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 846
998 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1163
482 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1587
4 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 933
2 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1538
380 B
2 viewdeos.com
ghb.sync.viewdeos.com — Cisco Umbrella Rank: 31596
sync.sync.viewdeos.com — Cisco Umbrella Rank: 16671
1 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2645
19 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1035
4 KB
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3020
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1630
425 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8501
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7132
279 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4691
347 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6665
360 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2634
437 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1375
228 B
1 shb-sync.com
us.shb-sync.com — Cisco Umbrella Rank: 5492
1 KB
1 wunderkind.co
contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 3370
312 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 805
675 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2002
423 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1944
645 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1863
557 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 533
654 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 963
341 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2310
653 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 2985
538 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 246
667 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 852
635 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1553
8 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2376
173 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 4383
573 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 572
571 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1233
644 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7183
343 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2846
555 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1322
537 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1105
179 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3053
308 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1501
674 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1495
497 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 617
564 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509
2 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
17 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1107
610 B
1 amazonaws.com
adtechvideo.s3.amazonaws.com — Cisco Umbrella Rank: 38014
310 KB
794 148
Domain Requested by
42 cm.g.doubleclick.net 24 redirects simpleflying.com
u.openx.net
eus.rubiconproject.com
eb2.3lift.com
googleads.g.doubleclick.net
ads.yieldmo.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
38 eb2.3lift.com 7 redirects tagan.adlightning.com
eb2.3lift.com
adtechvideo.s3.amazonaws.com
simpleflying.com
33 events.bouncex.net
31 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
tagan.adlightning.com
s.amazon-adsystem.com
u.openx.net
sync.go.sonobi.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
ms-cookie-sync.presage.io
eus.rubiconproject.com
bh.contextweb.com
cs-tam.minutemedia-prebid.com
ce.lijit.com
eb2.3lift.com
25 id5-sync.com 19 redirects cdn.id5-sync.com
simpleflying.com
24 pagead2.googlesyndication.com simpleflying.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
tagan.adlightning.com
23 simage2.pubmatic.com 5 redirects ads.pubmatic.com
sync-amz.ads.yieldmo.com
22 x.bidswitch.net 22 redirects
21 cs.minutemedia-prebid.com cs-tam.minutemedia-prebid.com
eus.rubiconproject.com
20 ib.adnxs.com 12 redirects adtechvideo.s3.amazonaws.com
simpleflying.com
eb2.3lift.com
googleads.g.doubleclick.net
acdn.adnxs.com
18 tpc.googlesyndication.com tagan.adlightning.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
tpc.googlesyndication.com
17 dt.adsafeprotected.com d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
16 bidder.criteo.com static.criteo.net
16 valnet-tagan.adlightning.com tagan.adlightning.com
16 us-u.openx.net 3 redirects u.openx.net
google-bidout-d.openx.net
sync.richaudience.com
us-u.openx.net
15 contextual.media.net adtechvideo.s3.amazonaws.com
contextual.media.net
simpleflying.com
ads.pubmatic.com
15 securepubads.g.doubleclick.net tagan.adlightning.com
www.googletagservices.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
15 simpleflying.com simpleflying.com
14 pbs.nextmillmedia.com simpleflying.com
ads.pubmatic.com
14 pixel.tapad.com 9 redirects u.openx.net
ads.yieldmo.com
ads.pubmatic.com
13 match.prod.bidr.io 13 redirects
13 match.adsrvr.org 13 redirects
12 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
um2.eqads.com
googleads.g.doubleclick.net
11 assets.bounceexchange.com tagan.adlightning.com
11 image2.pubmatic.com 2 redirects ads.pubmatic.com
11 static.adsafeprotected.com simpleflying.com
tagan.adlightning.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
10 ads.yieldmo.com 2 redirects sync-amz.ads.yieldmo.com
adtechvideo.s3.amazonaws.com
ads.yieldmo.com
10 ce.lijit.com 5 redirects s.amazon-adsystem.com
ce.lijit.com
10 eus.rubiconproject.com simpleflying.com
s.amazon-adsystem.com
eus.rubiconproject.com
cs-tam.minutemedia-prebid.com
adtechvideo.s3.amazonaws.com
hde.tynt.com
10 www.google-analytics.com simpleflying.com
www.googletagmanager.com
www.google-analytics.com
9 ssc-cms.33across.com 9 redirects
9 sync.1rx.io 9 redirects
9 u.4dex.io ads.pubmatic.com
eus.rubiconproject.com
simpleflying.com
hde.tynt.com
u.4dex.io
9 sync.mathtag.com 9 redirects
9 sync.go.sonobi.com 5 redirects s.amazon-adsystem.com
sync.go.sonobi.com
9 ids.ad.gt 1 redirects simpleflying.com
9 tagan.adlightning.com simpleflying.com
tagan.adlightning.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
8 b1sync.zemanta.com 8 redirects
8 report2.hb.brainlyads.com simpleflying.com
8 exchange.cootlogix.com simpleflying.com
8 prebid.adnxs.com adtechvideo.s3.amazonaws.com
imasdk.googleapis.com
8 ads.pubmatic.com simpleflying.com
adtechvideo.s3.amazonaws.com
contextual.media.net
sync.richaudience.com
tagan.adlightning.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
tagan.adlightning.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
7 image8.pubmatic.com 7 redirects
7 ap.lijit.com 7 redirects
7 ups.analytics.yahoo.com 5 redirects google-bidout-d.openx.net
eb2.3lift.com
7 bh.contextweb.com 4 redirects s.amazon-adsystem.com
bh.contextweb.com
7 onetag-sys.com simpleflying.com
s.amazon-adsystem.com
cs-tam.minutemedia-prebid.com
adtechvideo.s3.amazonaws.com
sync.richaudience.com
7 image6.pubmatic.com 2 redirects ads.pubmatic.com
7 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
7 hbopenbid.pubmatic.com adtechvideo.s3.amazonaws.com
assets.bounceexchange.com
7 u.openx.net 5 redirects s.amazon-adsystem.com
adtechvideo.s3.amazonaws.com
7 token.rubiconproject.com 6 redirects simpleflying.com
7 secure.adnxs.com 7 redirects
7 mbid.marfeelrev.com simpleflying.com
mbid.marfeelrev.com
7 www.googletagservices.com simpleflying.com
tagan.adlightning.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
7 static1.simpleflyingimages.com simpleflying.com
6 as-sec.casalemedia.com assets.bounceexchange.com
6 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
6 sync.richaudience.com adtechvideo.s3.amazonaws.com
sync.richaudience.com
us-u.openx.net
ads.pubmatic.com
6 cs.admanmedia.com 6 redirects
6 pixel-sync.sitescout.com 6 redirects
6 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
ssum-sec.casalemedia.com
6 ad.turn.com 6 redirects
6 um.simpli.fi 6 redirects
6 sync.srv.stackadapt.com 4 redirects eb2.3lift.com
6 prebid.a-mo.net adtechvideo.s3.amazonaws.com
simpleflying.com
cs-tam.minutemedia-prebid.com
5 id.rlcdn.com 2 redirects contextual.media.net
us-u.openx.net
5 ssp.disqus.com 5 redirects
5 stags.bluekai.com 4 redirects us-u.openx.net
5 rtb.mfadsrvr.com 5 redirects
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 gum.criteo.com 2 redirects tagan.adlightning.com
contextual.media.net
5 tlx.3lift.com adtechvideo.s3.amazonaws.com
simpleflying.com
5 www.google.com 1 redirects simpleflying.com
tagan.adlightning.com
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
4 ssp.wknd.ai assets.bounceexchange.com
4 idsync.rlcdn.com 2 redirects sync.richaudience.com
4 ssp.behave.com 2 redirects assets.bounceexchange.com
4 px.moatads.com
4 fw.adsafeprotected.com 2 redirects d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
tagan.adlightning.com
4 pixel.adsafeprotected.com d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
tagan.adlightning.com
4 ib.3lift.com tagan.adlightning.com
simpleflying.com
4 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
google-bidout-d.openx.net
eb2.3lift.com
4 sync.targeting.unrulymedia.com 3 redirects cs-tam.minutemedia-prebid.com
4 pixel-us-east.rubiconproject.com 4 redirects
4 ms-cookie-sync.presage.io s.amazon-adsystem.com
ms-cookie-sync.presage.io
4 c1.adform.net 4 redirects
4 sync.ipredictive.com 4 redirects
4 image4.pubmatic.com 3 redirects
4 pm.w55c.net 4 redirects
4 secure.cdn.fastclick.net tagan.adlightning.com
secure.cdn.fastclick.net
4 static.criteo.net tagan.adlightning.com
4 rtb.openx.net 3 redirects u.openx.net
4 childlikeform.com simpleflying.com
childlikeform.com
3 js-sec.indexww.com adtechvideo.s3.amazonaws.com
simpleflying.com
ssum-sec.casalemedia.com
3 csi.gstatic.com imasdk.googleapis.com
3 d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
3 cs.media.net 1 redirects contextual.media.net
3 csync.loopme.me 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 ad.360yield.com 3 redirects
3 ads.creative-serving.com 3 redirects
3 lb.eu-1-id5-sync.com cdn.id5-sync.com
simpleflying.com
3 bcp.crwdcntrl.net tags.crwdcntrl.net
ads.pubmatic.com
3 hb.minutemedia-prebid.com adtechvideo.s3.amazonaws.com
simpleflying.com
3 mp.4dex.io adtechvideo.s3.amazonaws.com
simpleflying.com
3 prebid.media.net adtechvideo.s3.amazonaws.com
simpleflying.com
3 htlb.casalemedia.com adtechvideo.s3.amazonaws.com
simpleflying.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 script.4dex.io adtechvideo.s3.amazonaws.com
script.4dex.io
3 adservice.google.com tagan.adlightning.com
3 ssum.casalemedia.com 2 redirects simpleflying.com
3 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
3 c.amazon-adsystem.com simpleflying.com
c.amazon-adsystem.com
3 www.googletagmanager.com simpleflying.com
tagan.adlightning.com
www.googletagmanager.com
2 bpi.rtactivate.com ads.pubmatic.com
2 px.owneriq.net 2 redirects
2 33across-match.dotomi.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 us.creativecdn.com 2 redirects
2 triplelift-match.dotomi.com 2 redirects
2 c21lg-d.media.net contextual.media.net
2 i.liadm.com 2 redirects
2 dmp.adblade.com contextual.media.net
2 medianet-match.dotomi.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.cootlogix.com adtechvideo.s3.amazonaws.com
simpleflying.com
2 acdn.adnxs.com adtechvideo.s3.amazonaws.com
simpleflying.com
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 a.sportradarserving.com 2 redirects
2 cdn.jsdelivr.net tagan.adlightning.com
2 simage4.pubmatic.com ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 ads.playground.xyz 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 pmp.mxptint.net 1 redirects
2 rtb.adentifi.com 1 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 dis.criteo.com 2 redirects
2 cms.quantserve.com 2 redirects
2 match.deepintent.com 1 redirects ads.pubmatic.com
2 sync.technoratimedia.com 2 redirects
2 p.rfihub.com 2 redirects
2 g2.gumgum.com simpleflying.com
2 krk2.kargo.com simpleflying.com
2 mug.criteo.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 id.hadron.ad.gt cdn.hadronid.net
2 prebid.cootlogix.com adtechvideo.s3.amazonaws.com
2 prebid-server.rubiconproject.com adtechvideo.s3.amazonaws.com
2 targeting.unrulymedia.com adtechvideo.s3.amazonaws.com
2 cdn.id5-sync.com tagan.adlightning.com
2 tags.crwdcntrl.net tagan.adlightning.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 sync.smartadserver.com 1 redirects simpleflying.com
2 cdn.hadronid.net a.ad.gt
simpleflying.com
2 seg.ad.gt simpleflying.com
p.ad.gt
2 a.ad.gt simpleflying.com
p.ad.gt
2 unpkg.com 1 redirects simpleflying.com
2 launchpad.privacymanager.io simpleflying.com
launchpad-wrapper.privacymanager.io
2 cdn.adsninja.ca simpleflying.com
2 imasdk.googleapis.com simpleflying.com
tagan.adlightning.com
1 idr.cdnwidget.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 sync.adkernel.com
1 us.shb-sync.com 1 redirects
1 r.bidswitch.net 1 redirects
1 contextual-analytics.wunderkind.co assets.bounceexchange.com
1 api.bounceexchange.com tagan.adlightning.com
1 fonts.gstatic.com fonts.googleapis.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 s.ad.smaato.net 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 fonts.googleapis.com tpc.googlesyndication.com
1 hde.tynt.com u.4dex.io
1 de.tynt.com 1 redirects
1 sync.colossusssp.com 1 redirects
1 usersync.gumgum.com simpleflying.com
1 api.rlcdn.com simpleflying.com
1 idpix.media6degrees.com 1 redirects
1 aa.agkn.com us-u.openx.net
1 i6.liadm.com us-u.openx.net
1 tag.bounceexchange.com tagan.adlightning.com
1 track.adform.net sync.richaudience.com
1 hbx.media.net contextual.media.net
1 geo.moatads.com z.moatads.com
1 bttrack.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 sync.sync.viewdeos.com adtechvideo.s3.amazonaws.com
1 sync.aralego.com 1 redirects
1 c.bing.com eb2.3lift.com
1 z.moatads.com tagan.adlightning.com
1 a1474.casalemedia.com d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
1 check.analytics.rlcdn.com simpleflying.com
1 pippio.com 1 redirects
1 google-bidout-d.openx.net tagan.adlightning.com
1 oajs.openx.net oa.openxcdn.net
1 oa.openxcdn.net tagan.adlightning.com
1 svastx.moatads.com imasdk.googleapis.com
1 tr.blismedia.com ce.lijit.com
1 sync.crwdcntrl.net 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 cs.krushmedia.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 match.sharethrough.com 1 redirects
1 odr.mookie1.com 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 sonata-notifications.taptapnetworks.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ice.360yield.com 1 redirects
1 dis.eu.criteo.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 cs-tam.minutemedia-prebid.com s.amazon-adsystem.com
1 jadserve.postrelease.com 1 redirects
1 trace.mediago.io 1 redirects
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 analytics.google.com www.googletagmanager.com
1 a.teads.tv simpleflying.com
1 pixels.ad.gt tagan.adlightning.com
1 krk.kargo.com adtechvideo.s3.amazonaws.com
1 ads.stickyadstv.com adtechvideo.s3.amazonaws.com
1 valnetbidder-d.openx.net adtechvideo.s3.amazonaws.com
1 shb.richaudience.com adtechvideo.s3.amazonaws.com
1 ghb.sync.viewdeos.com adtechvideo.s3.amazonaws.com
1 hb.yellowblue.io adtechvideo.s3.amazonaws.com
1 cdn.prod.uidapi.com tagan.adlightning.com
1 invstatic101.creativecdn.com tagan.adlightning.com
1 video.adsninja.ca simpleflying.com
1 ats-wrapper.privacymanager.io tagan.adlightning.com
1 s0.2mdn.net imasdk.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 p.ad.gt a.ad.gt
1 ampcid.google.com www.google-analytics.com
1 adtechvideo.s3.amazonaws.com simpleflying.com
1 launchpad-wrapper.privacymanager.io simpleflying.com
0 c3.a-mo.net Failed
794 263
Subject Issuer Validity Valid
simpleflying.com
R3		 2023-06-15 -
2023-09-13		 3 months crt.sh
static1.simpleflyingimages.com
R3		 2023-06-04 -
2023-09-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
cdn.adsninja.ca
R3		 2023-06-03 -
2023-09-01		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-07		 4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
childlikeform.com
R3		 2023-04-12 -
2023-07-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-13 -
2024-01-12		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
ssl02.cert.cl02.k8s.mrf.io
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
hadronid.net
GTS CA 1P5		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
video.adsninja.ca
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ghb.sync.viewdeos.com
ZeroSSL ECC Domain Secure Site CA		 2023-06-04 -
2023-09-02		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-14 -
2023-11-14		 a year crt.sh
*.a-mo.net
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M02		 2023-04-09 -
2024-05-07		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2023-05-31 -
2024-06-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
report2.hb.brainlyads.com
R3		 2023-04-24 -
2023-07-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.ogury.co
Amazon RSA 2048 M02		 2023-02-21 -
2023-09-16		 7 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
um3.eqads.com
Amazon RSA 2048 M01		 2023-05-26 -
2024-06-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-25		 6 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
sync.sync.viewdeos.com
R3		 2023-05-05 -
2023-08-03		 3 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-10-12		 7 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2023-05-25 -
2023-08-23		 3 months crt.sh
dmp.adblade.com
R3		 2023-04-30 -
2023-07-29		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
tag.bounceexchange.com
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
data.cdnbasket.net
GTS CA 1D4		 2023-05-21 -
2023-08-19		 3 months crt.sh
page.cdnbasket.net
GTS CA 1D4		 2023-05-21 -
2023-08-19		 3 months crt.sh
view.cdnbasket.net
GTS CA 1D4		 2023-05-20 -
2023-08-18		 3 months crt.sh
*.wunderkind.co
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
ids.cdnwidget.com
R3		 2023-06-01 -
2023-08-30		 3 months crt.sh
idr.cdnwidget.com
R3		 2023-05-17 -
2023-08-15		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
ssp.behave.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-07		 a year crt.sh

This page contains 112 frames:

Primary Page: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Frame ID: 1B31C74C5B7FE0C5678F924698A5B81C
Requests: 324 HTTP requests in this frame

Frame: https://mbid.marfeelrev.com/static/cookie-sync.html
Frame ID: 0BEF019AE2A07406DBAB774C9472024F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Frame ID: 28451D275CC978916A64455CABC595CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8382598503519971&output=html&adk=1812271804&adf=3025194257&lmt=1687045442&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687045441501&bpp=6&bdt=808&idt=498&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6201800679988&frm=20&pv=2&ga_vid=282878327.1687045442&ga_sid=1687045442&ga_hid=1350175328&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074581%2C44785293%2C44788441%2C44793499&oid=2&pvsid=293734283596395&tmod=689782547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=529
Frame ID: B3B709BFCA58AFC3E5EBD3EBC408AA60
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: 35204DE22C7FD7BD17DE97A4BBC3AB68
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 54843EC08C50879C9BF9595F298340F0
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simpleflying.com&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: A390973B4E84F9E2AC5416D3B68FC337
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZI5FQwAAARkr3QAz
Frame ID: A234F220628FFBB158C2ACC41123D983
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314640527939565
Frame ID: 2C803A275DDDE978EEC54A70C0CDB426
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 8B69247CF033FB969CA7EA70F1E578CE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2u07JHIsAACA_VdpK4w&gdpr=0&gdpr_consent=
Frame ID: 6A9ABC5ECA7D2CC51B3DD4738FE6E9C1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d895648e-4544-4600-8aa4-c61d989f4bad&gdpr=0&gdpr_consent=
Frame ID: 3BD351D21EED8383CA3F5D51FEBF8C3E
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 2A87F9549CE9002B2FB431E4E5FD0405
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163557896886539984&gdpr=0&gdpr_consent=
Frame ID: D146708500655DFB86FB4CCF68834B45
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX
Frame ID: FA65F65BE01623FF8C870F09BF0575B3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 51D15597F2A4EE88C972C5EF6E4E6D2C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d7a31028-0d68-11ee-bd75-c9ad2a380901
Frame ID: 20043BF850A8788D71F443E6A945F7AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qvw6C54pW5dT0Uyo7jdufSaEdkc&gdpr=0&gdpr_consent=
Frame ID: 232EBF1CB132183BD604605357F91B62
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:su5GORrt1QaFAo5&gdpr=0&gdpr_consent=
Frame ID: 797EB2292A247035A044AD4331FC1BD4
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C9FE2347-10FF-4ABA-8761-C084B8379398
Frame ID: 815C5400A06696D8733E9F73EAC7E088
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791836713822
Frame ID: 46BF1A15FF52DB11F89DAFA3D995EC3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Frame ID: C942962AAF823F6CF849D837274385E6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 70DA8F51024D6AE39115B4EEA6E2E187
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C9FE2347-10FF-4ABA-8761-C084B8379398
Frame ID: 529E89EC2C83AE4A18DD7D846D2AABB9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7DB6F1CD78B0B0B85BCB088BFC18783
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83BF0981B155862618B8773B1789F835
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift
Frame ID: 9917D1D46059878F427218B3F5FF4B32
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 86ADC33349535473012929F94115A1EB
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 896404F05E44FE7BE13BD8E63827C100
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: 33D6695EBAE5699FFEFB35B7F3EFDE77
Requests: 9 HTTP requests in this frame

Frame: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Frame ID: 7A00A0D4DA744D4733C902C03605554A
Requests: 25 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
Frame ID: 1DC757539AB14347B69CE1B2C0029BA0
Requests: 5 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0
Frame ID: 021FEB972175D65ABDB0939A09278970
Requests: 5 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 946951972DEADA5EDA72C527CBCE880E
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=536222003037073419&gdpr=0&gdpr_consent=
Frame ID: BC5CE1E7CF84E9B5DD5F907661E01657
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMnicIuACbQwNG5o07AAAAAAA&expiration=1687131844&is_secure=true&gdpr=0
Frame ID: 28DA88FC33F90C0808815D7E2CB6CE75
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 3113B77E902EA13F4DD1A39D4C0C3F3E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 2DDB1865E8178649BAC6AEE13708F65F
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 93317E4912AB269615F020065E3AC6BE
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6163557896886539984&ex=appnexus.com&gdpr=0
Frame ID: 88B061D93FECF64EACF2A183C82AA0A4
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Frame ID: 2E96EABCCCBE960DE56425E77B8B4A3C
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Frame ID: 09934C6B5304A22E223AD13BD97BB974
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4090118527531875369328
Frame ID: 4205B025F6DB7FED92B2C14D4DB5781F
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: C389633DC42E78108C1A17E79103E69E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: BBDF034F57F8B63F948C7FEB40DE8253
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: F5643329EABFB0C08ACAFF2FE1C456F4
Requests: 1 HTTP requests in this frame

Frame: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D079A89E3550977A10F94A3261B5BC9D
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 60D95FCF57B385EFFFF215647A8A5A84
Requests: 6 HTTP requests in this frame

Frame: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Frame ID: 2E13375CCA127706A07C195E483AE95E
Requests: 12 HTTP requests in this frame

Frame: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F3FA205053C2671D2E369BFC7BED617
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIYvMftvAEwAQ&v=APEucNVuIOO4xJfFEfMxBffzvx5CORs2CZEQ3Zrdirh_skG1bXipm10eCq8-tYip7duH9AQPszW81IkcuxQCUj34Q-qBoc69-w
Frame ID: DB1AE39926C064654AE13893612B4BED
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8A7612180D661B0B54253ACD252E35E2
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Frame ID: 1DAD7011FF1A0042C7B1238E74FB9618
Requests: 11 HTTP requests in this frame

Frame: https://sync.sync.viewdeos.com/csync?t=a&ep=305801&extuid=eda34539-d860-3116-b391-ffe0a94fa09f
Frame ID: 460053737424EB6629779A2E1FC410A2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 5225BE4642F7CD03B970276067DC594C
Requests: 7 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 6101FF93BB5361A42CAFBAA70FB8C3A9
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.sync.viewdeos.com%2Fcsync%3Ft%3Da%26ep%3D642794%26extuid%3D
Frame ID: 4747CB271E819223CBD7D6E46CCBDA0C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D1242E4F63E8A830FCDE1579F2340E80
Requests: 2 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 0920CE08C7A422F41FB977065B822304
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: C692A24611BF9E3D9FA29DF6BA136EA9
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: AEDC48199F36BA324C0A6222E58B0CCF
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F7341954CADA3E486E696F92A19CD908
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=71eac8c50a03810
Frame ID: A11D7A6F4CADE0C24B61298EFC86745D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: DF4454FE6BC336FC0BB8C377EFFBA33C
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 6513EE77DC78A9FEC232086A083874B5
Requests: 18 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Frame ID: DF213EFCE196464C6CA82CFE49A69DEC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIY1sjtvAEwAQ&v=APEucNWGpqNer7VnfUkrm-2ZjUfuL4fWdGNQDiAecUyr875o4NGChbyHF7uvyOO4xQe3vZVVxrZl7Bn1Q720xmv7Xlg9qXPsEQ
Frame ID: 04CEA51A7B942094AE6EC65DD2A28FF5
Requests: 5 HTTP requests in this frame

Frame: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CA7F7CBEEECC33489F9B4B7BDEA2FD9
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Frame ID: 618A892E8F65F36AF7B00050B1454D61
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=rkt&refUrl=&vid=70454493413300470441523937000V10&ovsid=970314640527939565
Frame ID: 0800E1AE403FC6117770E34744223C20
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dpba%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3DPM_UID
Frame ID: AE541BDC46EC09928AD9B59E82701758
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E4BA6F8A9873587860192C7DF98B7DE0
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Frame ID: 4D384BFADA3571492967DC68AB18A97A
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Frame ID: 7DC31905F7218F1331F73BDE38128C61
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Frame ID: 28873ED9E9A0AC0BE26FB01AE3A81083
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 930D2D608CD420D853996C9366C5BFBB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 447EC1C56CFDBF29E6D564511BC0A8C1
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jMGI0MDVkMi0xY2VmLTQ1MDMtYWRjNy1hOTI4NjJiMDM3ZjU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: A14B0BD35D4AC67A827BEE60F19B6813
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
Frame ID: 7C916DE9C56F77CC587A50781DD1F17C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1687045443921&gdpr=0&us_privacy=1---
Frame ID: 0196E0800419F86AC01EAACE30CF1DD6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6658DDD5B25B7B57392C8FF0920452BE
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 23D7B681F53E4FBA42EBF668EF0E95D7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: E4E3AA9037A15958FB1B17CB917A306F
Requests: 4 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html?us_privacy=1---
Frame ID: 8964C083E9396F4E74B1DE66E4BA8868
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 443C0431C086C5FF25DFEE3671B76E03
Requests: 11 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 80D7438176694C7E201EAA5830EE8B0F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2F34EC5D3B65C4121F2F8570AD36BA5B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A84A42F9BEC39032C09FA7C75D2E01F0
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C65459C1C47593A1474B65198A981450
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C1CF7531D0C543EE642E7653AB7D3E17
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Frame ID: 66F3CAE4A09D983FBD742597BCE72958
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1BC3F519D9A3FDAFF6FD20C56A25F858
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html
Frame ID: EF225FF717C1137BADC662F17E6509FD
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dpba%26refUrl%3D%26vid%3D70454514443300470441523937000V10%26ovsid%3DPM_UID
Frame ID: 83228DC9DFE68944BC72C995519E1970
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 856C52B0B5AE60CF09C22BDCA707FC21
Requests: 2 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Frame ID: F1EEDDA472AB015EFE47EBC617947D1E
Requests: 7 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 477092BBF59D3AFF22A5D6E726D16E94
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: CC85FEB56BF6E64F56A12401D4A73DE0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 5EB6514E44334F1507509BA4043349BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Frame ID: BEEA2D68B81A30F969C48FD701D64FB5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 97AA81C9C951AD67231A8E027656F9CC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lyW0iXyVCByl3Sl1TUWOZA
Frame ID: DED35805FBBD2A1EA074E148EAB22A2B
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: FD54831AF70CC555117E3C9818F33436
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e78eeacd-32ca-4f3a-ad54-4da47a4de1b2
Frame ID: EC6114F69D89C19BEDC8F8E0401DCA4A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7C00147D941805AFD70A1359ABBA5C68
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: AC7FF85882D16DEBD72FAF550D29E325
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7403318521853444473
Frame ID: 4F839CBBF5C34BCCB01A31AF0024AEAF
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Frame ID: 329362EA7E1FD591E3C80BEB498520FB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=pba&refUrl=&vid=70454493413300470441523937000V10&ovsid=C9FE2347-10FF-4ABA-8761-C084B8379398
Frame ID: 9FF645441E316E3D658D25F37B843E74
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=C9FE2347-10FF-4ABA-8761-C084B8379398
Frame ID: 62C7D7678A42100F63FCE382983495DD
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=pba&refUrl=&vid=70454514443300470441523937000V10&ovsid=C9FE2347-10FF-4ABA-8761-C084B8379398
Frame ID: CF4AF82690DF33F6910F1CC758E7EC3E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=simpleflying.com&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 491ED575AAD9163D3AE1C3C272EEE2D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Two United Airlines Employees Charging With Stealing Marijuana From Passenger Luggage

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

794
Requests

75 %
HTTPS

21 %
IPv6

148
Domains

263
Subdomains

164
IPs

12
Countries

5154 kB
Transfer

19902 kB
Size

326
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.attribution.iife.js
Request Chain 46
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb= HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Request Chain 57
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&adnxs_id=6163557896886539984&gdpr=0
Request Chain 58
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001687045442-9N2D0XJT-EIUO&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001687045442-9N2D0XJT-EIUO&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
Request Chain 59
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001687045442-9N2D0XJT-EIUO HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001687045442-9N2D0XJT-EIUO HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=C9FE2347-10FF-4ABA-8761-C084B8379398&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
Request Chain 61
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001687045442-9N2D0XJT-EIUO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001687045442-9N2D0XJT-EIUO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001687045442-9N2D0XJT-EIUO%252526tapad_id%25253Dfe9cb3d0-e4b5-4631-9e63-ec4871293ac8%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&ttd_puid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001687045442-9N2D0XJT-EIUO%2526tapad_id%253Dfe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&tapad_id=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8
Request Chain 62
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001687045442-9N2D0XJT-EIUO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001687045442-9N2D0XJT-EIUO&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&google_gid=CAESEOk8Xm2DzTtsEDyymPXwYms&google_cver=1&google_ula=450542624,0
Request Chain 63
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001687045442-9N2D0XJT-EIUO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4NzA0NTQ0Mi05TjJEMFhKVC1FSVVP
Request Chain 64
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&uid=548f579a-2e91-4164-a201-9f750b993513&gdpr=0
Request Chain 65
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26auid%3DAU1D-0100-001687045442-9N2D0XJT-EIUO HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26auid%3DAU1D-0100-001687045442-9N2D0XJT-EIUO HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=b0830b6a-04da-4048-a541-7abe3d007512&id=AU1D-0100-001687045442-9N2D0XJT-EIUO&auid=AU1D-0100-001687045442-9N2D0XJT-EIUO
Request Chain 66
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&sas_uid=[sas_uid]&gdpr=0&cklb=1
Request Chain 76
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=a01d9dc0-34c9-4c5d-9d36-aefbab24789b
Request Chain 120
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=rubicon&uid=LJ0NAQAS-1X-L7LS
Request Chain 132
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6163557896886539984
Request Chain 136
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=simpleflying.com&sn=ChromeSyncframe&so=0&topUrl=simpleflying.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=21dH3XxzRU5WQTUrQ1RYdDNiUU4yNExnV1licVlCSXdzR0Z2WXgxWFNQSHZhYlJjQ3pTZkhJUEpHN3l3OWQ3cEE2RTBBdzJzYkVINGlOaEUwUWs4cjdZc3VVWkl3TWtuZ0hMeldNanNrQW0wK01iV3JiZ0NKbENSUnVneUZoVmYwaktKdUZoSjl2NEVWQVpsdmtDN2lKSElWTGdDMFVrNy9pQXZUTDJSditzQVdoZWc4S2lJSWRGWWZTVUtCekllSnRvcmxVZXZtQmRYZlFyMjR1VFovSzhhbEJ5Tm9iK3JicXNkdmZEN0lORWRQM2orYmRHdUpzZlQ2UE9OTk5UNFUvQ3lGZTlFVlJmMHlGeDlhWDl1bkN1YTFRSlFuN2F5QWxzT2FtdVVwaDFLVGJkYz18&cppv=2
Request Chain 176
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZI5FQwAAARkr3QAz
Request Chain 177
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314640527939565
Request Chain 178
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 179
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCWVNVN0pISXNBQUI4Wmp4M25Ndw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABYSU7JHIsAAB8Zjx3nMw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE2u07JHIsAACA_VdpK4w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=536222003037073419&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE2u07JHIsAACA_VdpK4w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D536222003037073419%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=536222003037073419&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAE2u07JHIsAACA_VdpK4w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2u07JHIsAACA_VdpK4w&gdpr=0&gdpr_consent=
Request Chain 180
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d895648e-4544-4600-8aa4-c61d989f4bad&gdpr=0&gdpr_consent=
Request Chain 182
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163557896886539984&gdpr=0&gdpr_consent=
Request Chain 183
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX
Request Chain 184
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 185
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d7a31028-0d68-11ee-bd75-c9ad2a380901
Request Chain 186
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qvw6C54pW5dT0Uyo7jdufSaEdkc&gdpr=0&gdpr_consent=
Request Chain 187
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:su5GORrt1QaFAo5&gdpr=0&gdpr_consent=
Request Chain 188
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=18aa8407-4597-4a2f-8064-3c7ea3b00527&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C9FE2347-10FF-4ABA-8761-C084B8379398
Request Chain 189
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791836713822
Request Chain 190
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Request Chain 191
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yf4jRxD_SrqHYcCEuDeTmA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 194
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C9FE2347-10FF-4ABA-8761-C084B8379398 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dfe9cb3d0-e4b5-4631-9e63-ec4871293ac8%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6163557896886539984&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C%2C
Request Chain 195
  • https://eb2.3lift.com/xuid?mid=7976&xuid=C9FE2347-10FF-4ABA-8761-C084B8379398&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=C9FE2347-10FF-4ABA-8761-C084B8379398&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 196
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C9FE2347-10FF-4ABA-8761-C084B8379398&vxii_pid=12&vxii_pid1=10067&vxii_rcid=555fee4d-2600-4fd9-b64a-bcb1afc2fbbe
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzlGRTIzNDctMTBGRi00QUJBLTg3NjEtQzA4NEI4Mzc5Mzk4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFs98NOo7D4BhBR9Izs_Hj0&google_cver=1
Request Chain 199
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A1A1E2756F36417A842BBECC019687AF
Request Chain 200
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3666460092970085583&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 201
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&gdpr=0&gdpr_consent=
Request Chain 202
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JFmCDFFE2uXoyfnVsL.yj7x0pXbAN4E-~A&gdpr=0
Request Chain 204
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1b088f5c47b71066&is_secure=true&networkId=17100&version=1&nuid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7wDx_Q0JDgNYTDnRAAAAAAA&expiration=1687131844&nuid=C9FE2347-10FF-4ABA-8761-C084B8379398&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 205
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=845f7f5a-0f14-42e4-bdd5-c3403979bb49&gdpr=0&gdpr_consent=
Request Chain 206
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=552a321d-0826-4b59-96ba-f8d1f84f917e&ssp=pubmatic&expires=30&user_group=5&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 208
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_1046EFA05_3DE762AC&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 209
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2198261905534825226
Request Chain 211
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=56a2a300-4ae3-4782-a3a3-1cd6a81e445a
Request Chain 221
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6163557896886539984
Request Chain 223
  • https://id5-sync.com/i/518/8.gif?id5id=ID5*8Eff48MhQ-ejKFKKypH5bNzsWPH9XmW-Irc8RBM1HEpQGjcg_LTTwRNJTKrHH3lmUBukuMsTD-7JyEzGbZrmRQ&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAEw9U7JHIsAACDmGsySkQ
Request Chain 225
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 226
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Request Chain 227
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=6ac352ff-5d7d-44d2-afe2-74c642056e1f&gdpr=0
Request Chain 228
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3300470441523937000V10
Request Chain 230
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=A1A1E2756F36417A842BBECC019687AF&ex=simpli.fi&status=ok
Request Chain 231
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=d5f643959d249fc619f50d89cfe2a765
Request Chain 232
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1fe31d52-92ce-45f3-842e-4da051a04de8
Request Chain 238
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=536222003037073419&gdpr=0&gdpr_consent=
Request Chain 239
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4ed86e4a75711066&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMnicIuACbQwNG5o07AAAAAAA&expiration=1687131844&is_secure=true&gdpr=0
Request Chain 242
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 243
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6163557896886539984&ex=appnexus.com&gdpr=0
Request Chain 244
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Request Chain 246
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4090118527531875369328
Request Chain 248
  • https://id5-sync.com/i/518/8.gif?id5id=ID5*TLAD0CIZKumUT9w8Mxrui_uq2LLxSlIJMQSLp-KX2H9QGstc9B1SnyDb-k5q54HTUBs7SDPT3JbksDprRBhnXA&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/518/441/7/2.gif?puid=u_c0b405d2-1cef-4503-adc7-a92862b037f5&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/518/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/518/2/6/3.gif?puid=6163557896886539984&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F203%2F5%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/518/203/5/4.gif?puid=b2669be2-8f34-4b4c-91cc-64d84e02b962&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F518%2F124%2F4%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/518/124/4/5.gif?puid=56a2a300-4ae3-4782-a3a3-1cd6a81e445a&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/518/108/3/6.gif?puid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F796%2F2%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/518/796/2/7.gif?puid=845f7f5a-0f14-42e4-bdd5-c3403979bb49&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/518/429/1/8.gif?puid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=6163557896886539984&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F1246%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/518/1246/0/9.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent=
Request Chain 252
  • https://match.adsrvr.org/track/cmf/openx?oxid=99c3120f-8d56-7fb4-f6ba-6eee2a7fba16&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&ttd_puid=99c3120f-8d56-7fb4-f6ba-6eee2a7fba16&gdpr=0&gdpr_consent=
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjE56JB0G-fHIVggXXyFok&google_cver=1
Request Chain 256
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&google_hm=Y2Y2YzBlZDQtZTVmYy00YjljLWI2ZDYtOTc4YzNjODA1Yzk5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECXGhGBx2qSqHpqBD0OOPEA&google_cver=1&ssp=sonobi&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Request Chain 257
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d895648e-4544-4600-8aa4-c61d989f4bad
Request Chain 258
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&pubid=91e92b73fd
Request Chain 261
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6163557896886539984 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d7c453bc-e8de-4b8c-b326-7da333e29f16&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 262
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LJ0NAQAS-1X-L7LS
Request Chain 263
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=6163557896886539984&pn_id=an
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEMzI6ZN9v-ALfRH5gZSJMYk&google_cver=1
Request Chain 265
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g9b37a07cd086a85825b HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
Request Chain 267
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZI5FQbEkXkeCVJbyhldx0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHemisZWop_lOy0Xo_htXTE&google_cver=1
Request Chain 269
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&expiration=1689637444&gdpr=0&gdpr_consent=
Request Chain 270
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6163557896886539984
Request Chain 272
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_c6bbe540-764d-42d6-a52d-da3213efb17c&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&us_privacy=
Request Chain 274
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 275
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1687045444792 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6881683373 HTTP 302
  • https://sync.1rx.io/usersync/turn/3666460092970085583?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Request Chain 283
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LJ0NAQAS-1X-L7LS HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LJ0NAQAS-1X-L7LS&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VHR4LXI2d1ZVZzlMYk5nMnFEVnRZQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEBeag4WAn8dcs4YfWIY2dLo&google_cver=1
Request Chain 285
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=f5480500a502384&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF03RTt7LYLwMom0DnAAAAAAA&expiration=1687131844&nuid=&is_secure=true
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594788499390376540&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Request Chain 288
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=548f579a-2e91-4164-a201-9f750b993513
Request Chain 289
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=4090118527531875369328
Request Chain 290
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=6163557896886539984
Request Chain 291
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6163557896886539984 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=C9FE2347-10FF-4ABA-8761-C084B8379398
Request Chain 292
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=bdc7de11-25d2-4be2-916c-1ec105949f96
Request Chain 293
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=56a2a300-4ae3-4782-a3a3-1cd6a81e445a
Request Chain 294
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g9b37a07cd086a85825b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 295
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=FPMXHM4WgKFW&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 296
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SH61o9eW3usfInkR2FZ-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6VGSBWGFXTSZKXGN2XGZSJNZVVEMSGLIWQ HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6VGSBWGFXTSZKXGN2XGZSJNZVVEMSGLIWQ HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=SH61o9eW3usfInkR2FZ-
Request Chain 297
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=6b596d99-cd6f-44de-8a4e-a9fb40768f85&gdpr=0
Request Chain 299
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=3118d3d7-86f2-4522-88f1-c91fd797c74c
Request Chain 300
  • https://csync.loopme.me/?pubid=11556&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=4026709a-472c-403a-98f7-b1f09c50ebe6&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 301
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=536222003037073419&gdpr=0&gdpr_consent=
Request Chain 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID&sovrn_retry=true HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=G1VwZLZHxkSPDPDYTd6UWzoO
Request Chain 303
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZI5FQbEkXkeCVJbyhldx0QAA%26033
Request Chain 304
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAg4GOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ssp.disqus.com/match?bidder=14&buyeruid=6163557896886539984&r=Cid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAg4GOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAg4GOAI=%26buyeruid%3D
Request Chain 305
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1149154120 HTTP 302
  • https://sync.1rx.io/usersync/turn/3666460092970085583?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Request Chain 306
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=90c228c1-69f7-4080-b443-2dda30600f56
Request Chain 307
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=734b1133-0f32-52a9-9676-102ff2f8556a
Request Chain 308
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212187997041863
Request Chain 309
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=009af00b-f2c4-40e0-8e22-77196a7c30f3
Request Chain 311
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 315
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmVkODcwMzg1ODg2N2ZiZjM3YmI1NjZmYWUwMGVjYTMwZTkwYjc5Mg&gdpr=0&us_privacy=1---
Request Chain 316
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/HnsmOjrmdHgy8jTtjUMlF8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-udLYXNtE2oIL77Ak2vRQSEa1RLWebFXDubY1HA--~A
Request Chain 317
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ0NAQAS-1X-L7LS&gdpr=0&us_privacy=1---
Request Chain 319
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fW2Xbeq5QbyOiwKRFe_sew&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fW2Xbeq5QbyOiwKRFe_sew&gdpr=0
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECxbj2x2aWTqGdMUjDo7uP8&google_cver=1
Request Chain 321
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&gdpr=0&gdpr_consent=&expires=30
Request Chain 322
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEowTkFRQVMtMVgtTDdMUw==&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEH6GAzzWxc1VJy2Cv6ubRmA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEowTkFRQVMtMVgtTDdMUw==&google_push=&gdpr=0
Request Chain 325
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LJ0NAQAS-1X-L7LS HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 328
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
Request Chain 329
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2198261905534825226&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=
Request Chain 330
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAE2u07JHIsAACA_VdpK4w&gdpr=0
Request Chain 331
  • https://um.simpli.fi/lj_match?r=1687045444819&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=A1A1E2756F36417A842BBECC019687AF
Request Chain 334
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LJ0NAQAS-1X-L7LS HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.4dex.io/setuid?bidder=yahoo&uid=y-lwoECWxE2uFgP13XoDVGiZykmCsnrAEp8l2I1qc-~A&gdpr=0
Request Chain 360
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=cc056d69-4011-49d4-a9c3-ee1d13e4dbce HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokY2MwNTZkNjktNDAxMS00OWQ0LWE5YzMtZWUxZDEzZTRkYmNlEAAaDQjGirmkBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cbb3e467dea75438300e93c97793d9da4b4626f4a64435b2a1a935876a838afe791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cbb3e467dea75438300e93c97793d9da4b4626f4a64435b2a1a935876a838afe791426b5417dce21&rand=01186679 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cbb3e467dea75438300e93c97793d9da4b4626f4a64435b2a1a935876a838afe791426b5417dce21&rand=01186679&expected_cookie=1d7c9e26-cd9b-4ab5-9254-471d909bf229
Request Chain 361
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6163557896886539984
Request Chain 362
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3666460092970085583&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 363
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZI5FQwAAARkr3QAz
Request Chain 364
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&us_privacy=1---&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26us_privacy%3D1---%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&us_privacy=1---&uid=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
Request Chain 405
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 406
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 407
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPg6EJvGMDPre8WflrSJex8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 408
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D
Request Chain 410
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4090118527531875369328&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cffeb3e3-6131-4e23-b554-1c59b3ed9f1a&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 412
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4090118527531875369328?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-QI8hmCJE2oQC0raEP2xyC2fHjK43eFpGYbIYcclpQQ--~A&dongle=0883
Request Chain 413
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=SH61o9eW3usfInkR2FZ-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KNEDMMLPHFSVOM3VONTES3TLKIZEMWRN&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KNEDMMLPHFSVOM3VONTES3TLKIZEMWRN HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=SH61o9eW3usfInkR2FZ-
Request Chain 414
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6163557896886539984&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEGQDWxbZdlUgBz5JXhv0rGQ&google_cver=1
Request Chain 416
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=RTktTTVraDA2d0k
Request Chain 417
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
Request Chain 418
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI5FQbEkXkeCVJbyhldx0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
Request Chain 421
  • https://sync.aralego.com/idsync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&usprivacy={us_privacy}&redirect=https%3A%2F%2Fsync.sync.viewdeos.com%2Fcsync%3Ft%3Da%26ep%3D305801%26extuid%3DSspCookieUserId HTTP 302
  • https://sync.sync.viewdeos.com/csync?t=a&ep=305801&extuid=eda34539-d860-3116-b391-ffe0a94fa09f
Request Chain 438
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=864d26ea-df2c-43fa-802f-f5afce4db427&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZI5FSYQBMGhu1Sw-Eq5iSP9A
Request Chain 439
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=RpWYMyTQxpoQziJZ-WaArA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 440
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=d895648e-4544-4600-8aa4-c61d989f4bad
Request Chain 441
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=845f7f5a-0f14-42e4-bdd5-c3403979bb49
Request Chain 442
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
Request Chain 444
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1881434812 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7ecff58d-29b4-4fea-b0e3-d6c5213016b0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Request Chain 446
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g9b37a07cd086a85825b HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Dfe9cb3d0-e4b5-4631-9e63-ec4871293ac8%252C%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Dfe9cb3d0-e4b5-4631-9e63-ec4871293ac8%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=83128701974786401403422692530526639026&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C%2C
Request Chain 447
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://match.deepintent.com/usersync/129/store?id=&ext1=yieldmo&ext2=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99 HTTP 303
  • https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_0bee5e191f1d45d0b18ae&ssp=yieldmo&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99 HTTP 302
  • https://ads.yieldmo.com/sync?userid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 448
  • https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1 HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=9d345672-30c6-4df5-b8fd-70efdd8b93f6&pn_id=b
Request Chain 451
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=845f7f5a-0f14-42e4-bdd5-c3403979bb49&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 452
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 453
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d$ip$38.132.118.71&dongle=4430
Request Chain 456
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3666460092970085583&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 458
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAE2u07JHIsAACA_VdpK4w&dongle=bzwx&gdpr=0
Request Chain 472
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Drkt%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=rkt&refUrl=&vid=70454493413300470441523937000V10&ovsid=970314640527939565
Request Chain 474
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=son&refUrl=&vid=70454493413300470441523937000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=son&refUrl=&vid=70454493413300470441523937000V10&ovsid=548f579a-2e91-4164-a201-9f750b993513
Request Chain 475
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dcon%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=3ad4a3d0def02384&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dcon%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=con&refUrl=&vid=70454493413300470441523937000V10&ovsid=AAAF03RTt7LY8QNTEbplAAAAAAA&expiration=1687131849&is_secure=true
Request Chain 476
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dopx%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=opx&refUrl=&vid=70454493413300470441523937000V10&ovsid=51ef7b90-2656-4554-95f5-1080989028ca
Request Chain 477
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dmma%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=mma&refUrl=&vid=70454493413300470441523937000V10&ovsid=d895648e-4544-4600-8aa4-c61d989f4bad
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzMwMDQ3MDQ0MTUyMzkzNzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIUXUpyAwFrNdEJ57sMddxo&google_cver=1
Request Chain 479
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Ddxu%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=dxu&refUrl=&vid=70454493413300470441523937000V10&ovsid=su5GORrt1QaFAo5
Request Chain 480
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=b2669be2-8f34-4b4c-91cc-64d84e02b962
Request Chain 481
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=bdc7de11-25d2-4be2-916c-1ec105949f96&ssp=medianet&gdpr=0 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 482
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dzem%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SH61o9eW3usfInkR2FZ-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKTJA3DC3ZZMVLTG5LTMZEW422SGJDFULLIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU3TANBVGQ2DSMZUGEZTGMBQGQ3TANBUGE2TEMZZGM3TAMBQKYYTAJTWONUWIPJTGMYDANBXGA2DIMJVGIZTSMZXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKTJA3DC3ZZMVLTG5LTMZEW422SGJDFULLIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU3TANBVGQ2DSMZUGEZTGMBQGQ3TANBUGE2TEMZZGM3TAMBQKYYTAJTWONUWIPJTGMYDANBXGA2DIMJVGIZTSMZXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=SH61o9eW3usfInkR2FZ-https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=70454493413300470441523937000V10&vsid=3300470441523937000V10
Request Chain 484
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3300470441523937000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=bdc7de11-25d2-4be2-916c-1ec105949f96&cs=1
Request Chain 486
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
Request Chain 487
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAdW-ECxf6Ysxzi5SWslpjE&google_cver=1
Request Chain 488
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE2MzU1Nzg5Njg4NjUzOTk4NA%3D%3D
Request Chain 489
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECxbj2x2aWTqGdMUjDo7uP8&google_cver=1
Request Chain 490
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmVkODcwMzg1ODg2N2ZiZjM3YmI1NjZmYWUwMGVjYTMwZTkwYjc5Mg
Request Chain 509
  • https://fw.adsafeprotected.com/rfw/bgd/1362487/69631270/xbbe/creative/adj?p=APEucNW5E4rWA2pyRbBPKdopVfnuPP6tQ1dk2E5yIaWp634Tpr9z_Dc&d=CokBAKAmf-DsSeV1Wrv7PFymp9pWDL81_X2JfLRKOGuAJIC8HWU5fsarRnYLKGC3bpJzze8iOJpxSQCIoPQ5DNZysimKQiDcGuzdbbYcnUC5a8tjfXNZASGJodY8Fkdjx_F6kLfhbL06WY4WwyN_orVnrtg7rRErc8RqO9dkORWxbCFpYfEURhvpP84SyQ8AoCZ_4KZgtWLyDMhP1Q-v8DqSiVwFScC9vxpgqhrUrUTIb7V7MHWdn2VjpbpPvqtM8Z9mFmEfZ3WX3uKKCZpAIIh1u-wD9YCxnJmOO28oD8IZ8-iBJDnM4Tq9mh3DQ95g7a1nf7NT-tkRV7iq_gsxd-Tw-2X60GK8EPLLcgqbciZy4VHSLv2Hs_CyQNNMzmG8FNzf-naOXF28En_I352bDLFuUTA3abMKKq_CK9hChGNkGePqWNFSvx9m3M1-_9DzMVJKz7uwff5InOQ6KtkOaBPshNJfZplVht7bj5M_yXAy_yE2kQvbzESUWFMgeQwnZwGsSNIYujfD-g4jjf-g1_E0xouus3z7oTghR8-zLCVvIKVUxQjVSRpKvNFzAzvIlhJuv5BhMrnwFXoDY6pi3OtOeyegKIMXhfkKtqMvR9V31lKOSXSDmPh9GaZ77N9vl6PzRMtknCpS_AQ6ApXIQtqDF5UTV9ko7l9clxoTPOegQ2JBSDwaYAy1tf6RMatQ92a4qp8HaIRX1FnGz0Yj-Kugrp2MxHl_gN3qhxftpli_MjvthdsyXzCcrlwqGNyOZ7oelyqDyFQs9s1WV0kD4lFiePsw-1OgYO_OGlg5lZCRzlbhKy4N80LPeYYRET5FSljGS6Vof8pltL_bGdvMIewTnlOEWx7pBvx9lDODaJndENIW6jwg6VqL5Q9NtOsStEniZP9MpCObbj1-9BJdUNdjdlWtmdJIJuiRsoNzBVdKszm-rf7k1kOwP7YkeOY1Y2m_tQzyCrdUhyUhzHhtV8Wv4i9itukOaTb4VE_DJzlFoQkYa8JbL8aSZPZeublLqqBldok2ZE42_9bg4YIxfLACjdTy354EuCROamji-Cbl0dqBFbWpx3QGhcBErGy8Va4PsXD13hWj7GISbSk0dHEr9pHMoZZn4VdFimyeJZu-k967wY4bnqtNK_ZCHEmm0WnbPnN9d8kzUQonJ5ipCOa3CtD4Fb0-KhJwkoihHOcA25pBzVmfYSXrUto0CbbOmttvHmEDPcrVs1Yn3DaGJ2ClvjPBwg2kR6HVvQL5wfMlf5g02MQi8B9l12EtXqKucQrBDgNZSO20cYuajXsLt6iaJIaG378EwFNWdnyC2J5PepyoB6yH_28aNmyk3cnjkhVe9UlvXyQ4j9uD3rhpC2J3aNqrwJ6qx-rFm7ZmKfAjDuKvysIy0SISxwmbfHd1Tux7oh2wMeMgvbE2_3OYiOph7F0Ne4sdnqitdKfekS2GuKQbj9fJOpXiKZ4Vx88cHj2q7i70WA8_RE3IAg9_67kDY8YQwzpWXKjTYjDDXVvGMwzx2FfYKET3J_7WU6LiSU3yOW6fLa6X-35XQLTZrxjKpuvId190XQxy1ijfi9K9jegBCx5aT9rTnlHM1GorImafPRZVdjaSn0mAcUfRrJ3-gk4F4RAchMqwgr4Pu_IYFIrpL7YsMne6omDrZx4rDM8hWMFioI94zizHDNE6VvdXvd1nTlGBdrY4USPbxSPbUgQZtYDLU_JKDB9T_EbrHNcF7tRNKs03zPNW8wBbduHuEDQ6ceRR_XBQfTdWhg4g5l2OJCelK-5FeRPLD-jmpZfbGI3obI8_aPxprfRFP0JjRRDikvXMwqqavKDFlWFNHFKGOzweOOtqJF-ZJoixXuv3-gw-F_SlmsCyC77whxPsjyX-RIR7x7Y38lyxfTC12FRKl95RRLC16TBWqvpZjjjC010tDmJPILRrs_MZYJCMFrtkuZX5tVF3t2E_d66EZIxSw_1wqi2e7XokKHmMxFPh2uhXzssiwDOHC_-EPopc4xmvLAuXisfQ-Zkjtbcr5CyZXxIIEDVH8b1uG95NtavlB0VRzo2pu4YnFuWU1ZDezuWsd_LHgNUB-PeI1za26Upy-n2xs1Ogwp5bUN3XbcgCVaNZyd7Xp45X_uGKoNE2t0-opITgl8uVA-jD98t-CfjtahVQu5GiFJsJXfJ7eU_o-cZwcSvXXDO4R5pa4q2FTnetHnhKdP6Pj9FRtLptXa2KZ2tNlshmfuWYmC0_VUdhVBf_UsJ9eh93I3NRhFO1A5d_Rwe3CNTX6JFGHoh_rxGrZPPMzm06gAl22zkK9RmY9aRnOVOBJAph-P3xsqyotJBjpVFhSLz6q5AApBg3U1NW49whjUb094WBxCjnp4UVpCyWs1bA7QIY4ZXxWF04KJHBJaYePUfbI6_TvlkoIc9fGxzPgKrmY0cHHu4xtMyDo9uDftoHz_OfA5BZ4HP348_gFFpAm54LGMRiEiUPK-O1bqRtGDxBRxQYETNE6YgbwgzdHhY-ayN2MM4mYb3egEJxU57UKGlN8osuyzCgTebvQhkbsXvt65JKMCvXRon_q5Sf42RSMgkUA-m9-ggbEuCI6lgwBWn8pzrV3tQ5oaHxxBhDMZt_91wfqiEl2eswV2vjnR-1ZpmO5X03gZN-nAAzPJ-F5SQJaq9vgzcUYJQVhP_bYzLST-JqTK9JKUnVhBTwNcxxsx4i1kFhgBXiWCDGgomS1Br6qKoTbc5bCNsZuE5I4XKMrif_P6JU15fPGJNmSxu8B1xgJMezwIDJP95MGwMVsbGSJ7XUA4GNROqol2WOkduHpggvChKdF7lCDstYzc1fkxYMrL_yCRtufgP3BMEbGjgIBBIyAHKBCIMCLOE-mABz0CUYq_SD7G8QpaYMmEolEI7P6nAwBBgTHSQar_ry4LoLWa23C9kYAWAB&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DSimpleFlying_ATF_SB_Desktop_300x250_HDX%26aid%3D18788414406413937260552%26rev%3Da75d1a7%26pr%3D2.233%26bc%3D2.659%26bmid%3D5989%26biid%3D6021%26sid%3D79352%26brid%3D711%26adid%3D396059580%26crid%3D339219%26ts%3D1687045443%26bcud%3D2659%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D92240%26rdir%3D&bundleId=&ias_dspID=3&ias_campId=20426361&ias_pubId=11453&ias_chanId=96&ias_placementId=51178161&bidurl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iss5SH5R0ZMZMjf4WIQb0V&adsafe_url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:5777a7a2-3679-dfdb-c0a3-35bce5f1aa76,c:fQgjkh,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6dd95747fd-8qtgd,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1065.2234.300.250,am:i,cc:1065.2234.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tHu6Mj1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2*.1362487-69631270%7C1g21%7C1g3%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u%7C1v%7C1w,idMap:1g2*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:43,oid:d9bf0b63-0d68-11ee-8c6c-f2a1dd2e92a8,v:19.8.417,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_300x250.js
Request Chain 521
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=G1VwhPZH-q26XH-aR1uPMNQ8
Request Chain 522
  • https://id5-sync.com/s/286/9.gif?puid=8d412b32-806f-4149-b836-0zz1687045443&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAE2u07JHIsAACA_VdpK4w HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=C9FE2347-10FF-4ABA-8761-C084B8379398&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1242%2F7%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1242/7/3.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AAE2u07JHIsAACA_VdpK4w&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1241%2F6%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1241/6/4.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F3%2F5%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/3/5/5.gif?puid=d895648e-4544-4600-8aa4-c61d989f4bad&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F434%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/286/434/4/6.gif?puid=548f579a-2e91-4164-a201-9f750b993513&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1129%2F3%2F7.gif%3Fpuid%3D%25%25VGUID%25%25%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/286/1129/3/7.gif?puid=FPMXHM4WgKFW&gdpr=0&gdpr_consent=&ev=1&pid=558355 HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LJ0NAQAS-1X-L7LS&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LJ0NAQAS-1X-L7LS&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1243%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1243/1/9.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F101%2F0%2F10.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/286/101/0/10.gif?puid=552a321d-0826-4b59-96ba-f8d1f84f917e&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?uid=ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA
Request Chain 524
  • https://fw.adsafeprotected.com/rfw/bgd/1362487/69631272/xbbe/creative/adj?p=APEucNUyvx52L1MeRDKyps9I3f2CeWF64We_56lmBext-z3oahTjDUE&d=CokBAKAmf-DLBySL6ukjqhBPEuhnoTv2GzLMi00_svmMPHg5jI8EW8H1tTwQuBh0UGP0_pg8Y1i-oRs0KTbXbAmbkJ3pdcvI-m_vZqXpzDdoLZuhBHRg4-SIQiYoZweqpDmjudBc1oZlEY-iDmsU2bBBQo6d7LNOLE9MXbL6MxZ0v15zkqGT02FWD0QS6Q8AoCZ_4Na8mAO_cL0SMtmTHuk6V-E-sQbQBTJwlR-k3__2CLjTfOxuFpWo4kaMk2J8zeo0Nkz_Pkhie6jkuHxndqOakEo8XAnfpHaUequY6nDtJIhQ_6r5Ji_7RadUWatRj2CbPbPV6etWV9PIHuQQd9PLW1Qr9eVL6S_-JLnRAAnHyHnLzcPOnKcN3-KTSutesHlMZGh-60GgCHV9bfVh5n6Qy7pgbpGPM4dB4mIEGoKkM1OAJZnYt-NzY4IloovAVyx2lmeocRxGZRmyGuQZ5b6a-H9YIsqnqK2V0bODvkcwebgqxLfySNO1b6HL1QCB7ZfUtmxGsOtDSa_FaBgBZ8JjF2FUEvOr-QVNY08FSHWpTGBmqN2l670mkZ3xLLo3w8iaCadimKLDfyFjRTOF4Fhpvc8JTawYe_JaEbC2f2aVG44OMrC3afwCBnX5eZxAHid13_nTBimB_NnMtA1Y1F6okmVOXmjeDcf2XOPL7EH5sxsqhDBVmr1Qy9rru5iWU0yHSSiEJTi2OuErtnbWCrEQ9hGtU4XCwoV9cWPIcpyF4DvtLc8yzG8i63G87SwsbI9an0xvUivYjt4iB2GtEo1BsV7zVDf8BJQo5GZalIzIA-4A2R88ithTkqxW8GSGKr9i5OYO5oXQW3GrH4D0hU3k8xa_9nMaWeSmU-x2pwhVzAiPvmlw4QGea8u-Vcyz6pKTzNDh8QHfrabAOJVZ4vniy0J1vkeCii99J4BNa-qBtrf10W5zlMT-wLeBK4GAcsDP4S8bPajymdY_6uHBeSzxtu7BvUhDdJ6CxXV0uqUTTAGc71cDgk5mcqdHWP0V7oH6_qoSiG6Am-J9tsVdgT-760rCPz73ODRJhoWlhWwul-zUGbVgg-sUYc6T4Z36l2tTw6YSoXEux62FfPiOr2rvou4lTDvPpEul_v-SgioaAuvEi1o4PCl5bbXdMXqgGP8MIUazRVzZ97d0bkIMGwKukR-7y8dIG3UaP24BDrtXi85xbf6ZWj-w_BEmFWbYgGkazgR4HrSLs5mFj4IdmJQ81SQDQF5Zuh45BBEsvaefxwZY_M3ret090DmFesGsbQPlw0MRyhn3iIwmUOLCGYCvQb5Nsybbb7RL3Kzjwjykwmk7bk4nrEHTuNEQ0G7ShF47kqCJmevyDDSUzKrLQIMiJwxung2qocUKzYMer_f98j_yQ_EulD_jlKi-AeGTgilQ1FgPiAyw6_6ZrtsXOml8WlUgCHOKFGaAERRvSdMzobAmt96kP_KrNuaA__TJnx8iCNTCQNxascBiU1B5o7kZX38BOug3cf1x6lhbrgrDmFsmr11JwoumaGHqMDDoXFjtdWH03RZ6Ed-Qu3_D9fM9kRsxEZe3T7QCWVGPCLT8iOchgk-H5ToK_dvu7Bu_YkD7DXDUH5d8J7T8dXkszTkz-Sc5RPSscaCmGnXJMD77danchVe2a1E6DIQjua1tLo2owQt0ZGo_U2avw43RNmDEWxbPkXyyTWfmVSjwz1xMZeH6_fWZEWTeO4rQUs0l3rfrJJmlerA0Fq3jbF0ZVucfBsYnOu3Osr4MILQxG2zHAK5q8Shd8ajM6dH7Iog-L5fbC_yi4WN-1vtfZ4G5Wslq5n4b_2L_gkFeFzkK8vX8Nr7Qxp5I68ieysC85x6pmCzL_h75pPcAMPQLe9ES24mcezUEnuvtgh-bqsw2YotcMyejbpEQ0twTkBiS1rbTz5dqS2HMxVlGjrXbhgrUPDURaLQacmjiy16iVo6Jc4MitQYbXZM8o6dsH9lGHI2llPotFjCvEp2W3j3AUBIVPZv6r_2tzJCqLUVZIvLSB3nAjBfjBMEktG5UKbYGoxqay3UXxbi7EacxGxxxYrF-aNIuWUD90gvOADQ6t133AVE-FlIRdX-f86JfabHuwKMSCPmflmxblTMxd-BBY3wvTDFxrxjQtie3iBSkz-X60g9F9SnOZAXb3WAMKAU4nLxFl-Yz1P3livgSJlKKJV4c9aYQL-DVR43kbDM8lyDIwGWdkhEXOZf0ZzwyjQfrLoJhiF9PtKhQzzbXxtNZwWUScQG2Q-sWzvDxY7xSQd-IKMSgKFxdom7RHQCOhE9LeJ0BddveXZY1fC_HcdQUWKeRdYPRiWjmIweCC4ThYXGzGM5KhKTvTCAfW_vIBkR-Q6ZDLVF8oQ3XMc50Kn2zOMD0cgSB-gyYoUWm-YH-BmADtA5ULq-HVTpp9JXnPYc4RodB9iNCeRTjGrglJ9LGp7N_xiBq68MJaG-v11Od-tksZNm0KqnvumwNxSQu0hrg1XQLHQHdWw0Z-h-aMFMhPjgww5q24YZzMd52OCSy0X7qpg-udscHYty3leGAnYmbQTDstnAxvhgYjCfgisMxEfYjSfMgupWdwiusWkRbMSWXU4VrYWNKTn8AzhV5og0buFPRJSVXEa-2ZL5RweGh1MNUMpsWbIfWzOq0oPbyz3Mcz8fCFFnK1KVOI-QKSFL55mHu2FDxJbPre14GKKCF8VycOWS3YUzb9Js_A_d9f43jHvn-BOqNzbzV_LGdHrXDNI0vLBhhFCednZrFM9Y-BAUJ0kySJgxj7qpvtxCiU-qxymN0sfH3t-of08A_xdyzGI7SfI8kWDUoe3pI27j93VmrH0BoKtqscGyIEy1rqk6a8w0oLa3PyLQ2X8kzItX1FisZ45ghAqpdlcMaLwgEEikAcoEIg7SiDBhdasyb8UcSg9BN8Pp2kHNwRBUH8Wb0n_zkn91tJ8MeQBgBYAE&bundleId=&ias_dspID=3&ias_campId=20426361&ias_pubId=184915&ias_chanId=13&ias_placementId=51178161&bidurl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hsqAOARBIUEtRMCbzd9MxT&adsafe_url=https%3A%2F%2Fsimpleflying.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fd83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:69baaad5-b56e-aea9-4734-b289c2738647,c:fQgjog,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6dd95747fd-z544p,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tHu6MmT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g21%7C1g22%7C1g3%7C1h*.1362487-69631272%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:49,oid:d9b7b8ca-0d68-11ee-b75a-3abd327237ea,v:19.8.417,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_728x90.js
Request Chain 530
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=A1A1E2756F36417A842BBECC019687AF
Request Chain 531
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=9975ce8b-ba8c-45c5-b43c-92e8a0e97bf9 HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=9975ce8b-ba8c-45c5-b43c-92e8a0e97bf9&_li_chk=true&previous_uuid=9ffaf2c16a604ac0a1e91fcff0445844 HTTP 303
  • https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=9975ce8b-ba8c-45c5-b43c-92e8a0e97bf9
Request Chain 535
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=356e8785-95ce-5a82-0193-251d0fb2fad4 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0nluaib0xrmmr
Request Chain 545
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/&tl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/&nf=0&rt=true&v=7.52.0&av=2.0&vg=pbjs&us_privacy=1---&am=null&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=undefined&us_privacy=1---&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
Request Chain 550
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
Request Chain 559
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=6163557896886539984
Request Chain 560
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&f=i&uid=[UID]
Request Chain 561
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUID%7D HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=a01d9dc0-34c9-4c5d-9d36-aefbab24789b
Request Chain 562
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&pu=https://image4.pubmatic.com/AdServer/SPug?p=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157577%26pr%3Dhttps%253A%252F%252Fpbs.nextmillmedia.com%252Fsetuid%253Fbidder%253Dpubmatic%2526uid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=https://image4.pubmatic.com/AdServer/SPug?p=157577&pr=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3DC9FE2347-10FF-4ABA-8761-C084B8379398%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=-1&gdpr_consent=
Request Chain 563
  • https://ssum.casalemedia.com/usermatchredir?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=ZI5FQbEkXkeCVJbyhldx0QAA%26033
Request Chain 572
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=wkdusMBGYuHZQ2Hnw0Z7tsYWYbPZEjSwwUJU_IuQ
Request Chain 573
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=52f6cc5c2a392197&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAIrvVJP9e1mwMhFZyAAAAAAAA&expiration=1687131851&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 574
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=d895648e-4544-4600-8aa4-c61d989f4bad&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 575
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=bdc7de11-25d2-4be2-916c-1ec105949f96&dongle=31ac&gdpr=0&gdpr_consent=
Request Chain 576
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZI5FQwAAARkr3QAz&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 577
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=WyR0H1r4W4Pt0NMPdPw3&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=&tc=1
Request Chain 578
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=su5GORrt1QaFAo5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 579
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=A1A1E2756F36417A842BBECC019687AF&dongle=yf3
Request Chain 581
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_d79685b0-0d68-11ee-bd01-12a7adfcdbeb
Request Chain 594
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dzem%26refUrl%3D%26vid%3D70454514443300470441523937000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SH61o9eW3usfInkR2FZ-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKTJA3DC3ZZMVLTG5LTMZEW422SGJDFULLIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU3TANBVGQ2TCNBUGQZTGMBQGQ3TANBUGE2TEMZZGM3TAMBQKYYTAJTWONUWIPJTGMYDANBXGA2DIMJVGIZTSMZXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKTJA3DC3ZZMVLTG5LTMZEW422SGJDFULLIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU3TANBVGQ2TCNBUGQZTGMBQGQ3TANBUGE2TEMZZGM3TAMBQKYYTAJTWONUWIPJTGMYDANBXGA2DIMJVGIZTSMZXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=SH61o9eW3usfInkR2FZ-https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=70454514443300470441523937000V10&vsid=3300470441523937000V10
Request Chain 606
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Request Chain 615
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE2u07JHIsAACA_VdpK4w&expiration=1688255051
Request Chain 616
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
Request Chain 617
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3666460092970085583
Request Chain 618
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZI5FQwAAARkr3QAz
Request Chain 619
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=47cc3151aac81066&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF03RTt7LZWwMkgANrAAAAAAA&expiration=1687131851&is_secure=true
Request Chain 621
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702856651&external_user_id=ea902a8f-d778-4012-805d-a6faa940b707
Request Chain 622
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
Request Chain 624
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEICyPZfiA5RKWw0WQMHpY_0&google_cver=1&google_push=ATf1kGPuzcb8hI-AZYLV5aTSDkF_cjFKIPy0uAY6HcHBaFxL1tikZt1BMiZ8D8LsV2xr-rWbBLsKNQbnvYZ1yzpIZRP0Xst70bc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE5ODI2MTkwNTUzNDgyNTIyNg&google_push=ATf1kGPuzcb8hI-AZYLV5aTSDkF_cjFKIPy0uAY6HcHBaFxL1tikZt1BMiZ8D8LsV2xr-rWbBLsKNQbnvYZ1yzpIZRP0Xst70bc
Request Chain 625
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJ4ReCXkgLkBFkwporQ0Vug&google_cver=1&google_push=ATf1kGPxC1u0AEuN9FZwxEiW7bs1YRAwoN-Bh1u_y9joHBQKrvcORaADOUGc3aykua74ourpEVQPvULnb1PC0y8UO_pjtGipp1M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qvw6C54pW5dT0Uyo7jdufSaEdkc&google_push=ATf1kGPxC1u0AEuN9FZwxEiW7bs1YRAwoN-Bh1u_y9joHBQKrvcORaADOUGc3aykua74ourpEVQPvULnb1PC0y8UO_pjtGipp1M
Request Chain 626
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGOyuu0wsiBOTRH2C7maN5vDKglLsWCN87-vMIzac23nwKRRJhpYuvD49I2gsyTiZJjx6lJFWsJtoEhfKQ7IDTe8KyuDWljb%26google_hm%3D%5BUID%5D&google_gid=CAESENh1w8mVOqUbWAsmz5CmucQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGOyuu0wsiBOTRH2C7maN5vDKglLsWCN87-vMIzac23nwKRRJhpYuvD49I2gsyTiZJjx6lJFWsJtoEhfKQ7IDTe8KyuDWljb&google_hm=548f579a-2e91-4164-a201-9f750b993513
Request Chain 627
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEYR-2V1FlknXO-SywdPr1g&google_cver=1&google_push=ATf1kGPrDLzcKVTPVEKbQk7tFC1ZnXH_X0LRINGfoxZDHMQF4Xa7SCOzUTYVDDk5QZWVjAN-eQpHrbf_hciEh9h_luW9k8OJggMb HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPrDLzcKVTPVEKbQk7tFC1ZnXH_X0LRINGfoxZDHMQF4Xa7SCOzUTYVDDk5QZWVjAN-eQpHrbf_hciEh9h_luW9k8OJggMb&google_hm=G1VwhPZH-q26XH-aR1uPMNQ8
Request Chain 628
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECEHyKMcAnkGjI8NMT3fOao&google_cver=1&google_push=ATf1kGNJn79lRKTRMgu_wbyF4RbiH_QWP7WIeapOZiS7_C6ZMcghTskON0Xa-DRsBXtD9RbT-CxrqsHTlubZx4IDvhXVpq50gsG1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2e03aa2e&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGNJn79lRKTRMgu_wbyF4RbiH_QWP7WIeapOZiS7_C6ZMcghTskON0Xa-DRsBXtD9RbT-CxrqsHTlubZx4IDvhXVpq50gsG1
Request Chain 629
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDFjbo8U87TnQ7aQcBVzT90&google_cver=1&google_push=ATf1kGN2VZapMSvI5BoBtvKWH63H4G2mIBDNJ2hu-eilLo7vvNJpUzQQvX_a3jjstzBMW4pWlBB_848Bzlmt8mvCV9R5mPy6_F4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGN2VZapMSvI5BoBtvKWH63H4G2mIBDNJ2hu-eilLo7vvNJpUzQQvX_a3jjstzBMW4pWlBB_848Bzlmt8mvCV9R5mPy6_F4&google_hm=ZzliMzdhMDdjZDA4NmE4NTgyNWI=
Request Chain 630
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKGmbBOGAlWGLVF_fl-weMI&google_cver=1&google_push=ATf1kGOn7vm6IO2a3QRlR7F_NcacXERoo6H17BypW7_tCSjy9PHe3AfXc43L1qDNTVQejY4dpMA16auv-SXxAIjaVYu4OH7hVTgv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D&google_push=ATf1kGOn7vm6IO2a3QRlR7F_NcacXERoo6H17BypW7_tCSjy9PHe3AfXc43L1qDNTVQejY4dpMA16auv-SXxAIjaVYu4OH7hVTgv
Request Chain 635
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 652
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 653
  • https://ssc-cms.33across.com/ps/?_=1687045452030.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&us_privacy=1---&uid=212187997041863
Request Chain 654
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=qvw6C54pW5dT0Uyo7jdufSaEdkc&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 655
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1687045452030.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=1&external_user_id=d895648e-4544-4600-8aa4-c61d989f4bad
Request Chain 656
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-tX_fCyhE2uHfjvCU.KQC9zujitxOwE.A~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-tX_fCyhE2uHfjvCU.KQC9zujitxOwE.A%7EA&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 657
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=7acc145311b01066&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAF03RTt7LZaQNTXzfSAAAAAAA&expiration=1687131852&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF03RTt7LZaQNTXzfSAAAAAAA&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 658
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=4090118527531875369328 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4090118527531875369328&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 680
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&gdpr_consent=undefined&gdpr=0&khaos=LJ0NAQAS-1X-L7LS HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LJ0NAQAS-1X-L7LS&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 681
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&us_privacy=1---&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D%26us_privacy%3D1--- HTTP 302
  • https://u.4dex.io/setuid?bidder=openx&uid=15c9169a-5a3e-4d7c-ba13-53c9f1fdb3fe&us_privacy=1---
Request Chain 687
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=bouncex&bsw_custom_parameter=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dbouncex%26bsw_param%3Dcf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2989%26partner_device_id%3D%5BMM_UUID%5D%26pt%3Dfe9cb3d0-e4b5-4631-9e63-ec4871293ac8%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dbouncex%252526bsw_param%25253Dcf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=d895648e-4544-4600-8aa4-c61d989f4bad&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dbouncex%2526bsw_param%253Dcf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=bouncex&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99 HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Request Chain 688
  • https://cs.admanmedia.com/ff062a454b79198e17a2ec718ec55e04.gif?puid=5553-177323615584285785&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=[GDPR_CONSENT]&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D158481%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcs.admanmedia.com%252Fb88c93c8e248435bf25dac741904edd1.gif%253Fpuid%253D%2524%7BPUBMATIC_UID%7D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=%5BGDPR_CONSENT%5D&partnerID=158481&pmc=1&pr=https%3A%2F%2Fcs.admanmedia.com%2Fb88c93c8e248435bf25dac741904edd1.gif%3Fpuid%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://cs.admanmedia.com/b88c93c8e248435bf25dac741904edd1.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://ap.lijit.com/pixel?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcs.admanmedia.com%2F9e36def72e80a18ff8aef70db891a1e4.gif%3Fpuid%3D%24UID HTTP 307
  • https://cs.admanmedia.com/9e36def72e80a18ff8aef70db891a1e4.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=ce0642e2-639c-4d10-8c5d-e263dddf6c33&r=https%3A%2F%2Fcs.admanmedia.com%2Fsync%2Fopenx%3Fpuid%3D HTTP 302
  • https://cs.admanmedia.com/sync/openx?puid=e70be68e-fe43-43f6-b73a-077195491572 HTTP 302
  • https://ssp.disqus.com/redirectuser?r=https://cs.admanmedia.com/7df8d99918d2854384fc4c2d197ec3ff.gif?puid=$UID&redir=[RED]&partner=acuityads HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-a8f84e92-87fb-31c9-9a25-b4d50b950c3a&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpraHR0cHM6Ly9jcy5hZG1hbm1lZGlhLmNvbS83ZGY4ZDk5OTE4ZDI4NTQzODRmYzRjMmQxOTdlYzNmZi5naWY_cHVpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAiIfOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 307
  • https://ssp.disqus.com/match?bidder=34&buyeruid=E38C30D9BA97405BB79CACF9A2C6426C&r=Cid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpraHR0cHM6Ly9jcy5hZG1hbm1lZGlhLmNvbS83ZGY4ZDk5OTE4ZDI4NTQzODRmYzRjMmQxOTdlYzNmZi5naWY_cHVpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAiIfOAE= HTTP 302
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-a8f84e92-87fb-31c9-9a25-b4d50b950c3a&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpraHR0cHM6Ly9jcy5hZG1hbm1lZGlhLmNvbS83ZGY4ZDk5OTE4ZDI4NTQzODRmYzRjMmQxOTdlYzNmZi5naWY_cHVpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAiIfOAI=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.disqus.com/match?bidder=31&buyeruid=ac3481f5-27e9-43e4-8b0c-ae0f5b9ff547&r=Cid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpraHR0cHM6Ly9jcy5hZG1hbm1lZGlhLmNvbS83ZGY4ZDk5OTE4ZDI4NTQzODRmYzRjMmQxOTdlYzNmZi5naWY_cHVpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAiIfOAI=&gdpr=&gdpr_consent= HTTP 302
  • https://cs.admanmedia.com/7df8d99918d2854384fc4c2d197ec3ff.gif?puid=ua-a8f84e92-87fb-31c9-9a25-b4d50b950c3a HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=89&t=image&uid=3118d3d7-86f2-4522-88f1-c91fd797c74c
Request Chain 692
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=2952587125 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/d895648e-4544-4600-8aa4-c61d989f4bad?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Request Chain 693
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 694
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lyW0iXyVCByl3Sl1TUWOZA
Request Chain 696
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e78eeacd-32ca-4f3a-ad54-4da47a4de1b2
Request Chain 699
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7403318521853444473&uid=Q7403318521853444473&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7403318521853444473
Request Chain 700
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A1A1E2756F36417A842BBECC019687AF&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157577&pr=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3DC9FE2347-10FF-4ABA-8761-C084B8379398%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Request Chain 709
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26us_privacy%3D1---%26uid%3D%24UID HTTP 307
  • https://u.4dex.io/setuid?bidder=sovrn&us_privacy=1---&uid=G1VwhPZH-q26XH-aR1uPMNQ8
Request Chain 713
  • https://idsync.rlcdn.com/712188.gif?partner_uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=cc056d69-4011-49d4-a9c3-ee1d13e4dbce
Request Chain 717
  • https://idsync.rlcdn.com/712188.gif?partner_uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJgZE_n34Tg0THm9Kxs9gh8&google_cver=1
Request Chain 722
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26us_privacy%3D1---%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&us_privacy=1---&uid=6163557896886539984
Request Chain 771
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=simpleflying.com&sn=ChromeSyncframe&so=3&topUrl=simpleflying.com&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=PpKqpXxJclYrQjFxUzJNRGxzMHVTOUs1NVpZbG1PRXR3czlaUi9NZXdUMFNubW4zeGFudE9wQ3EvbzZMY3JJd3VtTWV6SHRxZzZ5YTVScmxpbW16SjNaU25jT2w4dDBET3gwRVVRRjNKU3NzZWdoQVFKUitSN2xlL2tjWWlkZ3VsZUI0U29ibGw1VDRrUmdhMjQzUktUbDI3MzJaQ0RMaFNCSWM0R1l2S2xxaFVJb3BjZ05uZkQ1SU1BNHpHNGpENENVUERQTWk2R1p6RFhDYjVIWjNmdG51NDk3dExxOUVFRUhURG5LVUdNWFA0M2hLcGFIbDNUVXI0MzZOdnlMQ1NlSExZNFhOYngyUTVhaGw5RVYweUFpcHoySk9Sb2oxb0JZVExGaHFhS0Q5cWVEOD18&cppv=2

794 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/ 		789 KB
174 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
63861ecce4eae93a81022e8e99b3a6d96aa84737231a4eb443f89ed3bd6d44a3
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:00 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
newsletter-popup.2538ce7c.js
simpleflying.com/public/build/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/newsletter-popup.2538ce7c.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
495e5c6af86d003deb175949e5c3beb0f448d8cca3542ad7256ca3c7b0cb986c
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:00 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
W/"648cba75-164e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
expires
Sun, 16 Jun 2024 23:44:00 GMT
united-airlines-boeing-787-9-gru.jpeg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/united-airlines-boeing-787-9-gru.jpeg?q=50&fit=contain&w=1140&h=&dpr=1.5
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
ab871cdf4f7984242c220b63570614cd296643e0e2fdff6b96622f5108f16c9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:00 GMT
cdn-edgestorageid
885
cdn-cachedat
06/17/2023 23:28:46
cdn-pullzone
1157359
content-disposition
inline; filename="united-airlines-boeing-787-9-gru.avif"
content-length
51829
x-request-id
J469lrp5ZrAoct_eK5Umh
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"4PBQWpoFqckJEJC2cLo793Hr87vj90XamzExNXOkJxY/RIjR4YUJGU2gxeUl5cnF4dEd3bUo5SEEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
536f2fa762cbe096cde1bb08e72920a1
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
WorkSans-Regular.woff2
simpleflying.com/public/build/fonts/work-sans/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/fonts/work-sans/WorkSans-Regular.woff2
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ff35b06ac7e5d6c94018d6cd356e3d9d74bdd768a05042144ca390209add0131
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Origin
https://simpleflying.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:00 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
65452
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
"648cba75-ffac"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Sun, 16 Jun 2024 23:44:00 GMT
WorkSans-Bold.woff2
simpleflying.com/public/build/fonts/work-sans/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/fonts/work-sans/WorkSans-Bold.woff2
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
001c7143a6c3d2e86824f448d12071e8bcf20e0cc1675087a6b1783d054e1ae4
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Origin
https://simpleflying.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:00 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
45744
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
"648cba75-b2b0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Sun, 16 Jun 2024 23:44:00 GMT
icomoon.woff2
simpleflying.com/public/build/fonts/icons/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/fonts/icons/icomoon.woff2?v=1.3
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Origin
https://simpleflying.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:00 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15888
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
"648cba75-3e10"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Sun, 16 Jun 2024 23:44:00 GMT
icomoon.woff
simpleflying.com/public/build/fonts/icons/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/fonts/icons/icomoon.woff?v=1.3
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Origin
https://simpleflying.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:00 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
31216
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
"648cba75-79f0"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Sun, 16 Jun 2024 23:44:00 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c43bc3ed5602bfa279dd28ac9167c763af7140200d05ed1c96a6959919388a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86159
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Jun 2023 23:44:01 GMT
article-regular.c6eb188c.css
simpleflying.com/public/build/ 		326 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/article-regular.c6eb188c.css
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
37bc73de113a1face6d3f54a5d6c239d6625807632cac6dcba315a9d81cf141b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:00 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
W/"648cba75-51917"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
expires
Sun, 16 Jun 2024 23:44:00 GMT
valnet-header.56287885.js
simpleflying.com/public/build/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/valnet-header.56287885.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f4d613a0c9e5f7a2f2a0764f022a66abfaec0109afa344c55c8bec9f75e35335
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
W/"648cba75-a62"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
expires
Sun, 16 Jun 2024 23:44:01 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123120
x-xss-protection
0
expires
Sat, 17 Jun 2023 23:44:01 GMT
adsninja_client.js
cdn.adsninja.ca/ 		822 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsninja.ca/adsninja_client.js?v=1686769452
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
7c180b2a6aca0b9b9514d99677e8997f84fb0efbdc8a6f3e534af8ebc1a29a71
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
cdn-edgestorageid
885
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
06/14/2023 19:09:52
cdn-pullzone
1352862
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Jun 2023 19:06:34 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"648a0fba-cd8c0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
39730bb2b8fd048cab776712438087c2
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
op.js
tagan.adlightning.com/valnet/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/op.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6648cd7091726ccecff94eee73bac8a62bef4360f782e1f1539b56872ff66c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
ayLlBITjv_EXeNl5uVP7zqzrZuy3PsfH
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
date
Sat, 17 Jun 2023 22:49:14 GMT
x-amz-cf-pop
IAD89-P1
age
3288
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17754
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 13 Jun 2023 17:32:58 GMT
server
AmazonS3
etag
"c75d4200f38b919ac5e9e99ee8a15f6c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
5busrp5c9QmEUuWqcA7P1HW6TtNnadrvNgKHdF0LC1E-ggObuOItsA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adb251dee312a3e80f8d52865f17ff8f209e4ea3f098a3327595eafbd2cbd2a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47313
x-xss-protection
0
server
cafe
etag
13663710978518632844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8382598503519971
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0d4ac4ccf8e3d5e992cf4bdb480a535693ef5bb594baebc285400fbb68eb231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Origin
https://simpleflying.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47402
x-xss-protection
0
server
cafe
etag
12321947344128567783
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:01 GMT
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-69.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70a56d478ee71622f0ac414dfbc5f955d43f7e92034162a8d0b3386cfe9fe27c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
YZdV5fxfFepRwmapo2SERbrmL2n7S0im
content-encoding
br
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
date
Sat, 17 Jun 2023 23:26:42 GMT
x-amz-cf-pop
IAD12-P4
age
1039
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:8ba61adb-ea04-455e-8168-3b272901ad09
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
34de369a7d8a1fbb78dd5844c50cfb7a
last-modified
Wed, 14 Jun 2023 14:26:37 GMT
server
AmazonS3
etag
W/"1874a8e373e1a1028c198f8b91e4db4b"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
49b826adaf8f2ca97554f0b64a4c7d4cb723c62dced0c414255eedc4e9a0d88e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
MoXHtsLOa7NZsJxweWML91cAmHVTy_u0uGYvU5MdP5wduc47AIZBiw==
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/launchpad-liveramp.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-46.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fd2f32ff8f7faa45f37f017373f5aed9e8fa2592777558dceb6279d2c6b6c1f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 00:01:05 GMT
x-amz-version-id
VvqJVCzWC9cYJoDPVy13QOu8VM9LBxBp
content-encoding
gzip
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
85377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Thu, 10 Nov 2022 02:33:21 GMT
server
AmazonS3
etag
W/"9d93d6cd945b5e534338bfebd1b8e074"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
-RK914Rn7iB4YbGmL_SHYhoMzIoFlhITkVn07S_7fF0Kn85VxtYmJA==
vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
adtechvideo.s3.amazonaws.com/ 		1 MB
310 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.203.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f6791bac7efd1272cf12bd2d89ea45a11de4135e34788233a41080d0a98f00f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2023 03:11:30 GMT
Server
AmazonS3
x-amz-request-id
0NSR8T34HW8NF2M3
ETag
"f3495dd62cbfd3d0b7bc15e36947e160"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
317319
x-amz-id-2
jSZydvJ71Ut+XW1s+4d0O7O+nxEB1jy+5/92cuco5AGkTl89FKIAslwTXFfduL7BI5Z4QnJhI6M=
adsninja_client_style.css
cdn.adsninja.ca/ 		69 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.adsninja.ca/adsninja_client_style.css?v=1686769452
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
1f1c75422838aaf1ac06897faeb7af3d942a9b0252c40075f476524d648aa333
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
cdn-edgestorageid
885
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
06/14/2023 19:09:51
cdn-pullzone
1352862
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Jun 2023 18:56:48 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"648a0d70-112df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
9d10e015c00898929864cf399e3dd857
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sf-logo-full-colored-light.svg
simpleflying.com/public/build/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simpleflying.com/public/build/images/sf-logo-full-colored-light.svg
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
83503f4c964c073a8f31f45073af0a649ffabdcb01b30afa073ca69b0df90045
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
W/"648cba75-116d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
expires
Sun, 16 Jun 2024 23:44:01 GMT
shutterstock_544193356.jpeg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/shutterstock_544193356.jpeg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
d80451c4105d3ecd7e2d85aa105dbf480dec92e5aa5a0904144969ef7871c26a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
cdn-edgestorageid
885
cdn-cachedat
06/17/2023 23:01:58
cdn-pullzone
1157359
content-disposition
inline; filename="shutterstock_544193356.avif"
content-length
5549
x-request-id
SBhKrwSaNlEXCAWgDt4mu
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"FrMc2gIFYxyjAzhSbanFDVRPrTt7X9G9FgPZa1frXlQ/RIlVuanhkZExoTXR6WEFMTlpOcEJBeHci"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
3eb586a177a800a872a7400f67f0449b
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
united-airlines-boeing-787-9-gru.jpeg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/united-airlines-boeing-787-9-gru.jpeg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
e98e9d3d7d3cc7a67d64da8d658f1f3bf693462000f38e0a220efe15a0aa3667

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
cdn-edgestorageid
885
cdn-cachedat
06/17/2023 23:01:58
cdn-pullzone
1157359
content-disposition
inline; filename="united-airlines-boeing-787-9-gru.avif"
content-length
5232
x-request-id
mY0FxRCzfjomZZ4TCgRb3
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"FrMc2gIFYxyjAzhSbanFDVRPrTt7X9G9FgPZa1frXlQ/RIjR4YUJGU2gxeUl5cnF4dEd3bUo5SEEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
745d5edc68061067ca2db2c8cef7dfee
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
a220-300-4-1.jpg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/a220-300-4-1.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
23c464fadfcd2607817d9557853fe366bf05f55ac80ebe3061b5a5416d9ddb0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
cdn-edgestorageid
885
cdn-cachedat
06/17/2023 20:00:29
cdn-pullzone
1157359
content-disposition
inline; filename="a220-300-4-1.avif"
content-length
6433
x-request-id
Ua8yBUjCcM1u5b7SPp6Rw
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"FrMc2gIFYxyjAzhSbanFDVRPrTt7X9G9FgPZa1frXlQ/RImFkQU5jNENmTG9JeDF3Ny1zMXZoTlEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
14f4cf89a0c9e911a6ef81846bb95f11
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
a-singapore-airlines-airbus-a380-flying-near-hong-kong-airport-the-global-guy.jpg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/06/a-singapore-airlines-airbus-a380-flying-near-hong-kong-airport-the-global-guy.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
c75d4722d45ef4e8d39fede2c1376c9f7efbf2b71d8d3defc59beb2ba90783e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
cdn-edgestorageid
885
cdn-cachedat
06/16/2023 06:03:51
cdn-pullzone
1157359
content-disposition
inline; filename="a-singapore-airlines-airbus-a380-flying-near-hong-kong-airport-the-global-guy.avif"
content-length
4136
x-request-id
5nytgtEX4GehoTPHsZgTb
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"FrMc2gIFYxyjAzhSbanFDVRPrTt7X9G9FgPZa1frXlQ/RIjZsZnhWY0dqR1VsbjA3U1dvX3NmTHci"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
86f20d6590a7a507ffd16a3f32bd225b
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
A350-1000-Qantas-RR-1-1.jpg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2021/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2021/10/A350-1000-Qantas-RR-1-1.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
7882e41ccb10a00a8c24f07c643f60e5b9fd16ed2dfb17110840694f8ab98dc7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
cdn-edgestorageid
885
cdn-cachedat
05/30/2023 05:31:10
cdn-pullzone
1157359
content-disposition
inline; filename="A350-1000-Qantas-RR-1-1.avif"
content-length
3398
x-request-id
RPTb4PSfhCXGCZc5CQqpH
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"FrMc2gIFYxyjAzhSbanFDVRPrTt7X9G9FgPZa1frXlQ/RImhWbzZpaUZNLVZha09jRUxIQWpuWVEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
33d1a5347d1c7445a130ae2f00c3c49f
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
flydubai-737-max.jpg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2023/05/flydubai-737-max.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
6eb64cf5a801bd8bb2c5908e421c10926404cd3626e73679d9a920f62897f480

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
cdn-edgestorageid
885
cdn-cachedat
06/16/2023 11:02:24
cdn-pullzone
1157359
content-disposition
inline; filename="flydubai-737-max.avif"
content-length
3119
x-request-id
46FlMcLZoocJC6Z4esGVE
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"FrMc2gIFYxyjAzhSbanFDVRPrTt7X9G9FgPZa1frXlQ/RImFKZF85bVROVlBOSW01cWlrTlU0aUEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
791bc3fd08a3b4e9150e6a2e2c150751
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
valnet-footer.9f3258ad.js
simpleflying.com/public/build/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/valnet-footer.9f3258ad.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a55a48946f665bc1c8f4602de633b55c690e509f943dc94c5ffd8c228f611154
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
W/"648cba75-959d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
expires
Sun, 16 Jun 2024 23:44:01 GMT
splide.min.js
simpleflying.com/public/build/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/splide.min.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fd62e97ce1efec8f038643c0fa0a54cff911926b8eab345bb14b1514c68e5c3d
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
W/"648cba75-746b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
expires
Sun, 16 Jun 2024 23:44:01 GMT
valnet-footer-article.4ee812bc.js
simpleflying.com/public/build/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/public/build/valnet-footer-article.4ee812bc.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
912745988b37a655bc569256f1da08432377a568a7f7787bd32f0f4ccbf3beb9
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
W/"648cba75-8648"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
expires
Sun, 16 Jun 2024 23:44:01 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 17 Jun 2023 22:11:08 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5573
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 18 Jun 2023 00:11:08 GMT
web-vitals.attribution.iife.js
unpkg.com/web-vitals@3.3.2/dist/
Redirect Chain
  • https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js
  • https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.attribution.iife.js
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.attribution.iife.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5cd15052f401e674a9cea67de971c439a14dd45736f8b22d099844b95512930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1675733
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H1KXSQYV3BK8618K91GBZF3S-mia
server
cloudflare
etag
W/"27e8-2gWdI0YqrvA4gfZD06zv9JAk+cY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7d8f2878490a333d-MIA

Redirect headers

date
Sat, 17 Jun 2023 23:44:01 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H35VKFYBTAYJAF23YWMS313B-mia
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
313
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.3.2/dist/web-vitals.attribution.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7d8f2877f876333d-MIA
v2xyeU02023jpHUkaYBTYEMAfVyrMk0u9J5aAYskuazU9BHpOquyvnaDf
childlikeform.com/ 		566 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://childlikeform.com/v2xyeU02023jpHUkaYBTYEMAfVyrMk0u9J5aAYskuazU9BHpOquyvnaDf
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7a4a1821040f0a1be976f533b94dc8f118cb4012a98ac05412370fc530e942cf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 17 Jun 2023 23:44:01 GMT
x-datacenter
gce-us-east1
etag
"a9c69e0d9b51613c36aba42e06f03680de3d7ec774a1577ca7b4fef27b7eb685"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-8xtj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
892946322
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2mui78IsM8f7gViD-fPSS9RYs7KnHoYawUOm45pS6wcGg5amIE0NXg8p7O3Rjy49KW86asuCNw
childlikeform.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://childlikeform.com/v2mui78IsM8f7gViD-fPSS9RYs7KnHoYawUOm45pS6wcGg5amIE0NXg8p7O3Rjy49KW86asuCNw
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
07f7623ff0bd43c0ba65ee22969804220771be5ca8f5d8ce8db672b40b51c1fd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Sat, 17 Jun 2023 23:44:01 GMT
x-datacenter
gce-us-east1
etag
"54c433dbb1a77886e1722dd42e4b319ae47977f7d0376bd2b9bb5d5c3d9602c2"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-8xtj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
892946322
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
269
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ref=
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe616befb0781a6ea8eef1f7f4bafa2948b6861a6e494bbf17d621bbe0ec8b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sat, 17 Jun 2023 23:17:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7d8f2878ff3e25a1-MIA
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df89ef26fd73c6f41bcd44e9bc7d8161ba328a788d516fd48a40ee28c16d9967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26452
x-xss-protection
0
server
cafe
etag
342 / 19525 / m202306130101 / config-hash: 4553594699066521459
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:01 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-67-228.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:04:24 GMT
content-encoding
gzip
via
1.1 98e30e5953336545df428a8f5923a288.cloudfront.net (CloudFront), 1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 18:14:55 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-P1
age
2378
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
__v7EbXzstKqeOBR6eYm6AkjEU8pshPnP-8gWa0r-5WVwq25rfq59Q==
segments.js
seg.ad.gt/api/v1/ 		0
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
cf-cache-status
HIT
server
cloudflare
age
645
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f2879681c3373-MIA
cookie-sync.html
mbid.marfeelrev.com/static/ Frame 0BEF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mbid.marfeelrev.com/static/cookie-sync.html
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.113.153.86 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl04.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 17 Jun 2023 20:44:01 ART
expires
0
last-modified
Thu, 08 Jun 2023 10:56:39 ART
pragma
no-cache
server
istio-envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
sf-logo-full-white.081c2fef.svg
simpleflying.com/public/build/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simpleflying.com/public/build/images/sf-logo-full-white.081c2fef.svg
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/public/build/article-regular.c6eb188c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2d90240e11d4b5ffa4eb64b32ce13346c990951dcc5fcbe9b25945b9b5360b2e
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/public/build/article-regular.c6eb188c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 19:39:33 GMT
server
nginx
etag
W/"648cba75-1146"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
expires
Sun, 16 Jun 2024 23:44:01 GMT
launchpad.bundle.js
launchpad.privacymanager.io/1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-69.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
gzip
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
date
Sat, 17 Jun 2023 23:42:36 GMT
x-amz-cf-pop
IAD12-P4
age
86
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
kc_bKFIekhlQ9sqSJWwYiBRKFjsj1Pnt61-Vq--tpB8hjACFKbV0hQ==
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_6100134
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 08:14:48 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
6967754
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
dLcSWDRhz0zEu3Sfh7c1UNkIkEYH6pwOqwxjiFMxl2k6icNncs0rtg==
cookie_sync
mbid.marfeelrev.com/ Frame 0BEF 		1 KB
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mbid.marfeelrev.com/cookie_sync
Requested by
Host: mbid.marfeelrev.com
URL: https://mbid.marfeelrev.com/static/cookie-sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.113.153.86 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl04.ovh.mrf.io
Software
istio-envoy /
Resource Hash
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d

Request headers

Referer
https://mbid.marfeelrev.com/static/cookie-sync.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
gzip
server
istio-envoy
content-type
application/json
access-control-allow-origin
https://mbid.marfeelrev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
435
expires
0
publisher:getClientId
ampcid.google.com/v1/ 		3 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simpleflying.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 17 Jun 2023 23:44:01 GMT
via
1.1 f88487c9214731db4c82619c9183bf7a.cloudfront.net (CloudFront), 1.1 2b72ec8519147ac56ddc0dd5ac0b0210.cloudfront.net (CloudFront)
x-amz-apigw-id
Gr_CTFwIjoEF1Tw=
x-amz-cf-id
dJpjos7_hR3Iut5H1Inxjf2RNq3FOyI0TtY_-toMcAktgeqFv2vjhQ==
x-amz-cf-pop
IAD89-C1 IAD66-C2
x-amzn-requestid
748315fe-1399-447c-8a86-a99082f7c35c
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		30 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

Accept
application/json
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Jun 2023 07:03:21 GMT
via
1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront), 1.1 2b72ec8519147ac56ddc0dd5ac0b0210.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, IAD66-C2
age
60040
x-amzn-requestid
1ba2d0a3-83ab-4bba-9702-26e95487c27c
x-amzn-trace-id
Root=1-648d5ab9-4fffabfd11bb4e803125e0f8;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Gpsc_GeQDoEF2AQ=
content-length
30
x-amz-cf-id
S0WXxfjM_o8IcX2srz7w6BzKtqKaSs7ByFsjKo7SBNK0p8R1k9wLtQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8382598503519971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fbfbc3b37056c5dc22515d23bfd811d3302c5a48d166b505322b65ed35a1ce5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120764
x-xss-protection
0
server
cafe
etag
10555098331013377741
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/ Frame 2845 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8382598503519971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
17299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 18:55:42 GMT
etag
15057649708203361565
expires
Sat, 01 Jul 2023 18:55:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatchredir
ssum.casalemedia.com/ Frame 0BEF
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mbid.marfeelrev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/usermatchredir?s=184550&cb=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
b-e09f10f-d93d43bf.js
tagan.adlightning.com/valnet/ 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15c8a0708e3db7938bb7d7a63b5c67abad96dde683cccef9b5254e82e203cf62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 16:35:59 GMT
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
x-amz-version-id
Zv9.b8J7cZOfuJGJyhlkBF6T85xjCqrA
x-amz-cf-pop
IAD89-P1
age
1062483
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28870
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:35:39 GMT
server
AmazonS3
etag
"82cf001d792438020a87c24097f91aa6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RwRIvyRJm4AFoLtTMIgOdJcu5HTIUTG9KTtceooY1gOvobJAJ4-ppw==
bl-255bb0a-215d450f.js
tagan.adlightning.com/valnet/ 		133 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/bl-255bb0a-215d450f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af037d5bbe80a293a473b05175fee0bb20527405cf6921aaf3035ce1776d5936

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 17:36:28 GMT
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
x-amz-version-id
t4GF6pUWMTGKed772mkUmPaKV3qPVbwO
x-amz-cf-pop
IAD89-P1
age
367654
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
42378
x-amz-meta-git_commit
255bb0a
last-modified
Tue, 13 Jun 2023 17:32:31 GMT
server
AmazonS3
etag
"1ccc4ee64c627acfcb3f2b10732a0db3"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3H6MmBB3WYKEuTVW-OUeP2wxIOIKNsfn1dwQcKEDtaEMFoyS50WwYQ==
collect
www.google-analytics.com/g/ 		0
172 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6HWFJ4EQLT&gtm=45je36e0&_p=1350175328&cid=282878327.1687045442&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687045441&sct=1&seg=0&dl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&dt=Two%20United%20Airlines%20Employees%20Charging%20With%20Stealing%20Marijuana%20From%20Passenger%20Luggage&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.post_id=2015400&ep.article_template=article&ep.browser_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&ep.author=lukas-souza&ep.jr_editor=&ep.sr_editor=jo.b&ep.primary_category=%7CAirline%20News%7CNorth%20America%7C&ep.tags=%7CUnited%20Airlines%7CSan%20Francisco%20International%20Airport%7CArrest%7C&ep.payment_category=mini_feature&ep.content_type=Mini%20Feature&ep.intent=Short-Term&ep.network_category=airlines&ep.is_amp_traffic=false&ep.template=content-all&ep.is_ad_block=false&ep.classification=Standard&ep.is_subscribed_premium=false&ep.subscription_plan=free&ep.ip_address=38.132.118.71&ep.date_published=20230617&ep.date_republished=20230617&ep.first_view=true&ep.first_visit=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/ 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 09:23:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
51645
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128933
x-xss-protection
0
server
cafe
etag
1396361306703029922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 16 Jun 2024 09:23:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simpleflying.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b139e7fdf16269fd2dd01c9791c4945fbe566f4567861a29442f0a80370f305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
517
x-xss-protection
0
expires
Sat, 17 Jun 2023 23:44:01 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1350175328&t=pageview&_s=1&dl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ul=en-us&de=UTF-8&dt=Two%20United%20Airlines%20Employees%20Charging%20With%20Stealing%20Marijuana%20From%20Passenger%20Luggage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KADAAEABAAQCACAAI~&jid=1169582725&gjid=1754057486&cid=282878327.1687045442&tid=UA-121433877-1&_gid=540269172.1687045442&_r=1&_slc=1&cd1=2015400&cd2=lukas-souza&cd3=&cd4=Airline%20News&cd5=Airline%20News&cd6=regular&cd7=1&cd8=all&cd9=&cd10=&cd11=false&cd12=native&cd13=article&cd14=2015400&cd15=lukas-souza&cd16=&cd17=jo.b&cd18=regular&cd19=all&cd20=false&cd21=1&cd22=false&cd23=native&cd24=desktop&cd25=38.132.118.71&cd26=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&cd27=20-24&cd28=20230617&cd29=&cd30=mini_feature&cd31=%7CAirline%20News%7CNorth%20America%7C&cd32=%7CUnited%20Airlines%7CSan%20Francisco%20International%20Airport%7CArrest%7C&cd33=MF&cd34=showAds&cd35=false&cd36=content-all&cd38=airlines&cd39=Mini%20Feature&cd40=Short-Term&cd41=20230617&cd43=not-logged&cd44=Standard&cd45=free&z=1272629319
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1350175328&t=event&_s=2&dl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ul=en-us&de=UTF-8&dt=Two%20United%20Airlines%20Employees%20Charging%20With%20Stealing%20Marijuana%20From%20Passenger%20Luggage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VVV&ea=VVV_playerLoad&_u=KADAAEABAAQCACAAI~&jid=&gjid=&cid=282878327.1687045442&tid=UA-121433877-1&_gid=540269172.1687045442&z=162784179
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 11:14:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44978
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://simpleflying.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=269&sync=1&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:02 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
4326
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7d8f287ce902dacd-MIA
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
269
p.ad.gt/api/v1/p/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/269
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17d3f0c15964206f7333086b43d5c1574d81b07503220af7f3c097654b11c7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 23:41:04 GMT
server
cloudflare
age
178
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7d8f287d0d8c6dad-MIA
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&adnxs_id=6163557896886539984&gdpr=0
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&adnxs_id=6163557896886539984&gdpr=0
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f28832ccf09ba-MIA
content-length
43
content-type
image/gif

Redirect headers

Date
Sat, 17 Jun 2023 23:44:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
496d9522-d941-475a-aac7-46807e795b7c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&adnxs_id=6163557896886539984&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001687045442-9N2D0XJT-EIUO&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001687045442-9N2D0XJT-EIUO&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f28831cc509ba-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001687045442-9N2D0XJT-EIUO
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001687045442-9N2D0XJT-EIUO
  • https://ids.ad.gt/api/v1/pbm_match?pbm=C9FE2347-10FF-4ABA-8761-C084B8379398&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=C9FE2347-10FF-4ABA-8761-C084B8379398&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f28831cc309ba-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=C9FE2347-10FF-4ABA-8761-C084B8379398&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
date
Sat, 17 Jun 2023 22:01:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ 		0
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001687045442-9N2D0XJT-EIUO&gdpr=0
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001687045442-9N2D0XJT-EIUO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001687045442...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001687045442-9N2D0XJT-EIUO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001687...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&ttd_puid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&tapad_id=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&tapad_id=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f28840e5909ba-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&tapad_id=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001687045442-9N2D0XJT-EIUO
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001687045442-9N2D0XJT-EIUO&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&google_gid=CAESEOk8Xm2DzTtsEDyymPXwYms&google_cver=1&google_ula=450542624,0
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&google_gid=CAESEOk8Xm2DzTtsEDyymPXwYms&google_cver=1&google_ula=450542624,0
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f28832ccc09ba-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&google_gid=CAESEOk8Xm2DzTtsEDyymPXwYms&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001687045442-9N2D0XJT-EIUO
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4NzA0NTQ0Mi05TjJEMFhKVC1FSVVP
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4NzA0NTQ0Mi05TjJEMFhKVC1FSVVP
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4NzA0NTQ0Mi05TjJEMFhKVC1FSVVP
date
Sat, 17 Jun 2023 23:44:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f287cfbf409ba-MIA
content-type
text/html; charset=utf-8
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&uid=548f579a-2e91-4164-a201-9f750b993513&gdpr=0
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&uid=548f579a-2e91-4164-a201-9f750b993513&gdpr=0
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:02 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f287f1eff09ba-MIA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-83
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&uid=548f579a-2e91-4164-a201-9f750b993513&gdpr=0
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26auid%3DAU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26auid...
  • https://ids.ad.gt/api/v1/openx?openx_id=b0830b6a-04da-4048-a541-7abe3d007512&id=AU1D-0100-001687045442-9N2D0XJT-EIUO&auid=AU1D-0100-001687045442-9N2D0XJT-EIUO
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=b0830b6a-04da-4048-a541-7abe3d007512&id=AU1D-0100-001687045442-9N2D0XJT-EIUO&auid=AU1D-0100-001687045442-9N2D0XJT-EIUO
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f28831cc109ba-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 17 Jun 2023 23:44:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://ids.ad.gt/api/v1/openx?openx_id=b0830b6a-04da-4048-a541-7abe3d007512&id=AU1D-0100-001687045442-9N2D0XJT-EIUO&auid=AU1D-0100-001687045442-9N2D0XJT-EIUO
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001687045442-9N2D0XJT-EIUO%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&sas_uid=[sas_uid]&gdpr=0&cklb=1
0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Server
216.22.16.8 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:01 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6HWFJ4EQLT&gtm=45je36e0&_p=1350175328&cid=282878327.1687045442&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1687045441&sct=1&seg=0&dl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&dt=Two%20United%20Airlines%20Employees%20Charging%20With%20Stealing%20Marijuana%20From%20Passenger%20Luggage&en=FCP&_ee=1&ep.post_id=2015400&ep.article_template=article&ep.browser_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&ep.author=lukas-souza&ep.jr_editor=&ep.sr_editor=jo.b&ep.primary_category=%7CAirline%20News%7CNorth%20America%7C&ep.tags=%7CUnited%20Airlines%7CSan%20Francisco%20International%20Airport%7CArrest%7C&ep.payment_category=mini_feature&ep.content_type=Mini%20Feature&ep.intent=Short-Term&ep.network_category=airlines&ep.is_amp_traffic=false&ep.template=content-all&ep.is_ad_block=false&ep.classification=Standard&ep.is_subscribed_premium=false&ep.subscription_plan=free&ep.ip_address=38.132.118.71&ep.date_published=20230617&ep.date_republished=20230617&ep.first_view=true&ep.first_visit=true&ep.event_category=Web%20Vitals&epn.value=884&ep.event_label=v3-1687045441353-4818605827048&ep.non_interaction=true&ep.metric_id=v3-1687045441353-4818605827048&epn.metric_value=883.7000007629395&epn.metric_delta=883.7000007629395&ep.metric_rating=good&ep.debug_target=&ep.debug_event=&ep.debug_timing=dom-interactive&ep.event_time=&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		399 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=simpleflying.com&callback=_gfp_s_&client=ca-pub-8382598503519971
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfaca3c1c41869a9bdc66c6441a1940bca0f43ee7198ecce5742a01580bb196a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simpleflying.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B3B7 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8382598503519971&output=html&adk=1812271804&adf=3025194257&lmt=1687045442&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687045441501&bpp=6&bdt=808&idt=498&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6201800679988&frm=20&pv=2&ga_vid=282878327.1687045442&ga_sid=1687045442&ga_hid=1350175328&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074581%2C44785293%2C44788441%2C44793499&oid=2&pvsid=293734283596395&tmod=689782547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=529
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:02 GMT
expires
Sat, 17 Jun 2023 23:44:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		2 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-121433877-1&cid=282878327.1687045442&jid=1169582725&gjid=1754057486&_gid=540269172.1687045442&_u=KADAAEAAAAQCACAAI~&z=417143660
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 17 Jun 2023 23:44:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.578.0_en.html
imasdk.googleapis.com/js/core/ Frame 3520 		709 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
295479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231472
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 13:39:23 GMT
expires
Thu, 13 Jun 2024 13:39:23 GMT
last-modified
Wed, 07 Jun 2023 16:35:26 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 23:44:02 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-67-228.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 14:03:45 GMT
x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 b9d1b307966c2273bf97ed7c681603da.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
age
34818
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wtHFwxs4RFV0pS4H3UyJQi-OkcOTtuq3Pz9Pp6ShjDB4tI_CHu6L4g==
ats.js
ats-wrapper.privacymanager.io/ats-modules/965715a0-f091-439e-a69e-257f7950b03c/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/965715a0-f091-439e-a69e-257f7950b03c/ats.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-112.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6db6ee13cbd4ea6c78a0cda0b67c6f6e0bf257a30ea465ad28a7772538804f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:05:53 GMT
content-encoding
gzip
via
1.1 32c5b7040885724e78019cc31f0ef3e8.cloudfront.net (CloudFront)
x-amz-version-id
ISXrkvTuA1ER.aYExjx8A3KFdHwaPvaB
last-modified
Mon, 29 May 2023 11:02:49 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C2
age
2290
x-amz-server-side-encryption
AES256
etag
W/"cf3c1802a19965e645537acbcc04dd8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
0-TLm5ML8KurCgkIPLv_3XyTCu1pHXdciQSiZXJX3hjihPNaVdEqlw==
setuid
mbid.marfeelrev.com/ Frame 0BEF
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D
  • https://mbid.marfeelrev.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=a01d9dc0-34c9-4c5d-9d36-aefbab24789b
86 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=a01d9dc0-34c9-4c5d-9d36-aefbab24789b
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
148.113.153.86 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl04.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mbid.marfeelrev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://mbid.marfeelrev.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=a01d9dc0-34c9-4c5d-9d36-aefbab24789b
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
63d9423e62fc3-projectRssVideoFile.mp4
video.adsninja.ca/valnetinc/SimpleFlying/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.adsninja.ca/valnetinc/SimpleFlying/63d9423e62fc3-projectRssVideoFile.mp4
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-940 /
Resource Hash

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 17 Jun 2023 23:44:02 GMT
cdn-edgestorageid
1029
Content-Range
bytes 0-37075154/37075155
cdn-cachedat
02/01/2023 11:03:14
cdn-pullzone
1129941
Content-Length
37075155
last-modified
Wed, 01 Feb 2023 11:00:14 GMT
server
BunnyCDN-IL1-940
cdn-proxyver
1.03
cdn-requestpullcode
206
content-type
video/mp4
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
1a366afe16ebd3a3f4b595eb8fa9dce1
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-121433877-1&cid=282878327.1687045442&jid=1169582725&_u=KADAAEAAAAQCACAAI~&z=1764664370
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
444319
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm4hV6TFeAAs1Ci28sbAS40DMe8ZmYv%2BBhedreFAJXM19aMp9Uz4mNGPtODmMOJWSu7f5TYfSS0mbA%2BWnLoq1DJ4uZxjkWIkqY4YccjLXKyV9gdypM52jrrrDZ4aRr2zqn3uBn8I8uvYJaPT"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7d8f2881db8a3353-MIA
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?u=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&pid=8z0lNzn4WEbHJ&cb=0&ws=1600x1200&v=23.612.1758&t=3000&slots=%5B%7B%22id%22%3A%22outstream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.97.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-97-179.iad55.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:02 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 170caffbbbc9abe2c5fd15f4f58b75b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD55-P4
x-amz-rid
CZH95TWAZZW0GT39P4M7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Cw58QMnYINBIPjtNx0rG-DMZk_a3aOnakce_0LlXI3kZkd4F6X-NSw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:16:39 GMT
via
1.1 google
age
1644
x-guploader-uploadid
ADPycdsV7Fy2-ijgemW2J1G8qA37Xm89Ig3mBNTt2HIwYtjxkstDNnoyCbaBb50UljhAAkd4AZlZJ76Z_9Ky89HCYj5nsQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Sun, 18 Jun 2023 00:16:39 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 20:50:11 GMT
content-encoding
gzip
via
1.1 edc440dfdd4dccb638ead805c7f4dbfe.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
10433
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
BX2KVfe4Uk34NrHORKj2b94SjA4F-AbkEAgcfv4-g4IyPH8T79OYCg==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
WNM59M1TNTMSZTHB
age
910
etag
W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d8f2883aaec3360-MIA
x-amz-id-2
0ekSXAUNw3ayCRJhrvXOOlPuZW3TQAgDyEbIjZb9RoTdGN3iwIUc+BL8ixzTq0wg6EVZLOqhtOo=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:b200:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
Date
Sat, 17 Jun 2023 09:16:59 GMT
Via
1.1 15f09804612e4aac31f0c8eddf17791a.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD79-C1
Age
52025
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
R4BGlTQ9IuVo6KzdWBtAwoA2XEY5t8d0i7H8IlD8wBarE3Faez9i4Q==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 23:44:03 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://simpleflying.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://simpleflying.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sat, 17 Jun 2023 23:44:03 GMT
hb-multi
hb.yellowblue.io/ 		105 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.23.116.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-116-45.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f977366aadaeefc4def7e12eac57a6f31d836fc2c052580d6c00e056fa50dd21

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://simpleflying.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
translator
hbopenbid.pubmatic.com/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
70f7ae5fb05d15ce59e917ead35c7a316c1d9a8dd0eaacd036ee704b48eb66e5

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
/
ghb.sync.viewdeos.com/auction/ 		652 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.sync.viewdeos.com/auction/?domain=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&callbackId=7e723e6b315f98&aid=819583&ad_type=video&sizes=728x410
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
af65f0066d59a8ddcc52bf8f0ae23db5790e6e04f96a9a1f12a39ec294877fb8

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simpleflying.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
420
/
shb.richaudience.com/hb/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=925706
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030cc88df99e1877769b6a885ca17d79a241c186f777617a735be6dc9e9bdce1

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WCXH3abafemIv2lcgTsM205zet8wXHq9I38RyUezh6%2BZDeyvtxkUwf%2BC3HagjPKKHIBj8FRS%2B5cjyT0nwFWGVU4eGs6lhYsDoESqGPUEjfZCI6YytQZw%2F7imem7ctZu%2BsaBs07b"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28836c069aef-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
avjp
valnetbidder-d.openx.net/v/1.0/ 		106 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://valnetbidder-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bfd53e82-c11d-401b-8792-117befaf0f84&nocache=1687045443012&gdpr=0&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A410%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22delivery%22%3A%5B2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A3%2C%22startdelay%22%3A0%2C%22skippable%22%3Atrue%2C%22maxduration%22%3A200%2C%22minduration%22%3A1%7D%7D%5D%7D&auid=558480216&vwd=728&vht=410&vmimes=video%2Fmp4%2Cvideo%2Fwebm%2Capplication%2Fjavascript&aucs=%252F39363775%252Fvvv_desktop_640x480
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://simpleflying.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		45 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU8C5QS6
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c745af262bb234df7cd3686092304300ecd91fcbe667f47b5499e4d1c8aa2473

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Jun 2023 23:44:03 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		245 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.229.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-229-175.compute-1.amazonaws.com
Software
/
Resource Hash
ed6e154d55195a678994b763e89227c00f5b491c7950d6cbe2a5ddb239994730

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
x-prebid
pbs-java/1.120.0
content-type
application/json
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
211
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.229.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-229-175.compute-1.amazonaws.com
Software
/
Resource Hash
7a30f9b8afe39e954620cd7d542343eb30c5a7e60c3bf8e3a9fffcc5ae1cf92d

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
x-prebid
pbs-java/1.120.0
content-type
application/json
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
tlx.3lift.com/header/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&tmax=3000&gdpr=false&us_privacy=1---
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.10.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-10-219.compute-1.amazonaws.com
Software
/
Resource Hash
4dcda430b932876dbffe534559a285b3276bb26aef30d2d83fce9af1d2a4f1b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1373
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f0474c935a5ae34bd79cf022a9521b4ba401f40523662a7c2f0dd414e67fdb

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sat, 17 Jun 2023 23:44:03 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1308
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d8f28839b9fdb1d-MIA
expires
0
63ce9fce41df0f228dc3da9e
prebid.cootlogix.com/prebid/multi/ 		0
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/63ce9fce41df0f228dc3da9e
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.127.82 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
6440335ca9ef8f20f1bae7fc
prebid.cootlogix.com/prebid/multi/ 		0
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/6440335ca9ef8f20f1bae7fc
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.127.82 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
unruly_prebid
targeting.unrulymedia.com/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://simpleflying.com
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:02 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		24 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1e7a028bee0fec73901bbbf2a5bcd4652907198034c916ccea3a7693153df269
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3da236a5-d68d-4a53-9c7c-466624f2b1f7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://simpleflying.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33561936&componentId=prebid&componentSubId=mustang&timestamp=1687045443031&pKey=1921486588&_fw_gdpr_consent=undefined&_fw_gdpr=false&_fw_us_privacy=1---&loc=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&playerSize=728x410
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://simpleflying.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1687045443848020-279
bid
krk.kargo.com/api/v2/ 		2 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%229f840587-8106-4171-95e6-94eb108fa288%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1687045443033%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2242263a2f5be7beb%22%3A%22_id6FLf6yhu%22%7D%2C%22bidSizes%22%3A%7B%2242263a2f5be7beb%22%3A%5B%5B728%2C410%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22tagid%22%3A%22_id6FLf6yhu%22%2C%22placementId%22%3A%22_id6FLf6yhu%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22bfd53e82-c11d-401b-8792-117befaf0f84%22%2C%22data%22%3A%7B%22pbadslot%22%3A%22%2F39363775%2Fvvv_desktop_640x480%22%7D%2C%22gpid%22%3A%22%2F39363775%2Fvvv_desktop_640x480%22%7D%7D%2C%22mediaTypes%22%3A%7B%22video%22%3A%7B%22api%22%3A%5B1%2C2%2C7%5D%2C%22delivery%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22context%22%3A%22instream%22%2C%22sizes%22%3A%5B%5B728%2C410%5D%5D%2C%22playerSize%22%3A%5B%5B728%2C410%5D%5D%2C%22battr%22%3A%5B9%2C10%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A5%2C%22maxDuration%22%3A200%2C%22minDuration%22%3A1%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22pos%22%3A1%2C%22startdelay%22%3A0%2C%22skippable%22%3Atrue%2C%22skipafter%22%3A5%2C%22maxduration%22%3A200%2C%22minduration%22%3A1%7D%7D%2C%22adUnitCode%22%3A%22vvv_desktop_640x480%22%2C%22transactionId%22%3A%22bfd53e82-c11d-401b-8792-117befaf0f84%22%2C%22sizes%22%3A%5B%5B728%2C410%5D%5D%2C%22bidId%22%3A%2242263a2f5be7beb%22%2C%22bidderRequestId%22%3A%224152fbd4dd71978%22%2C%22auctionId%22%3A%22628cd295-aad3-42ea-b54d-b63ef532f3ff%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22requestBids.usp%22%3A0.20000076293945312%2C%22requestBids.gdpr%22%3A0.10000228881835938%2C%22requestBids.fpd%22%3A0.09999847412109375%2C%22requestBids.validate%22%3A0.5%2C%22requestBids.makeRequests%22%3A3.700000762939453%2C%22adapter.client.validate%22%3A0.09999847412109375%2C%22adapters.client.kargo.validate%22%3A0.09999847412109375%7D%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F%22%2C%22domain%22%3A%22simpleflying.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simpleflying.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22gdpr%22%3A%7B%22consent%22%3A%22%22%2C%22applies%22%3Afalse%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.38.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-38-144.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:03 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
510
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simpleflying.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.209.30.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-30-160.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
2b2af80092bd9e4a81a727c3efdcfa9e2978d1e1c0cb7e3cd51804ea254afe37

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://simpleflying.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=269&sync=1&domain=simpleflying.com&url=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simpleflying.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7d8f2883b9f98dc7-MIA
content-length
0
content-type
application/json
date
Sat, 17 Jun 2023 23:44:03 GMT
debug
OPTIONS block
expires
Sun, 16 Jun 2024 23:44:03 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		101 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=269&sync=1&domain=simpleflying.com&url=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?partner_id=269&sync=1&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed4b4847c011f22240c3811fc0f85e1f36c720936c503a82037fe8f19656b9f8

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7d8f28843ac98dc7-MIA
42a7b6581e153bdd8864542f9df8d375873804f734a4c3cca9a9
childlikeform.com/0/ 		198 B
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://childlikeform.com/0/42a7b6581e153bdd8864542f9df8d375873804f734a4c3cca9a9
Requested by
Host: childlikeform.com
URL: https://childlikeform.com/v2xyeU02023jpHUkaYBTYEMAfVyrMk0u9J5aAYskuazU9BHpOquyvnaDf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f82dfff7e95689b8fb8949b551fb8e3cbe856f6105551abac116704deb1af382
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 17 Jun 2023 23:44:03 GMT
via
1.1 google
x-buildnumber
892946322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simpleflying.com
x-hostname
fen-hoothoot-us-east1-spot-8xtj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 17 Jun 2023 23:44:02 GMT
/
geo.privacymanager.io/ 		30 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/965715a0-f091-439e-a69e-257f7950b03c/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 07:03:21 GMT
via
1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront), 1.1 2b72ec8519147ac56ddc0dd5ac0b0210.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, IAD66-C2
age
60042
x-amzn-requestid
1ba2d0a3-83ab-4bba-9702-26e95487c27c
x-amzn-trace-id
Root=1-648d5ab9-4fffabfd11bb4e803125e0f8;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Gpsc_GeQDoEF2AQ=
content-length
30
x-amz-cf-id
oGbW4MkuhpGLtHYszqXNxZAS1BxV3Y00LNP-vHslFhoeAVbgGLEi3A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 09:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 18 Jun 2023 00:31:30 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:03:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
2460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 18 Jun 2023 00:03:03 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49a88463ce77145af4245e8f83404a26f05b8c61f87303c54cf04556325b4378
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77806
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Jun 2023 23:44:03 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b29786450c85484f9210f397a526be2cef7af07425fee5637742b54f92bbcf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77776
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Jun 2023 23:44:03 GMT
collect
a.ad.gt/api/v1/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f28841a3567bd-MIA
vary
Origin
content-type
text/html; charset=utf-8
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=7957b3e821ef5f984d1ab0a5e4dbdbac&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&code=%27none%27
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f28848d3e2206-MIA
content-type
text/html; charset=utf-8
segments
seg.ad.gt/api/v1/ 		16 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fsimpleflying.com%252Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%252F&partner_id=269&tagger_id=7957b3e821ef5f984d1ab0a5e4dbdbac&au_id=AU1D-0100-001687045442-9N2D0XJT-EIUO
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cf-ray
7d8f28841ee32209-MIA
content-length
16
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
987565
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WqobJyungV7kOVQU%2FmdTbfFF%2FpjmgJO561SYJYFIAI9Ec8ES4jQDGF7dO0ntFFACZ9iQ5TmlO6QMbOSnuo7Gg48pfZIs5JD2wf9zlhKmuk8ohnOZuplFQPNWSuT40j1ly9pSgOiQ1xL6964"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7d8f28841b7a336e-MIA
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://simpleflying.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://simpleflying.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 17 Jun 2023 23:44:03 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
c29d91ef4acf717e3dc6c8e73c41fc87
encrypt
esp.rtbhouse.com/ 		285 B
380 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e4ec878435c52160eee9f38c62cfbc0389f51b3bbd2e5ca2dfff9df893a3fa06

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
180a936f0f77259331ba1d250a174441
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
setuid
mbid.marfeelrev.com/ Frame 0BEF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy=
  • https://mbid.marfeelrev.com/setuid?bidder=rubicon&uid=LJ0NAQAS-1X-L7LS
86 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=rubicon&uid=LJ0NAQAS-1X-L7LS
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
148.113.153.86 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl04.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mbid.marfeelrev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://mbid.marfeelrev.com/setuid?bidder=rubicon&uid=LJ0NAQAS-1X-L7LS
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
map
bcp.crwdcntrl.net/6/ 		156 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.28.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-28-63.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2473b2e1fb6a01765f23ce60c544a41d838bd2b0cb00df3b433f941e08a75029

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
x-server
10.40.2.100
access-control-allow-credentials
true
content-length
156
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
d88eeab426b097a754eec8f9a1aaa20139fa6f0c81e3888d6c05326aeaafda93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ce12168095098c8e1120f0a37dcd2fd00a3888
childlikeform.com/7f9e02ba7fa2b5/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://childlikeform.com/7f9e02ba7fa2b5/ce12168095098c8e1120f0a37dcd2fd00a3888
Requested by
Host: childlikeform.com
URL: https://childlikeform.com/v2xyeU02023jpHUkaYBTYEMAfVyrMk0u9J5aAYskuazU9BHpOquyvnaDf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 17 Jun 2023 23:44:03 GMT
via
1.1 google
x-buildnumber
892946322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simpleflying.com
x-hostname
fen-hoothoot-us-east1-spot-8xtj
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5484 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99782
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 17 Jun 2023 23:44:03 GMT
expires
Mon, 19 Jun 2023 03:27:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.44.237.135, 4.7.166.102
x-check-cacheable
YES
x-serial
66383
cache
prebid.adnxs.com/pbc/v1/ 		63 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a9bc468c0f4ee843c7c2bcdb2e265a5a00ffef49dfd78f8dbc41a4a8df1d340a

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simpleflying.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
halo_match
ids.ad.gt/api/v1/ 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001687045442-9N2D0XJT-EIUO&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d8f2885081409ba-MIA
content-length
43
content-type
image/gif
cache
prebid.adnxs.com/pbc/v1/ 		63 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8bcd3010c70c56166f62ee901d9c80b42ee5d157044ddf80d16c9e91f7d0fabc

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simpleflying.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ 		63 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1b983748b07b3685171d73b6a0a4cfcbf1842daf2a925460c70e7b35a5249f8e

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simpleflying.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ 		63 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
91a1369ad08ca0d13ceab5762030af1c6a0213b3d74cea2c241c47cbe880cc75

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simpleflying.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ 		63 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5d4930cebc5a4d22f65666e9f61761a0bf2f84449ba66d7d62104bfb0c013a56

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simpleflying.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
syncframe
gum.criteo.com/ Frame A390 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simpleflying.com&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:03 GMT
server
Kestrel
server-processing-duration-in-ticks
514086
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
setuid
mbid.marfeelrev.com/ Frame 0BEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6163557896886539984
86 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6163557896886539984
Protocol
H2
Server
148.113.153.86 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl04.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mbid.marfeelrev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
expires
0

Redirect headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
70bedd1b-597a-43ff-bf1e-ee12130e2350
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6163557896886539984
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cache
prebid.adnxs.com/pbc/v1/ 		63 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c6f6d34006257570c88e416a629994167f6a4e90a57d69220a9a3ed6100a8064

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simpleflying.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ 		63 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b36c010d5e758ae6c84118f17004459702f01635b232aa2e88a4631ba1841ec2

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simpleflying.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
PugMaster
image6.pubmatic.com/AdServer/ Frame 5484 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21126105&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
399a9a4cddb63b433af744fbcb0688ffc74c19fca89b5a351de59dcc62b4793c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sid
mug.criteo.com/ Frame A390
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=simpleflying.com&sn=ChromeSyncframe&so=0&topUrl=simpleflying.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=21dH3XxzRU5WQTUrQ1RYdDNiUU4yNExnV1licVlCSXdzR0Z2WXgxWFNQSHZhYlJjQ3pTZkhJUEpHN3l3OWQ3cEE2RTBBdzJzYkVINGlOaEUwUWs4cjdZc3VVWkl3TWtuZ0hMeldNanNrQW0wK01iV3JiZ0NKbENSUnVneU...
471 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=21dH3XxzRU5WQTUrQ1RYdDNiUU4yNExnV1licVlCSXdzR0Z2WXgxWFNQSHZhYlJjQ3pTZkhJUEpHN3l3OWQ3cEE2RTBBdzJzYkVINGlOaEUwUWs4cjdZc3VVWkl3TWtuZ0hMeldNanNrQW0wK01iV3JiZ0NKbENSUnVneUZoVmYwaktKdUZoSjl2NEVWQVpsdmtDN2lKSElWTGdDMFVrNy9pQXZUTDJSditzQVdoZWc4S2lJSWRGWWZTVUtCekllSnRvcmxVZXZtQmRYZlFyMjR1VFovSzhhbEJ5Tm9iK3JicXNkdmZEN0lORWRQM2orYmRHdUpzZlQ2UE9OTk5UNFUvQ3lGZTlFVlJmMHlGeDlhWDl1bkN1YTFRSlFuN2F5QWxzT2FtdVVwaDFLVGJkYz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e5fbdbd0abe382655a14688d2462c7da24c0d4b740826831ef33c66c0c772c64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1695490
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=21dH3XxzRU5WQTUrQ1RYdDNiUU4yNExnV1licVlCSXdzR0Z2WXgxWFNQSHZhYlJjQ3pTZkhJUEpHN3l3OWQ3cEE2RTBBdzJzYkVINGlOaEUwUWs4cjdZc3VVWkl3TWtuZ0hMeldNanNrQW0wK01iV3JiZ0NKbENSUnVneUZoVmYwaktKdUZoSjl2NEVWQVpsdmtDN2lKSElWTGdDMFVrNy9pQXZUTDJSditzQVdoZWc4S2lJSWRGWWZTVUtCekllSnRvcmxVZXZtQmRYZlFyMjR1VFovSzhhbEJ5Tm9iK3JicXNkdmZEN0lORWRQM2orYmRHdUpzZlQ2UE9OTk5UNFUvQ3lGZTlFVlJmMHlGeDlhWDl1bkN1YTFRSlFuN2F5QWxzT2FtdVVwaDFLVGJkYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
268522
content-length
0
expires
0
strpixel.png
simpleflying.com/ 		103 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simpleflying.com/strpixel.png?time=1687045443601&type=pageVisit&permalink=/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/public/build/valnet-footer.9f3258ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Mar 2023 20:21:18 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"64064b3e-67"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
103
x-xss-protection
1; mode=block
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fsimpleflying.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-67-228.iad89.r.cloudfront.net
Software
Server /
Resource Hash
b294430cb745af4f3b3c238014bded2b9789fdc73f0a5a6720a8f2ba2a09e17f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:06:27 GMT
via
1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-P1
age
2256
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3258
x-amz-cf-id
LWRoXr8_1H6s8hhdnXXrI7WPue34BIf3i_Y85aH41K21FCaNQwRpnw==
bid
aax.amazon-adsystem.com/e/dtb/ 		265 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3741&u=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&pid=8z0lNzn4WEbHJ&cb=1&ws=1600x1200&v=23.612.1758&t=3000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1553804529761-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F39363775%2FSimpleFlying%2FArticle_InContent_Desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1619031514790-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F39363775%2FSimpleFlying%2FArticle_Sticky_Desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1551123852005-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F39363775%2FSimpleFlying%2FArticle_Rail_Desktop%22%7D%2C%7B%22sd%22%3A%22adsninja-ad-unit-connectedBelowAd-5f45a6cc13d328%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F39363775%2FSimpleFlying%2FArticle_InContent_Desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1494450502098-ccr%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F39363775%2FSimpleFlying%2FArticle_InContent_Desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1539626823080-0%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F39363775%2FSimpleFlying%2FArticle_Rail_Desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1494450502098-ccr-REPEAT2%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F39363775%2FSimpleFlying%2FArticle_InContent_Desktop%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22SimpleFlying%22%2C%22ext%22%3A%7B%22template%22%3A%22content-all%22%2C%22cat%22%3A%22%7CAirline%20News%7CNorth%20America%7C%22%2C%22postID%22%3A%222015400%22%7D%7D%7D%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.97.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-97-179.iad55.r.cloudfront.net
Software
Server /
Resource Hash
ecaf3992ae484295aaab88b2145d0f96e5e4449802fd656ceb5cfd4eb99eed9c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 170caffbbbc9abe2c5fd15f4f58b75b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD55-P4
x-amz-rid
HYWBP4GFMD5E6375RGXM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
265
x-amz-cf-id
BbacckH54HR3-Xv4WBZZc_DVRcGbMFTW4bq77FAEQUwxs7SATaX1wg==
bid-request
a.teads.tv/hb/ 		16 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.101.144 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-101-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://simpleflying.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 17 Jun 2023 23:44:03 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.209.30.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-30-160.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
15c12c07eceea30b283cc82fc145e96b4fc32bf9c6eefed18c8828abdff4ce9a

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://simpleflying.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-request
onetag-sys.com/ 		15 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://simpleflying.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
16
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		174 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760e11f9e1446be6cbe6f17cc745148b482c8b998db6a4936d3288099878292d

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sat, 17 Jun 2023 23:44:03 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1220
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d8f288749cadb1d-MIA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		111 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a0a04decb8a1dfc45e0616996165b47ad678a936df61371d87bb2556f02fb8aa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
139e4de8-09f1-4cf4-ba8e-dc309e47faac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://simpleflying.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.79.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-79-114.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
auction
pbs.nextmillmedia.com/openrtb2/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
x-prebid
pbs-go/nextmillmedia/41.27.17
vary
Origin
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
x-prebid
pbs-go/nextmillmedia/41.27.17
vary
Origin
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
x-prebid
pbs-go/nextmillmedia/41.27.17
vary
Origin
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
x-prebid
pbs-go/nextmillmedia/41.27.17
vary
Origin
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
x-prebid
pbs-go/nextmillmedia/41.27.17
vary
Origin
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
e80a0699160dedb6b33215c2a7744e35f1286817467a0e2a710404a6f28beec9

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
content-encoding
gzip
x-prebid
pbs-go/nextmillmedia/41.27.17
vary
Origin
content-type
application/json
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
x-prebid
pbs-go/nextmillmedia/41.27.17
vary
Origin
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
tlx.3lift.com/header/ 		43 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.52.0&referrer=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&tmax=3000&gdpr=false&us_privacy=1---
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.10.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-10-219.compute-1.amazonaws.com
Software
/
Resource Hash
77c975598e279e2ddc859a389485846aa2d8bcd1476a06a584a4e5c1b402cc7a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
13299
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
6402f360dde0ec3d3a7e216c
exchange.cootlogix.com/prebid/multi/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/6402f360dde0ec3d3a7e216c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.25.23 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
6402f360dde0ec3d3a7e216c
exchange.cootlogix.com/prebid/multi/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/6402f360dde0ec3d3a7e216c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.25.23 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
6402f360dde0ec3d3a7e216c
exchange.cootlogix.com/prebid/multi/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/6402f360dde0ec3d3a7e216c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.25.23 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
6402f360dde0ec3d3a7e216c
exchange.cootlogix.com/prebid/multi/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/6402f360dde0ec3d3a7e216c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.25.23 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
6402f360dde0ec3d3a7e216c
exchange.cootlogix.com/prebid/multi/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/6402f360dde0ec3d3a7e216c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.25.23 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
6402f360dde0ec3d3a7e216c
exchange.cootlogix.com/prebid/multi/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/6402f360dde0ec3d3a7e216c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.25.23 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
6402f360dde0ec3d3a7e216c
exchange.cootlogix.com/prebid/multi/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/6402f360dde0ec3d3a7e216c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.25.23 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
prebid.media.net/rtb/ 		61 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU8C5QS6
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
76aca20f77589c6a273a3ce797840106e990fba56f7331aebf2056d053ce882f

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Jun 2023 23:44:03 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=762935
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c155552948d49de92133f2762d6268ec03ebd3520050d483b224e2cf392cf5c

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tDVA3D%2BQ9yJr9BfCA8z62vwOksqeczCWtPMhdj87wm%2FGdqHEWRc93Zq5ugxoU%2BnFVCEUbe%2Bc2wzUYTChDV1MJglBNS1RfTpUvJXlIC%2BQ4zrPdJjct4nVTuP1%2Bybgzqr9Csdwo4Z"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28876d2e9aef-MIA
alt-svc
h3=":443"; ma=86400
expires
0
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1687045443731&to=0&aun=div-gpt-ad-1619031514790-0&hadronId=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&pubcid=d62c0496-47d4-45b0-8890-2d8087a5f7f1&gpid=%2F39363775%2FSimpleFlying%2FArticle_Sticky_Desktop%23div-gpt-ad-1619031514790-0&t=8wyqry48&pi=2&gdprApplies=0&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.52.0%22%7D&ogu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ns=9421
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.149.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-149-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
50d63f01f76aa704e7f3b7e46c89b92514215f6ae5a76bc77cd9f7a106ebd873

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=28618;28626;28625;28613;28618;28624;28618
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230614&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a836ddb3e998b53d9156ff23584bb76bc077307a4e5a4509c8212967fe670fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11136
x-xss-protection
0
518.json
id5-sync.com/g/v2/ 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/518.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
5329f3b1120575147174b6eede9cc31b813c236a18fad60dfbec13b0e6dca36e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
987565
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpI76T%2BTA%2FcZfx0vHVnXelc2L5KCBdbdDoD%2FNmOkwvGLIlAa5WuLxkdQb9RI1WGL3kC0Xbx%2BA1xntmNtMIo%2B4%2FMAukVgfeOtoq%2BMXikC6SmUUXNDQzMEoMykU61%2F%2FhnTsRD3vkxg1pVUsa5O"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7d8f288789e5336e-MIA
collect
analytics.google.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FVWZ0RM4DH&gtm=45je36e0&_p=1350175328&_gaz=1&cid=282878327.1687045442&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687045443&sct=1&seg=0&dl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&dt=Two%20United%20Airlines%20Employees%20Charging%20With%20Stealing%20Marijuana%20From%20Passenger%20Luggage&en=TTFB&_fv=1&_ss=1&_ee=1&ep.dimension1=AU1D-0100-001687045442-9N2D0XJT-EIUO&ep.dimension3=269&ep.dimension4=simpleflying.com&ep.dimension5=%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ep.event_category=Web%20Vitals&ep.first_view=true&epn.value=333&ep.event_label=v3-1687045441353-5049090195914&ep.non_interaction=true&ep.metric_id=v3-1687045441353-5049090195914&epn.metric_value=332.8000030517578&epn.metric_delta=332.8000030517578&ep.metric_rating=good&ep.debug_target=&ep.debug_event=&ep.debug_timing=&ep.event_time=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FVWZ0RM4DH&cid=282878327.1687045442&gtm=45je36e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 17 Jun 2023 23:59:03 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 08:19:56 GMT
content-encoding
gzip
via
1.1 edc440dfdd4dccb638ead805c7f4dbfe.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
55448
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
u_Zle5UhQnAC0ySKb0JJIJ_W4_gsclVUujKVnggF6HnYF8S6rqVERA==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ref=&_it=amazon&partner_id=269
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
4327
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7d8f2887a865dacd-MIA
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
A8846R9TCKQG89MX
age
279
etag
W/"bd84c027369eea0cf742a8ca6f03b75c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d8f2887aa753360-MIA
x-amz-id-2
BbfW5DeMA0AmskV9zo1JoCyePTLKgS2QzKUobXp4GeUyHlb12pnY7lWCNpjFLviiZQg45VlWAC4=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Sat, 17 Jun 2023 23:59:03 GMT
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame A234
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZI5FQwAAARkr3QAz
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 17 Jun 2023 23:44:03 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760054-MIA
x-timer
S1687045444.949733,VS0,VE28

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sat, 17 Jun 2023 23:44:03 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZI5FQwAAARkr3QAz
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760054-MIA
x-timer
S1687045444.889879,VS0,VE25
Pug
image2.pubmatic.com/AdServer/ Frame 2C80
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314640527939565
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314640527939565
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 17 Jun 2023 23:44:03 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314640527939565
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame 8B69
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZG36G21W24799ET32HV2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PJW2RVYK4FEXH3TYF333
Pug
image2.pubmatic.com/AdServer/ Frame 6A9A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCWVNVN0pISXNBQUI4Wmp4M25Ndw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABYSU7JHIsAAB8Zjx3nMw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE2u07JHIsAACA_VdpK4w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=536222003037073419&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE2u07JHIsAACA_VdpK4w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D536222003037073419%26gdpr%3D0%26gdpr_consent...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=536222003037073419&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAE2u07J...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2u07JHIsAACA_VdpK4w&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2u07JHIsAACA_VdpK4w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 22:02:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 17 Jun 2023 23:44:06 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2u07JHIsAACA_VdpK4w&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3BD3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d895648e-4544-4600-8aa4-c61d989f4bad&gdpr=0&gdpr_consent=
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d895648e-4544-4600-8aa4-c61d989f4bad&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:04 GMT
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:03 GMT
Expires
Sat, 17 Jun 2023 23:44:02 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1031 59fd23a master ord ord-pixel-x57 config_version:"1969"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d895648e-4544-4600-8aa4-c61d989f4bad&gdpr=0&gdpr_consent=
141
match.deepintent.com/usersync/ Frame 2A87 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sat, 17 Jun 2023 23:44:02 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame D146
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163557896886539984&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163557896886539984&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
0e2ecc8c-a534-427f-b59a-a94cf1fa55c9
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Jun 2023 23:44:03 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163557896886539984&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame FA65
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 22:01:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 17 Jun 2023 23:44:04 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 51D1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:03 GMT
expires
Sat, 17 Jun 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
868975
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2004
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d7a31028-0d68-11ee-bd75-c9ad2a380901
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d7a31028-0d68-11ee-bd75-c9ad2a380901
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sat, 17 Jun 2023 23:44:04 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d7a31028-0d68-11ee-bd75-c9ad2a380901
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-8
Pug
simage2.pubmatic.com/AdServer/ Frame 232E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qvw6C54pW5dT0Uyo7jdufSaEdkc&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qvw6C54pW5dT0Uyo7jdufSaEdkc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Jun 2023 23:44:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qvw6C54pW5dT0Uyo7jdufSaEdkc&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 797E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:su5GORrt1QaFAo5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:su5GORrt1QaFAo5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 17 Jun 2023 23:44:03 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:su5GORrt1QaFAo5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-023329e0a498b46ac@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 815C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=18aa8407-4597-4a2f-8064-3c7ea3b00527&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C9FE2347-10FF-4ABA-8761-C084B8379398
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C9FE2347-10FF-4ABA-8761-C084B8379398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.114.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-114-132.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 17 Jun 2023 23:44:02 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C9FE2347-10FF-4ABA-8761-C084B8379398
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 46BF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791836713822
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791836713822
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791836713822
Pug
simage2.pubmatic.com/AdServer/ Frame C942
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
42 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:02 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
s.tribalfusion.com/z/ Frame 70DA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d8f28891b7c2275-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d8f28886a9a2275-MIA
content-type
text/html
date
Sat, 17 Jun 2023 23:44:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1764
setuid
u.4dex.io/ Frame 529E 		0
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C9FE2347-10FF-4ABA-8761-C084B8379398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 17 Jun 2023 23:44:03 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5484
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yf4jRxD_SrqHYcCEuDeTmA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
x-check-cacheable
YES
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
x-akamai-pragma-client-ip
23.44.237.135, 4.7.166.102
x-serial
66383
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html
cache-control
max-age=99782
accept-ranges
bytes
content-length
5554
expires
Mon, 19 Jun 2023 03:27:05 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 5484
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C9FE2347-10FF-4ABA-8761-C084B8379398
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dfe9cb3d0-e4b5-4631-9e63-ec4871293ac8%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6163557896886539984&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6163557896886539984&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Sat, 17 Jun 2023 23:44:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0d8385ac-6041-48d1-867d-2c5214b8afa3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6163557896886539984&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 5484
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=C9FE2347-10FF-4ABA-8761-C084B8379398&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=C9FE2347-10FF-4ABA-8761-C084B8379398&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=C9FE2347-10FF-4ABA-8761-C084B8379398&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=C9FE2347-10FF-4ABA-8761-C084B8379398&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 5484
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C9FE2347-10FF-4ABA-8761-C084B8379398&vxii_pid=12&vxii_pid1=10067&vxii_rcid=555fee4d-2600-4fd9-b64a-bcb1afc2fbbe
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C9FE2347-10FF-4ABA-8761-C084B8379398&vxii_pid=12&vxii_pid1=10067&vxii_rcid=555fee4d-2600-4fd9-b64a-bcb1afc2fbbe
Protocol
H2
Server
35.172.246.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-246-77.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sat, 17 Jun 2023 23:44:04 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C9FE2347-10FF-4ABA-8761-C084B8379398&vxii_pid=12&vxii_pid1=10067&vxii_rcid=555fee4d-2600-4fd9-b64a-bcb1afc2fbbe
date
Sat, 17 Jun 2023 23:44:03 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzlGRTIzNDctMTBGRi00QUJBLTg3NjEtQzA4NEI4Mzc5Mzk4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFs98NOo7D4BhBR9Izs_Hj0&google_cver=1
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFs98NOo7D4BhBR9Izs_Hj0&google_cver=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 22:01:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFs98NOo7D4BhBR9Izs_Hj0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A1A1E2756F36417A842BBECC019687AF
42 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A1A1E2756F36417A842BBECC019687AF
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A1A1E2756F36417A842BBECC019687AF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Jun 2023 23:44:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3666460092970085583&gdpr=0&gdpr_consent=&us_privacy=
1 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3666460092970085583&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3666460092970085583&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&gdpr=0&gdpr_consent=
42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JFmCDFFE2uXoyfnVsL.yj7x0pXbAN4E-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JFmCDFFE2uXoyfnVsL.yj7x0pXbAN4E-~A&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 22:01:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JFmCDFFE2uXoyfnVsL.yj7x0pXbAN4E-~A&gdpr=0
date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
C9FE2347-10FF-4ABA-8761-C084B8379398
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5484 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C9FE2347-10FF-4ABA-8761-C084B8379398?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:1182:3903:eb81:31e2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1b088f5c47b71066&is_secure=true&networkId=17100&version=1&nuid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7wDx_Q0JDgNYTDnRAAAAAAA&expiration=1687131844&nuid=C9FE2347-10FF-4ABA-8761-C084B8379398&...
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7wDx_Q0JDgNYTDnRAAAAAAA&expiration=1687131844&nuid=C9FE2347-10FF-4ABA-8761-C084B8379398&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7wDx_Q0JDgNYTDnRAAAAAAA&expiration=1687131844&nuid=C9FE2347-10FF-4ABA-8761-C084B8379398&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=845f7f5a-0f14-42e4-bdd5-c3403979bb49&gdpr=0&gdpr_consent=
1 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=845f7f5a-0f14-42e4-bdd5-c3403979bb49&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=845f7f5a-0f14-42e4-bdd5-c3403979bb49&gdpr=0&gdpr_consent=
Date
Sat, 17 Jun 2023 23:44:04 GMT
Connection
keep-alive
X-CI-RTID
e11554fa-0941-465d-905a-5d3ba238d73b
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=552a321d-0826-4b59-96ba-f8d1f84f917e&ssp=pubmatic&expires=30&user_group=5&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&gdpr_pd=
1 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 17 Jun 2023 23:44:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 5484 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.181.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-181-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
sn.ashx
pmp.mxptint.net/ Frame 5484
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_1046EFA05_3DE762AC&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.68.201.140 Bergenfield, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-370050244; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-370050244; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 22:01:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5484
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2198261905534825226
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2198261905534825226
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2198261905534825226
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
mbid.marfeelrev.com/ Frame 0BEF
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid...
  • https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di...
  • https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=56a2a300-4ae3-4782-a3a3-1cd6a81e445a
86 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=56a2a300-4ae3-4782-a3a3-1cd6a81e445a
Protocol
H2
Server
148.113.153.86 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl04.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mbid.marfeelrev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
expires
0

Redirect headers

location
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=56a2a300-4ae3-4782-a3a3-1cd6a81e445a
access-control-allow-origin
*
date
Sat, 17 Jun 2023 23:44:04 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
42469edfcdbd8eca8c081df2f81bad4ece6c63db2745fd5deaa38b308f90709f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 23:44:04 GMT
518.json
id5-sync.com/g/v2/ 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/518.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
90a7d5df414c326138d3892bdcb01fd7af8584a82be5a9f9ef5a2d74cb31a815
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Sat, 17 Jun 2023 23:59:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7DB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
187874
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 19:32:50 GMT
expires
Fri, 14 Jun 2024 19:32:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 83BF 		783 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e03d509846c55fbfd54c67ca2b90c81c1b534800c23c6cf5056cdc0115d80161
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GbHgjZfY9tM-A5D6LWVP3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-GbHgjZfY9tM-A5D6LWVP3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:04 GMT
expires
Sat, 17 Jun 2023 23:44:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
iu3
s.amazon-adsystem.com/ Frame 9917 		428 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
02a06d10dc9a049eb0f78a5b558d242e379cfa7731264d4fbee1d05760393193
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
428
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
239ADD2CHH6B8DF1EV8E
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1471:15::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://simpleflying.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Sun, 18 Jun 2023 00:14:04 GMT
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame D7DB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 10:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
306506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 10:35:38 GMT
setuid
mbid.marfeelrev.com/ Frame 0BEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6163557896886539984
86 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6163557896886539984
Protocol
H2
Server
148.113.153.86 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl04.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mbid.marfeelrev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:03 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
expires
0

Redirect headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
461ee3ed-0687-49e1-83c6-cba315b903ec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6163557896886539984
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 83BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230614&jk=293734283596395&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/518/8.gif?id5id=ID5*8Eff48MhQ-ejKFKKypH5bNzsWPH9XmW-Irc8RBM1HEpQGjcg_LTTwRNJTKrHH3lmUBukuMsTD-7JyEzGbZrmRQ&o=api&gdpr_consent=undefined&gdpr=false
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAEw9U7JHIsAACDmGsySkQ
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAEw9U7JHIsAACDmGsySkQ
Protocol
HTTP/1.1
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAEw9U7JHIsAACDmGsySkQ
Date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pr
s.amazon-adsystem.com/v3/ Frame 86AD 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c4a4bddea11c6a11d8577b32c99b290d37435ceebe3e5ca699ce50cf1fa791df
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
5032
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RZV0X8G4CZCTWBZWPD4P
usync.html
eus.rubiconproject.com/ Frame 8964
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:04 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 17 Jun 2023 23:44:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 86AD
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
90QRP86WXWSQEXH079RN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Date
Sat, 17 Jun 2023 23:44:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 86AD
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=6ac352ff-5d7d-44d2-afe2-74c642056e1f&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=6ac352ff-5d7d-44d2-afe2-74c642056e1f&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W8R5A77QZ877KDHP1AVG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=6ac352ff-5d7d-44d2-afe2-74c642056e1f&gdpr=0
date
Sat, 17 Jun 2023 23:44:04 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 86AD
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3300470441523937000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3300470441523937000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FGN3CPCPCZBE4D4E87GG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3300470441523937000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sat, 17 Jun 2023 23:44:04 GMT
/
onetag-sys.com/match/ Frame 86AD 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 86AD
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=A1A1E2756F36417A842BBECC019687AF&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=A1A1E2756F36417A842BBECC019687AF&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EDCCZZS7WBERD6QCYMFN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=A1A1E2756F36417A842BBECC019687AF&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Jun 2023 23:44:04 GMT
ecm3
s.amazon-adsystem.com/ Frame 86AD
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=d5f643959d249fc619f50d89cfe2a765
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=d5f643959d249fc619f50d89cfe2a765
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WFF08MWNRZ0BNAM4QY11
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=d5f643959d249fc619f50d89cfe2a765
date
Sat, 17 Jun 2023 23:44:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame 86AD
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1fe31d52-92ce-45f3-842e-4da051a04de8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1fe31d52-92ce-45f3-842e-4da051a04de8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MVAGNH03S3PK9WG394QZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1fe31d52-92ce-45f3-842e-4da051a04de8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 33D6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e5ff5d1b5be3f8f2547cd933f8d846da2f146e8f6da924ee466589de2b8ad600

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1753
Content-Type
text/html
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync-iframe
cs-tam.minutemedia-prebid.com/ Frame 7A00 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:5a00:17:c484:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a86918e433de82e40f81b5b65905e4afeee97734191162498ea315f54329d305

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-tam.minutemedia-prebid.com
content-type
text/html
date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-amz-cf-id
Kt31vRZ5n6Raq2etsOAKaZcd9KvD8aCEfG4zZIHLWXmy7WRc1C3kYA==
x-amz-cf-pop
IAD55-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
5
sync
ms-cookie-sync.presage.io/amazon/ Frame 1DC7 		631 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-20.iad55.r.cloudfront.net
Software
/ Express
Resource Hash
c0b6b5ff58dc642e2551e71d9ca6ef48fed3e809e9ccd9a8f45af36de1e6900a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
631
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Via
1.1 3d3fd40be4e4bfdd1e1bebf86df63a76.cloudfront.net (CloudFront)
X-Amz-Cf-Id
CfAOLkhtInaSSmaG1KgR4a4L5Daq0DnXeL-rznXesbgLUa8iZ7cyHw==
X-Amz-Cf-Pop
IAD55-P1
X-Cache
Miss from cloudfront
X-Powered-By
Express
uc.html
sync.go.sonobi.com/ Frame 021F 		545 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e65f806d08bbd60e65c01dce3f3c5e617ad3e7f8ce67887d6ec89f2918a00d01
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, private
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Server
sonobi-go
Tcn
Choice
Transfer-Encoding
chunked
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-83
X-Xss-Protection
0
cm
u.openx.net/w/1.0/ Frame 9469 		693 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
85c78612043340f5b4ee5488c8e3bdb6078c55fa2e07a935dbc928972e89cc67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
399
content-type
text/html
date
Sat, 17 Jun 2023 23:44:04 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame BC5C
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=536222003037073419&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=536222003037073419&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WXE3JD5MBW3NG3G7SWSR

Redirect headers

content-length
0
date
Sat, 17 Jun 2023 23:44:04 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=536222003037073419&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 28DA
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4ed86e4a75711066&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMnicIuACbQwNG5o07AAAAAAA&expiration=1687131844&is_secure=true&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMnicIuACbQwNG5o07AAAAAAA&expiration=1687131844&is_secure=true&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QWF0Z2BECMJ6PZK0PCN4

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sat, 17 Jun 2023 23:44:04 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMnicIuACbQwNG5o07AAAAAAA&expiration=1687131844&is_secure=true&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
tamptsync
sync-amz.ads.yieldmo.com/ Frame 3113 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.37.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-37-172.compute-1.amazonaws.com
Software
/
Resource Hash
83044a2274d8cd20c9df2195c6d4e063bb24c591f52e757c642f559534e61bbb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 2DDB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Jun 2023 23:44:04 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 9331
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
047da9d629c1818d83304a0b035e69ee3a7473985148a9a3216082088a48ae95
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6d945594b4-bkpj4
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-6d945594b4-bkpj4
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 88B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=6163557896886539984&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6163557896886539984&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
GF4NVRNTN9VJ88AE1D3G

Redirect headers

AN-X-Request-Uuid
f84d9758-7f15-4651-9b61-9548ab1fb680
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=6163557896886539984&ex=appnexus.com&gdpr=0
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ce.lijit.com/beacon/ Frame 2E96
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bdfa822588f972dc36d07b04c134ab76d9395b2aa835bac35679ec85573f57a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
434
Content-Type
text/html
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1dca1
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0993 		240 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
adaa71e1e168ad182c2c902b507e3bc5fa3235104cae2cbfc1137bafa8b55fa9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-length
240
content-type
text/html
date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
x-envoy-upstream-service-time
7
ecm3
s.amazon-adsystem.com/ Frame 4205
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4090118527531875369328
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4090118527531875369328
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_n-Ogury_snb_n-MediaNet_ox-db5_smrt_cnv_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8QW24HC6897M8YZ808X3

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 17 Jun 2023 23:44:04 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4090118527531875369328
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
generate_204
tpc.googlesyndication.com/ Frame D7DB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?stfqTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
9.gif
id5-sync.com/c/518/1246/0/
Redirect Chain
  • https://id5-sync.com/i/518/8.gif?id5id=ID5*TLAD0CIZKumUT9w8Mxrui_uq2LLxSlIJMQSLp-KX2H9QGstc9B1SnyDb-k5q54HTUBs7SDPT3JbksDprRBhnXA&o=api&gdpr_consent=undefined&gdpr=false
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/518/441/7/2.gif?puid=u_c0b405d2-1cef-4503-adc7-a92862b037f5&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/518/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/518/2/6/3.gif?puid=6163557896886539984&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F203%2F5%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/518/203/5/4.gif?puid=b2669be2-8f34-4b4c-91cc-64d84e02b962&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F518%2F124%2F4%2F5.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/518/124/4/5.gif?puid=56a2a300-4ae3-4782-a3a3-1cd6a81e445a&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/518/108/3/6.gif?puid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F796%2F2%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/518/796/2/7.gif?puid=845f7f5a-0f14-42e4-bdd5-c3403979bb49&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/518/429/1/8.gif?puid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=6163557896886539984&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F518%2F1246%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/518/1246/0/9.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/518/1246/0/9.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 17 Jun 2023 23:44:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:06 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/518/1246/0/9.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 9469 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=c1156e72-91fc-c44e-36b4-ec79424c71f6
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JSFZ8G5FRZYB9JKW76P2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0d04744b-1dfa-edfd-c76d-781bd528775f
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9469 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/0d04744b-1dfa-edfd-c76d-781bd528775f?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:1182:3903:eb81:31e2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 9469 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c1156e72-91fc-c44e-36b4-ec79424c71f6
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D2FTTGJFTA9G9T546FST
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9469
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=99c3120f-8d56-7fb4-f6ba-6eee2a7fba16&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&ttd_puid=99c3120f-8d56-7fb4-f6ba-6eee2a7fba16&gdpr=0&gdpr_consent=
43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&ttd_puid=99c3120f-8d56-7fb4-f6ba-6eee2a7fba16&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&ttd_puid=99c3120f-8d56-7fb4-f6ba-6eee2a7fba16&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 9469 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjVhY2MxYzUtNDQyMS0yMTEwLWUzNWEtMzQ1N2UwOWQ3NDc2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9469
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjE56JB0G-fHIVggXXyFok&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjE56JB0G-fHIVggXXyFok&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjE56JB0G-fHIVggXXyFok&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		197 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:23:24 GMT
server
Apache
etag
"31332-5eaee9adb933b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
59461
expires
Sat, 17 Jun 2023 23:59:04 GMT
us.gif
sync.go.sonobi.com/ Frame 021F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&google_hm=Y2Y2YzBlZDQtZTVmYy00YjljLWI2ZDYtOTc4YzNjODA1Yzk5
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECXGhGBx2qSqHpqBD0OOPEA&google_cver=1&ssp=sonobi&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
49 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-83
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Date
Sat, 17 Jun 2023 23:44:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 021F
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d895648e-4544-4600-8aa4-c61d989f4bad
49 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d895648e-4544-4600-8aa4-c61d989f4bad
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-83
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x35 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d895648e-4544-4600-8aa4-c61d989f4bad
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jun 2023 23:44:03 GMT
us.gif
sync.go.sonobi.com/ Frame 021F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&pubid=91e92b73fd
49 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&pubid=91e92b73fd
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-83
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&pubid=91e92b73fd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
ecm3
s.amazon-adsystem.com/ Frame 021F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=548f579a-2e91-4164-a201-9f750b993513
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G0NSK9DN7GBHXM9MCZW9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3113 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g9b37a07cd086a85825b&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VDE8T0RB3SMGXP632FK5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3113
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6163557896886539984
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d7c453bc-e8de-4b8c-b326-7da333e29f16&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d7c453bc-e8de-4b8c-b326-7da333e29f16&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d7c453bc-e8de-4b8c-b326-7da333e29f16&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 17 Jun 2023 23:44:05 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
ads.yieldmo.com/ Frame 3113
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LJ0NAQAS-1X-L7LS
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LJ0NAQAS-1X-L7LS
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.202.191.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-191-141.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LJ0NAQAS-1X-L7LS
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
sync
ads.yieldmo.com/v000/ Frame 3113
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=6163557896886539984&pn_id=an
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=6163557896886539984&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.202.191.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-191-141.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
76b48bc5-0aae-4aaf-9633-14c418577540
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.yieldmo.com/v000/sync?userid=6163557896886539984&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 3113
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEMzI6ZN9v-ALfRH5gZSJMYk&google_cver=1
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEMzI6ZN9v-ALfRH5gZSJMYk&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.202.191.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-191-141.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEMzI6ZN9v-ALfRH5gZSJMYk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 3113
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g9b37a07cd086a85825b
  • https://ads.yieldmo.com/v000/sync?tdid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.202.191.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-191-141.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
dcm
s.amazon-adsystem.com/ Frame 33D6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MDP6BGXAXSV6GDCF1A0C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 33D6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZI5FQbEkXkeCVJbyhldx0QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 33D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHemisZWop_lOy0Xo_htXTE&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHemisZWop_lOy0Xo_htXTE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHemisZWop_lOy0Xo_htXTE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 33D6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&expiration=1689637444&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&expiration=1689637444&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&expiration=1689637444&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 33D6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6163557896886539984
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6163557896886539984
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e65a133d-10ba-4687-b317-cd088aca9c56
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6163557896886539984
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 33D6 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:1182:3903:eb81:31e2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum.casalemedia.com/ Frame 33D6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_c6bbe540-764d-42d6-a52d-da3213efb17c&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&us_privacy=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 17 Jun 2023 23:44:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 33D6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JKAHQHBGF7B3MV1TCJD2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame C389
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.52.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-52-94.compute-1.amazonaws.com
Software
/
Resource Hash
aa1d116834f5ac548a8f31f505c68edb17a2b5483bbf2ae2d488619a5964c315

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 17 Jun 2023 23:44:04 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:04 GMT
location
/um/cs&eq_cc=1
cs
cs.yellowblue.io/ Frame 0993
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1687045444792
  • https://ad.turn.com/r/cs?pid=45&rndcb=6881683373
  • https://sync.1rx.io/usersync/turn/3666460092970085583?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs.yellowblue.io/cs?aid=11599&id=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Date
Sat, 17 Jun 2023 23:44:05 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX4d7ac79ab44643dd8b2a532c94803b95005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
ecm3
s.amazon-adsystem.com/ Frame 0993 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=jQi4urwaCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZNTF4XWMEZX8F3DXDHVA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2DDB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7243dfa6171dbc14cb955125d4d528e5567c4c8b45bb95545d426f0632d2d330

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Jun 2023 10:05:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37265
Connection
keep-alive
Content-Length
10113
Expires
Sun, 18 Jun 2023 10:05:09 GMT
ecm3
s.amazon-adsystem.com/ Frame 1DC7 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ogury.com&id=a1835b21-9cf1-4bc9-a647-0b951e53e145
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BB8Q8EDD25V9C728DJ7W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-switch
ms-cookie-sync.presage.io/v1/init-sync/ Frame 1DC7 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/v1/init-sync/bid-switch?iab_string=undefined&web_uid=a1835b21-9cf1-4bc9-a647-0b951e53e145&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-20.iad55.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
Via
1.1 3d3fd40be4e4bfdd1e1bebf86df63a76.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Thu, 15 Jun 2023 13:40:14 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
15JOIcanXv--49hbT7cOGlBGNqBAjdybLnXbbal9hGlxbxU8N22jMA==
Expires
0
init-sync
ms-cookie-sync.presage.io/ttd/ Frame 1DC7 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/ttd/init-sync?iab_string=undefined&web_uid=a1835b21-9cf1-4bc9-a647-0b951e53e145&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-20.iad55.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
Via
1.1 3d3fd40be4e4bfdd1e1bebf86df63a76.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Thu, 15 Jun 2023 13:40:14 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
WtKR3Pe1sFEykMGBRnvxOxSLFT1inWk5f5s15muXVh0Fq_P3YGflBA==
Expires
0
init-sync
ms-cookie-sync.presage.io/xandr/ Frame 1DC7 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/xandr/init-sync?iab_string=undefined&web_uid=a1835b21-9cf1-4bc9-a647-0b951e53e145&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-20.iad55.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
Via
1.1 4244245835579031ffc201ddc6d644a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Thu, 15 Jun 2023 13:40:14 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
kiMJWYXSnjefQ4KaZdKLDX9_UfnnblVT2L7iM5lKCnFcUbfjZqMv5A==
Expires
0
usync.js
eus.rubiconproject.com/ Frame 8964 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7243dfa6171dbc14cb955125d4d528e5567c4c8b45bb95545d426f0632d2d330

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
last-modified
Sat, 17 Jun 2023 10:05:41 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=37265
content-length
10113
expires
Sun, 18 Jun 2023 10:05:09 GMT
ecm3
s.amazon-adsystem.com/ Frame 2DDB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LJ0NAQAS-1X-L7LS
  • https://s.amazon-adsystem.com/ecm3?id=LJ0NAQAS-1X-L7LS&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LJ0NAQAS-1X-L7LS&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q5GVGH1M4J5YW2VZAGKB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LJ0NAQAS-1X-L7LS&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
rtset
bh.contextweb.com/bh/ Frame 9331
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VHR4LXI2d1ZVZzlMYk5nMnFEVnRZQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEBeag4WAn8dcs4YfWIY2dLo&google_cver=1
49 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEBeag4WAn8dcs4YfWIY2dLo&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-bkpj4
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEBeag4WAn8dcs4YfWIY2dLo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 9331
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=f5480500a502384&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF03RTt7LYLwMom0DnAAAAAAA&expiration=1687131844&nuid=&is_secure=true
49 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF03RTt7LYLwMom0DnAAAAAAA&expiration=1687131844&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-bkpj4
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF03RTt7LYLwMom0DnAAAAAAA&expiration=1687131844&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 9331 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=FPMXHM4WgKFW&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SGQ3GEGFNEDRTDJX10HS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594788499390376540&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21490&id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Date
Sat, 17 Jun 2023 23:44:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=548f579a-2e91-4164-a201-9f750b993513
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=548f579a-2e91-4164-a201-9f750b993513
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-83
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=548f579a-2e91-4164-a201-9f750b993513
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=4090118527531875369328
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=4090118527531875369328
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=4090118527531875369328
date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=6163557896886539984
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&id=6163557896886539984
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ccb3dfc5-fba5-4318-a406-47a5ecb8d02f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cs.minutemedia-prebid.com/cs?aid=21484&id=6163557896886539984
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6163557896886539984
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=C9FE2347-10FF-4ABA-8761-C084B8379398
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=C9FE2347-10FF-4ABA-8761-C084B8379398
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=C9FE2347-10FF-4ABA-8761-C084B8379398
date
Sat, 17 Jun 2023 23:44:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=bdc7de11-25d2-4be2-916c-1ec105949f96
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=bdc7de11-25d2-4be2-916c-1ec105949f96
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
//cs.minutemedia-prebid.com/cs?aid=21503&id=bdc7de11-25d2-4be2-916c-1ec105949f96
date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=56a2a300-4ae3-4782-a3a3-1cd6a81e445a
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=56a2a300-4ae3-4782-a3a3-1cd6a81e445a
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21489&id=56a2a300-4ae3-4782-a3a3-1cd6a81e445a
access-control-allow-origin
*
date
Sat, 17 Jun 2023 23:44:04 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g9b37a07cd086a85825b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g9b37a07cd086a85825b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g9b37a07cd086a85825b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID...
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=FPMXHM4WgKFW&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=FPMXHM4WgKFW&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=FPMXHM4WgKFW&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-bkpj4
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=SH61o9eW3usfInkR2FZ-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3D...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6VGSBWGFXTSZKXGN2XGZSJNZVVE...
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=SH61o9eW3usfInkR2FZ-
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=SH61o9eW3usfInkR2FZ-
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
Content-Type
text/html; charset=utf-8
Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=SH61o9eW3usfInkR2FZ-
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=6b596d99-cd6f-44de-8a4e-a9fb40768f85&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=6b596d99-cd6f-44de-8a4e-a9fb40768f85&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=6b596d99-cd6f-44de-8a4e-a9fb40768f85&gdpr=0
date
Sat, 17 Jun 2023 23:44:04 GMT
content-length
0
0
prebid.a-mo.net/cchain/ Frame 7A00 		0
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=3118d3d7-86f2-4522-88f1-c91fd797c74c
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=3118d3d7-86f2-4522-88f1-c91fd797c74c
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=3118d3d7-86f2-4522-88f1-c91fd797c74c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://csync.loopme.me/?pubid=11556&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=4026709a-472c-403a-98f7-b1f09c50ebe6&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21511&id=4026709a-472c-403a-98f7-b1f09c50ebe6&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21511&id=4026709a-472c-403a-98f7-b1f09c50ebe6&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
date
Sat, 17 Jun 2023 23:44:04 GMT
server
_
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=536222003037073419&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=536222003037073419&gdpr=0&gdpr_consent=
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=536222003037073419&gdpr=0&gdpr_consent=
date
Sat, 17 Jun 2023 23:44:05 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID&sovrn_retry=true
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=G1VwZLZHxkSPDPDYTd6UWzoO
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=G1VwZLZHxkSPDPDYTd6UWzoO
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Sat, 17 Jun 2023 23:44:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=G1VwZLZHxkSPDPDYTd6UWzoO
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZI5FQbEkXkeCVJbyhldx0QAA%26033
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZI5FQbEkXkeCVJbyhldx0QAA%26033
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZI5FQbEkXkeCVJbyhldx0QAA%26033
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
0
prebid.a-mo.net/cchain/ Frame 7A00
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY2...
  • https://ssp.disqus.com/match?bidder=14&buyeruid=6163557896886539984&r=Cid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0...
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpZa...
0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAg4GOAI=%26buyeruid%3D
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EyAg4GOAI=%26buyeruid%3D
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
cache-control
no-store
content-length
0
expires
0
RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
sync.targeting.unrulymedia.com/csync/ Frame 7A00
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority
  • https://ad.turn.com/r/cs?pid=45&rndcb=1149154120
  • https://sync.1rx.io/usersync/turn/3666460092970085583?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:05 GMT
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=90c228c1-69f7-4080-b443-2dda30600f56
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=90c228c1-69f7-4080-b443-2dda30600f56
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=90c228c1-69f7-4080-b443-2dda30600f56
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=734b1133-0f32-52a9-9676-102ff2f8556a
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=734b1133-0f32-52a9-9676-102ff2f8556a
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=734b1133-0f32-52a9-9676-102ff2f8556a
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212187997041863
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212187997041863
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212187997041863
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.minutemedia-prebid.com/ Frame 7A00
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=009af00b-f2c4-40e0-8e22-77196a7c30f3
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=009af00b-f2c4-40e0-8e22-77196a7c30f3
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=009af00b-f2c4-40e0-8e22-77196a7c30f3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7A00 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=minutemedia.com&id=ACifur6tkp_mm
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QWM1DQ6GXJ2S9PF6SS4X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame BBDF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:04 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 17 Jun 2023 23:44:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame F564 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1350175328&t=event&_s=3&dl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ul=en-us&de=UTF-8&dt=Two%20United%20Airlines%20Employees%20Charging%20With%20Stealing%20Marijuana%20From%20Passenger%20Luggage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VVV&ea=VVV_adOpportunity&_u=aCDAAEIZAAQCACAMI~&jid=&gjid=&cid=282878327.1687045442&tid=UA-121433877-1&_gid=540269172.1687045442&z=1474315287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 01:42:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79297
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simpleflying.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 2DDB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmVkODcwMzg1ODg2N2ZiZjM3YmI1NjZmYWUwMGVjYTMwZTkwYjc5Mg&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmVkODcwMzg1ODg2N2ZiZjM3YmI1NjZmYWUwMGVjYTMwZTkwYjc5Mg&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmVkODcwMzg1ODg2N2ZiZjM3YmI1NjZmYWUwMGVjYTMwZTkwYjc5Mg&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2DDB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/HnsmOjrmdHgy8jTtjUMlF8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-udLYXNtE2oIL77Ak2vRQSEa1RLWebFXDubY1HA--~A
42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-udLYXNtE2oIL77Ak2vRQSEa1RLWebFXDubY1HA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-udLYXNtE2oIL77Ak2vRQSEa1RLWebFXDubY1HA--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 2DDB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ0NAQAS-1X-L7LS&gdpr=0&us_privacy=1---
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ0NAQAS-1X-L7LS&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8EDAA2BD578541C28660E8E395EB25D6 Ref B: MIAEDGE2718 Ref C: 2023-06-17T23:44:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+W+B5Rk3ZZwOy4Olr2Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ0NAQAS-1X-L7LS&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2DDB 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4NTRP3AYJYHB6T7991DG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2DDB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fW2Xbeq5QbyOiwKRFe_sew&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fW2Xbeq5QbyOiwKRFe_sew&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fW2Xbeq5QbyOiwKRFe_sew&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4Z7DGM23T7644KZJYRHA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fW2Xbeq5QbyOiwKRFe_sew&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2DDB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECxbj2x2aWTqGdMUjDo7uP8&google_cver=1
42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECxbj2x2aWTqGdMUjDo7uP8&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECxbj2x2aWTqGdMUjDo7uP8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2DDB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&gdpr=0&gdpr_consent=&expires=30
42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 2DDB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEowTkFRQVMtMVgtTDdMUw==&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEH6GAzzWxc1VJy2Cv6ubRmA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEowTkFRQVMtMVgtTDdMUw==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEowTkFRQVMtMVgtTDdMUw==&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEowTkFRQVMtMVgtTDdMUw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
crum
dsum-sec.casalemedia.com/ Frame C389 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d0c7d144-042d-4580-b6ae-a7c7593f5cfa&expiration=1694994244
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3520 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=3766190163745761&sz=640x480&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&iu=%2F39363775%2FSimpleFlying%2FArticle_Video_Desktop&cust_params=hb_uuid%3Dbbd3590e-395e-43f5-bba2-2720c64cf8bb%26hb_cache_id%3Dbbd3590e-395e-43f5-bba2-2720c64cf8bb%26hb_cache_host%3Dprebid.adnxs.com%26hb_format%3Dvideo%26hb_size%3D1x1%26hb_pb%3D1.90%26hb_adid%3D45c909e91b31361%26hb_bidder%3Dtriplelift%26hb_source%3Dclient%26hb_adomain%3Dgm.com%26hb_acat%3D%26gdpr%3D0%26us_privacy%3D1---%26Site%3DSimpleFlying%26ContentType%3Dundefined%26Template%3Dundefined%26NetworkCategory%3Dundefined%26SiteCategory%3Dundefined%26PostID%3Dundefined%26optimera%3D%26mode%3Dcompanion%26Site%3DSimpleFlying%26ContentType%3DMiniFeature%26Template%3Dcontent-all%26NetworkCategory%3Dairlines%26SiteCategory%3DAirlineNewsNorthAmerica%26PostID%3D2015400%26Source%3Dorganic%26Intent%3D%26AU_SEG%3DAU_SEG_TEST_PRIMIS&vpa=auto&vpmute=1&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=582503506&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=B59031D5-E33F-419A-983D-CA1356E30B4B&a3p=EhkKCnVpZGFwaS5jb20Y4Jr63YwxSABSAghkEnMKDGlkNS1zeW5jLmNvbRJaSUQ1KjhFZmY0OE1oUS1laktGS0t5cEg1Yk56c1dQSDlYbVctSXJjOFJCTTFIRXBRR2pjZ19MVFR3Uk5KVEtySEgzbG1VQnVrdU1zVEQtN0p5RXpHYlpybVJRGOCk-t2MMUgAEhoKDWNyd2RjbnRybC5uZXQSABi1nvrdjDFIABKCAgoIcnRiaG91c2US7AFxaUhPN2prVXluZVdPaU1HaWUzR0g0T2NNa05CVUZhOHBDSEpIRGlJNHNPajdCMlAydkwrREVPU2d1eGZXNzFZSU16UjRreUNPc1QvQlFRcUtobUlOSjhNNFRCOUpaRWVEbDVsVm5SQlRGUnpHTkwzbzZOYThkaXBMbWlUU2xoWVZ3ZDBtZFZJWE5GSVkxQm12VGw0R3BCUmRQd2k3YnNpbGdlRVVPelFJY1o5QnZDay9oWGx2T3JSdmxZaDczckZDOW81SUl0QSsyRjh2VWJSb2lMWkoxRVZ6QTdUekZIT1RLTVRWYlpCMXo0PRjTn_rdjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjgmvrdjDFIAFICCGQ.&nel=0&eid=44765701%2C44770825%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&loc=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&dlt=1687045440693&idt=2374&dt=1687045444809&cookie=ID%3D811df2a95c6a8ed3-22b1e36c9de10099%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MaCgj9OQU_SMwYIOcSKvTNvR1xsaA&gpic=UID%3D00000c50ec96e9f7%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MYmwckUxR4jaWBeqy490PQukEJ3vg&scor=4491131601590821&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a78ec97ed60f1f6d85e8ad89eedf31db5c2a44444146a474412fcffb74e02e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4094
x-xss-protection
0
google-lineitem-id
6141616500
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138409893260
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/ Frame 8964
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LJ0NAQAS-1X-L7LS
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
0
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Expires
0
usync.js
eus.rubiconproject.com/ Frame BBDF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7243dfa6171dbc14cb955125d4d528e5567c4c8b45bb95545d426f0632d2d330

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
content-encoding
gzip
last-modified
Sat, 17 Jun 2023 10:05:41 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=37265
content-length
10113
expires
Sun, 18 Jun 2023 10:05:09 GMT
ecm3
s.amazon-adsystem.com/ Frame 2E96 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=G1VwhPZH-q26XH-aR1uPMNQ8&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YHEG04M7X8CEMP256DMG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 2E96
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D8aceef...
  • https://ce.lijit.com/merge?pid=16&3pid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sat, 17 Jun 2023 23:44:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 2E96
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2198261905534825226&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=&gdpr_consent=
Date
Sat, 17 Jun 2023 23:44:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 2E96
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAE2u07JHIsAACA_VdpK4w&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAE2u07JHIsAACA_VdpK4w&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAE2u07JHIsAACA_VdpK4w&gdpr=0
Date
Sat, 17 Jun 2023 23:44:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 2E96
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1687045444819&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=A1A1E2756F36417A842BBECC019687AF
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=A1A1E2756F36417A842BBECC019687AF
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sat, 17 Jun 2023 23:44:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=A1A1E2756F36417A842BBECC019687AF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Jun 2023 23:44:04 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame 2E96 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230614&jk=293734283596395&bg=!ubqluu7NAAaGYqkwpmI7ADkAdvg8WgVtHGcVKiuppka7wodfwQ_dDub4oUSsKUpGFajAkZZt-XyDETCjl3VRJYV7cL2AYiQ9r30CAAAAe1IAAAAHaAEHCgBNcyoYQ5aLSE_HuLYJb1_mUVxr1vYBelQA6cKbYySeDoCp8t18mMnJ6FvyxuOKQN104b06Tra8peO_eOGCv_mIaburm5XoB0Ta27ZN3zSZAtRqgwvGyO54kFOb5_xNtxT890r27lwFbHEWGCCVCv3P72jXnu7fS4VuuhhHnfnq6g210CoZPluGUTN1kP7y5Pdc9c64ttvVZmrz0arjslkrgPykix2UpmRkOwQICAaGYRA-Y2iulrq-UHa0-R5ftc4grb2gnu-Ff3HGy5H_0ll6AmQTWHIWP0sNX8E-pEA-3t72mmurQ4mt1XpF9qm_3XXEobUWPlQVHUpGFIK2MxYBEH1ArZV8FFn6Ik64Nq3ucEWYAl-6tT68htzpSQDsQ-ifapaiisgbRw5TxA9GYJT2qJYPxQBeyG5LKR95hv1WE04mJp4LEmVnFJY0TA5ehiInqZeSqI_HYp6uLhYYyN7an7ASMFPKhTdeqgHbT5hJWaJegaIz7LKydKNoTus_aY7yz7sbSfQW8atT-aC7xU9cev0xkGSHVcHGLnc_4aFlBLQ5YNFRg4oPQ0B-ypsHmXTk74U_OCczhcBPL3Ohps_PuvRUDF5sy_e1GFx63wLnc3BAsGsgE9caapu1a2WgQTpVaR-4PAzVa-lyuQ2Bz5zkyYv7wOymsAk7HJZPp3ZTNyUCxeYnej6ONzW6Or1f02MRKTRizQHPCJ98xVFtGWL1ZfjyS5q2V63iZiTXj4FfSX7dqQb6CmoZ5zm0Pn5v3qAz-kEqhvo21iuEGySJdmGm7KMDpg12PApEhevhUdPL0565fUbu3-GVmyM-n3pil5TR-lK9VzNfy5_XTbieUVwnFzzOdOFQ3HtSNbwk-I9zUTyS8NRLdn43lr4mSdYYAaOz-rU7YSTUaYYORhyOWd9pHzfw1TU46zTX4BDifhL7IWrj0LyR-VIbE9tR5456SNHhprfLGjTSB5jdbeCWsGzZjjCXNdBhifNmS8jpi5D_66wD15jFNiorw5ErrKkJ1dWmOHnUsFnGR3GnycqidnAn30L9rhkqO2H-EvPzfr3TM-CmAHml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
cs
cs.minutemedia-prebid.com/ Frame BBDF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LJ0NAQAS-1X-L7LS
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidResponse&bidder=nextMillennium&source=pbjs&placements=28624
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:05 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=28618
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:05 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=28626
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:05 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=28625
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:05 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=28613
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:05 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simpleflying.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=293734283596395&correlator=4198090953318960&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=39363775%2CSimpleFlying%2CArticle_InContent_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C728x90&ifi=2&adks=1053397227&sfv=1-0-40&prev_scp=pos%3Dmultidesk%26Instance%3Dmulti%26amznbid%3D2%26amznp%3D2%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D300x250%26hb_pb_triplelift%3D1.97%26hb_adid_triplelift%3D96f84e1c1cfc45%26hb_bidder_triplelift%3Dtriplelift%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.63%26hb_adid_appnexus%3D10343b56aab75ead%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.97%26hb_adid%3D96f84e1c1cfc45%26hb_bidder%3Dtriplelift&eri=1&cust_params=Site%3DSimpleFlying%26ContentType%3DMiniFeature%26Template%3Dcontent-all%26NetworkCategory%3Dairlines%26SiteCategory%3DAirlineNewsNorthAmerica%26PostID%3D2015400%26Source%3Dorganic%26Intent%3D%26AU_SEG%3DAU_SEG_TEST_PRIMIS&sc=1&cookie=ID%3D811df2a95c6a8ed3-22b1e36c9de10099%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MaCgj9OQU_SMwYIOcSKvTNvR1xsaA&gpic=UID%3D00000c50ec96e9f7%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MYmwckUxR4jaWBeqy490PQukEJ3vg&abxe=1&dt=1687045445207&lmt=1687045445&dlt=1687045440693&idt=2200&adxs=455&adys=3637&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&frm=20&vis=1&psz=750x90&msz=750x90&fws=516&ohw=1600&ga_vid=282878327.1687045442&ga_sid=1687045442&ga_hid=1350175328&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y4Jr63YwxSABSAghkEnMKDGlkNS1zeW5jLmNvbRJaSUQ1KjhFZmY0OE1oUS1laktGS0t5cEg1Yk56c1dQSDlYbVctSXJjOFJCTTFIRXBRR2pjZ19MVFR3Uk5KVEtySEgzbG1VQnVrdU1zVEQtN0p5RXpHYlpybVJRGOCk-t2MMUgAEhoKDWNyd2RjbnRybC5uZXQSABi1nvrdjDFIABKCAgoIcnRiaG91c2US7AFxaUhPN2prVXluZVdPaU1HaWUzR0g0T2NNa05CVUZhOHBDSEpIRGlJNHNPajdCMlAydkwrREVPU2d1eGZXNzFZSU16UjRreUNPc1QvQlFRcUtobUlOSjhNNFRCOUpaRWVEbDVsVm5SQlRGUnpHTkwzbzZOYThkaXBMbWlUU2xoWVZ3ZDBtZFZJWE5GSVkxQm12VGw0R3BCUmRQd2k3YnNpbGdlRVVPelFJY1o5QnZDay9oWGx2T3JSdmxZaDczckZDOW81SUl0QSsyRjh2VWJSb2lMWkoxRVZ6QTdUekZIT1RLTVRWYlpCMXo0PRjTn_rdjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjgmvrdjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b65a7131f60c0c38ec64e10e7bb5c3b8c8e8ad6f564fef20564f8408c78bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11853
x-xss-protection
0
google-lineitem-id
5442424057
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138319498843
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D079 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:05 GMT
expires
Sun, 16 Jun 2024 23:44:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=293734283596395&correlator=4198090953318960&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=39363775%2CSimpleFlying%2CArticle_Rail_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=532659231&sfv=1-0-40&prev_scp=pos%3DAS300x250D%26amznbid%3D2%26amznp%3D2%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D300x250%26hb_pb_triplelift%3D2.23%26hb_adid_triplelift%3D95a21285acbff15%26hb_bidder_triplelift%3Dtriplelift%26hb_format_medianet%3Dbanner%26hb_size_medianet%3D300x250%26hb_pb_medianet%3D0.02%26hb_adid_medianet%3D93c7454dc51ac32%26hb_bidder_medianet%3Dmedianet%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.62%26hb_adid_appnexus%3D995e02f7acc588c%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D2.23%26hb_adid%3D95a21285acbff15%26hb_bidder%3Dtriplelift&eri=1&cust_params=Site%3DSimpleFlying%26ContentType%3DMiniFeature%26Template%3Dcontent-all%26NetworkCategory%3Dairlines%26SiteCategory%3DAirlineNewsNorthAmerica%26PostID%3D2015400%26Source%3Dorganic%26Intent%3D%26AU_SEG%3DAU_SEG_TEST_PRIMIS&sc=1&cookie=ID%3D811df2a95c6a8ed3-22b1e36c9de10099%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MaCgj9OQU_SMwYIOcSKvTNvR1xsaA&gpic=UID%3D00000c50ec96e9f7%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MYmwckUxR4jaWBeqy490PQukEJ3vg&abxe=1&dt=1687045445230&lmt=1687045445&dlt=1687045440693&idt=2200&adxs=1065&adys=2234&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&frm=20&vis=1&psz=310x0&msz=310x0&fws=516&ohw=1600&ga_vid=282878327.1687045442&ga_sid=1687045442&ga_hid=1350175328&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y4Jr63YwxSABSAghkEnMKDGlkNS1zeW5jLmNvbRJaSUQ1KjhFZmY0OE1oUS1laktGS0t5cEg1Yk56c1dQSDlYbVctSXJjOFJCTTFIRXBRR2pjZ19MVFR3Uk5KVEtySEgzbG1VQnVrdU1zVEQtN0p5RXpHYlpybVJRGOCk-t2MMUgAEhoKDWNyd2RjbnRybC5uZXQSABi1nvrdjDFIABKCAgoIcnRiaG91c2US7AFxaUhPN2prVXluZVdPaU1HaWUzR0g0T2NNa05CVUZhOHBDSEpIRGlJNHNPajdCMlAydkwrREVPU2d1eGZXNzFZSU16UjRreUNPc1QvQlFRcUtobUlOSjhNNFRCOUpaRWVEbDVsVm5SQlRGUnpHTkwzbzZOYThkaXBMbWlUU2xoWVZ3ZDBtZFZJWE5GSVkxQm12VGw0R3BCUmRQd2k3YnNpbGdlRVVPelFJY1o5QnZDay9oWGx2T3JSdmxZaDczckZDOW81SUl0QSsyRjh2VWJSb2lMWkoxRVZ6QTdUekZIT1RLTVRWYlpCMXo0PRjTn_rdjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjgmvrdjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8743a79d0165c7e0967d542db07a34372a5921b1126903af636fd86bbe805f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11838
x-xss-protection
0
google-lineitem-id
5442424951
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138319086099
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=293734283596395&correlator=4198090953318960&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=39363775%2CSimpleFlying%2CArticle_Wunderkind_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=1055377144&sfv=1-0-40&prev_scp=pos%3Dwunderkind%26Site%3DSimpleFlying%26ContentType%3DMiniFeature%26Template%3Dcontent-all%26NetworkCategory%3Dairlines%26SiteCategory%3DAirlineNewsNorthAmerica%26PostID%3D2015400&eri=1&cust_params=Site%3DSimpleFlying%26ContentType%3DMiniFeature%26Template%3Dcontent-all%26NetworkCategory%3Dairlines%26SiteCategory%3DAirlineNewsNorthAmerica%26PostID%3D2015400%26Source%3Dorganic%26Intent%3D%26AU_SEG%3DAU_SEG_TEST_PRIMIS&sc=1&cookie=ID%3D811df2a95c6a8ed3-22b1e36c9de10099%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MaCgj9OQU_SMwYIOcSKvTNvR1xsaA&gpic=UID%3D00000c50ec96e9f7%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MYmwckUxR4jaWBeqy490PQukEJ3vg&abxe=1&dt=1687045445236&lmt=1687045445&dlt=1687045440693&idt=2200&adxs=800&adys=112&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=4&ohw=1600&ga_vid=282878327.1687045442&ga_sid=1687045442&ga_hid=1350175328&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y4Jr63YwxSABSAghkEnMKDGlkNS1zeW5jLmNvbRJaSUQ1KjhFZmY0OE1oUS1laktGS0t5cEg1Yk56c1dQSDlYbVctSXJjOFJCTTFIRXBRR2pjZ19MVFR3Uk5KVEtySEgzbG1VQnVrdU1zVEQtN0p5RXpHYlpybVJRGOCk-t2MMUgAEhoKDWNyd2RjbnRybC5uZXQSABi1nvrdjDFIABKCAgoIcnRiaG91c2US7AFxaUhPN2prVXluZVdPaU1HaWUzR0g0T2NNa05CVUZhOHBDSEpIRGlJNHNPajdCMlAydkwrREVPU2d1eGZXNzFZSU16UjRreUNPc1QvQlFRcUtobUlOSjhNNFRCOUpaRWVEbDVsVm5SQlRGUnpHTkwzbzZOYThkaXBMbWlUU2xoWVZ3ZDBtZFZJWE5GSVkxQm12VGw0R3BCUmRQd2k3YnNpbGdlRVVPelFJY1o5QnZDay9oWGx2T3JSdmxZaDczckZDOW81SUl0QSsyRjh2VWJSb2lMWkoxRVZ6QTdUekZIT1RLTVRWYlpCMXo0PRjTn_rdjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjgmvrdjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8b5aa2140f50b2c3effbf2a1342e846fec18f56927d58b1b7dd99aca1eec775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11667
x-xss-protection
0
google-lineitem-id
6297666442
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138433054315
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=293734283596395&correlator=4198090953318960&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=39363775%2CSimpleFlying%2CArticle_InContent_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=441878401&sfv=1-0-40&prev_scp=pos%3DAI728x90D%26amznbid%3D2%26amznp%3D2%26hb_format_medianet%3Dbanner%26hb_size_medianet%3D728x90%26hb_pb_medianet%3D0.10%26hb_adid_medianet%3D9476eb7daa493db%26hb_bidder_medianet%3Dmedianet%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.22%26hb_adid_appnexus%3D100f4f7a3fc8d47f%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.22%26hb_adid%3D100f4f7a3fc8d47f%26hb_bidder%3Dappnexus&eri=1&cust_params=Site%3DSimpleFlying%26ContentType%3DMiniFeature%26Template%3Dcontent-all%26NetworkCategory%3Dairlines%26SiteCategory%3DAirlineNewsNorthAmerica%26PostID%3D2015400%26Source%3Dorganic%26Intent%3D%26AU_SEG%3DAU_SEG_TEST_PRIMIS&sc=1&cookie=ID%3D811df2a95c6a8ed3-22b1e36c9de10099%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MaCgj9OQU_SMwYIOcSKvTNvR1xsaA&gpic=UID%3D00000c50ec96e9f7%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MYmwckUxR4jaWBeqy490PQukEJ3vg&abxe=1&dt=1687045445241&lmt=1687045445&dlt=1687045440693&idt=2200&adxs=241&adys=1927&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&frm=20&vis=1&psz=750x0&msz=750x0&fws=4&ohw=1600&ga_vid=282878327.1687045442&ga_sid=1687045442&ga_hid=1350175328&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y4Jr63YwxSABSAghkEnMKDGlkNS1zeW5jLmNvbRJaSUQ1KjhFZmY0OE1oUS1laktGS0t5cEg1Yk56c1dQSDlYbVctSXJjOFJCTTFIRXBRR2pjZ19MVFR3Uk5KVEtySEgzbG1VQnVrdU1zVEQtN0p5RXpHYlpybVJRGOCk-t2MMUgAEhoKDWNyd2RjbnRybC5uZXQSABi1nvrdjDFIABKCAgoIcnRiaG91c2US7AFxaUhPN2prVXluZVdPaU1HaWUzR0g0T2NNa05CVUZhOHBDSEpIRGlJNHNPajdCMlAydkwrREVPU2d1eGZXNzFZSU16UjRreUNPc1QvQlFRcUtobUlOSjhNNFRCOUpaRWVEbDVsVm5SQlRGUnpHTkwzbzZOYThkaXBMbWlUU2xoWVZ3ZDBtZFZJWE5GSVkxQm12VGw0R3BCUmRQd2k3YnNpbGdlRVVPelFJY1o5QnZDay9oWGx2T3JSdmxZaDczckZDOW81SUl0QSsyRjh2VWJSb2lMWkoxRVZ6QTdUekZIT1RLTVRWYlpCMXo0PRjTn_rdjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjgmvrdjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86637d7d1a29206c72744a90391e2694a5837ad53e0be593e2cd27a5a98ad062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
80046
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19789
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
94511
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=293734283596395&correlator=4198090953318960&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=39363775%2CSimpleFlying%2CArticle_Sticky_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=62750503&sfv=1-0-40&prev_scp=pos%3DAS728x90D%26amznbid%3D2%26amznp%3D2%26hb_format_medianet%3Dbanner%26hb_size_medianet%3D728x90%26hb_pb_medianet%3D0.03%26hb_adid_medianet%3D92648aff650c96f%26hb_bidder_medianet%3Dmedianet%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.51%26hb_adid_appnexus%3D9854b3f2e05cf31%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.51%26hb_adid%3D9854b3f2e05cf31%26hb_bidder%3Dappnexus&eri=1&cust_params=Site%3DSimpleFlying%26ContentType%3DMiniFeature%26Template%3Dcontent-all%26NetworkCategory%3Dairlines%26SiteCategory%3DAirlineNewsNorthAmerica%26PostID%3D2015400%26Source%3Dorganic%26Intent%3D%26AU_SEG%3DAU_SEG_TEST_PRIMIS&sc=1&cookie=ID%3D811df2a95c6a8ed3-22b1e36c9de10099%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MaCgj9OQU_SMwYIOcSKvTNvR1xsaA&gpic=UID%3D00000c50ec96e9f7%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MYmwckUxR4jaWBeqy490PQukEJ3vg&abxe=1&dt=1687045445248&lmt=1687045445&dlt=1687045440693&idt=2200&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=282878327.1687045442&ga_sid=1687045442&ga_hid=1350175328&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y4Jr63YwxSABSAghkEnMKDGlkNS1zeW5jLmNvbRJaSUQ1KjhFZmY0OE1oUS1laktGS0t5cEg1Yk56c1dQSDlYbVctSXJjOFJCTTFIRXBRR2pjZ19MVFR3Uk5KVEtySEgzbG1VQnVrdU1zVEQtN0p5RXpHYlpybVJRGOCk-t2MMUgAEhoKDWNyd2RjbnRybC5uZXQSABi1nvrdjDFIABKCAgoIcnRiaG91c2US7AFxaUhPN2prVXluZVdPaU1HaWUzR0g0T2NNa05CVUZhOHBDSEpIRGlJNHNPajdCMlAydkwrREVPU2d1eGZXNzFZSU16UjRreUNPc1QvQlFRcUtobUlOSjhNNFRCOUpaRWVEbDVsVm5SQlRGUnpHTkwzbzZOYThkaXBMbWlUU2xoWVZ3ZDBtZFZJWE5GSVkxQm12VGw0R3BCUmRQd2k3YnNpbGdlRVVPelFJY1o5QnZDay9oWGx2T3JSdmxZaDczckZDOW81SUl0QSsyRjh2VWJSb2lMWkoxRVZ6QTdUekZIT1RLTVRWYlpCMXo0PRjTn_rdjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjgmvrdjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa968d3941c6c178a543f63a2f5fc32438588763a35767767e313cdb07ee7dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=293734283596395&correlator=4198090953318960&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=39363775%2CSimpleFlying%2CArticle_Rail_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=7&adks=4053818414&sfv=1-0-40&prev_scp=pos%3Dmultisb%26Instance%3Dmulti%26amznbid%3D2%26amznp%3D2%26hb_format_nextMillen%3Dbanner%26hb_size_nextMillenni%3D300x600%26hb_pb_nextMillennium%3D0.19%26hb_adid_nextMillenni%3D11159535a92b854a%26hb_bidder_nextMillen%3DnextMillennium%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.26%26hb_adid_appnexus%3D1023bae43c5f0b72%26hb_bidder_appnexus%3Dappnexus%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x600%26hb_pb_ix%3D0.65%26hb_adid_ix%3D9031ffac87d0b0b%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.65%26hb_adid%3D9031ffac87d0b0b%26hb_bidder%3Dix&eri=1&cust_params=Site%3DSimpleFlying%26ContentType%3DMiniFeature%26Template%3Dcontent-all%26NetworkCategory%3Dairlines%26SiteCategory%3DAirlineNewsNorthAmerica%26PostID%3D2015400%26Source%3Dorganic%26Intent%3D%26AU_SEG%3DAU_SEG_TEST_PRIMIS&sc=1&cookie=ID%3D811df2a95c6a8ed3-22b1e36c9de10099%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MaCgj9OQU_SMwYIOcSKvTNvR1xsaA&gpic=UID%3D00000c50ec96e9f7%3AT%3D1687045442%3ART%3D1687045442%3AS%3DALNI_MYmwckUxR4jaWBeqy490PQukEJ3vg&abxe=1&dt=1687045445253&lmt=1687045445&dlt=1687045440693&idt=2200&adxs=1065&adys=1135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&frm=20&vis=1&psz=310x250&msz=310x250&fws=516&ohw=1600&ga_vid=282878327.1687045442&ga_sid=1687045442&ga_hid=1350175328&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y4Jr63YwxSABSAghkEnMKDGlkNS1zeW5jLmNvbRJaSUQ1KjhFZmY0OE1oUS1laktGS0t5cEg1Yk56c1dQSDlYbVctSXJjOFJCTTFIRXBRR2pjZ19MVFR3Uk5KVEtySEgzbG1VQnVrdU1zVEQtN0p5RXpHYlpybVJRGOCk-t2MMUgAEhoKDWNyd2RjbnRybC5uZXQSABi1nvrdjDFIABKCAgoIcnRiaG91c2US7AFxaUhPN2prVXluZVdPaU1HaWUzR0g0T2NNa05CVUZhOHBDSEpIRGlJNHNPajdCMlAydkwrREVPU2d1eGZXNzFZSU16UjRreUNPc1QvQlFRcUtobUlOSjhNNFRCOUpaRWVEbDVsVm5SQlRGUnpHTkwzbzZOYThkaXBMbWlUU2xoWVZ3ZDBtZFZJWE5GSVkxQm12VGw0R3BCUmRQd2k3YnNpbGdlRVVPelFJY1o5QnZDay9oWGx2T3JSdmxZaDczckZDOW81SUl0QSsyRjh2VWJSb2lMWkoxRVZ6QTdUekZIT1RLTVRWYlpCMXo0PRjTn_rdjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjgmvrdjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bb1a1bf0620ac9d69bb648983cd9952b1ee41664232d2d06c08a9014fce6427
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfQgYW-y_8CFfEEaAgdcxkCOA&gqi=&layout=/sadbundle/%24csp%253Der3%24/8034152775585628160/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfQgYW-y_8CFfEEaAgdcxkCOA&gqi=&layout=/sadbundle/%24csp%253Der3%24/8034152775585628160/index.html
date
Sat, 17 Jun 2023 23:44:08 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39391
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3520 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lj0naqvu&c=6201800679988&slotId=3100900339994&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache
prebid.adnxs.com/pbc/v1/ Frame 3520 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache?uuid=bbd3590e-395e-43f5-bba2-2720c64cf8bb
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3611e0a7905ba70311c2f8fd2dfa8f8dc271953546fa64afea8a1e54421e5add

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:05 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
setuid
u.4dex.io/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.4dex.io/setuid?bidder=yahoo&uid=y-lwoECWxE2uFgP13XoDVGiZykmCsnrAEp8l2I1qc-~A&gdpr=0
0
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=yahoo&uid=y-lwoECWxE2uFgP13XoDVGiZykmCsnrAEp8l2I1qc-~A&gdpr=0
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https:///u.4dex.io/setuid?bidder=yahoo&uid=y-lwoECWxE2uFgP13XoDVGiZykmCsnrAEp8l2I1qc-~A&gdpr=0
date
Sat, 17 Jun 2023 23:44:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
csi
csi.gstatic.com/ Frame 3520 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lj0nasnl&c=6201800679988&slotId=3100900339994&ghmsh_eids=44765701%2C44770825%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
template.xml
svastx.moatads.com/tripleliftvpaid445326569742/ Frame 3520 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/tripleliftvpaid445326569742/template.xml?tmode=1&pcode=tripleliftvpaid445326569742&ad_title=3702_104751_T15765633&ad_width=1920&ad_height=1080&ad_duration=00%3A00%3A15&level1=10672&level2=394581&level3=3702_104751_T15765633&level4=11&slicer1=3702&slicer2=58&zMoatTactic=15765633&zMoatPixelParams=aid%3A4846123081396764413270%3Bsr%3A0%3Buid%3A0%3B&vast_url=https%3A%2F%2Ftlx.3lift.com%2Fvast_serving%3Fid%3D4846123081396764413270
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.156.48 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-156-48.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
86f403d09a415d228d7a73a20f4c082f175f180b7b12ea2e34dec1c2a1973d01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
server
AmazonS3
x-amz-request-id
TC8ANA4MM1X00JJC
etag
"6873ffa950e47a8b430bca8cd375fe46"
access-control-allow-methods
GET
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
3228
x-amz-id-2
pEcJeQXNfUjDkhF93kBhOQC0mSZKiMqrA+t+ftMfR7x18dXffy7gUyJCq5gYRweWUfMslcMvzm0=
expires
Sat, 17 Jun 2023 23:44:05 GMT
csi
csi.gstatic.com/ Frame 3520 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lj0nasqj&c=6201800679988&slotId=3100900339994&vast_v=2.0&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5484 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&us_privacy=1---&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 20 May 2023 15:56:02 GMT
content-encoding
gzip
age
2447284
x-guploader-uploadid
ADPycdtVeYdoWxJ6n3AxW6NHPjBGdpxzzyZb0tkoY58vRD_ttzAztWb3oHNZOjUqCFM4NObxJyptygmwOFKmf4itdYJoNRTrGs1R
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 19 May 2024 15:56:02 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Jun 2023 23:44:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
1466
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-mia-kmia1760031-MIA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp
oajs.openx.net/ 		85 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
5b376e33cca6f4dd8b2f6ca95c0f15473e820e0b84169ce265586d1a3ee8544b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:06 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-vzS+WFg1sv5o1ZkolvT4aK8luuE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
pd
google-bidout-d.openx.net/w/1.0/ Frame 60D9 		616 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c5f0f8b89053342339a787e886cea85483531b3d0d2e67427a6d7d3727cfbd16

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
397
content-type
text/html
date
Sat, 17 Jun 2023 23:44:06 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
ups.analytics.yahoo.com/ups/58294/ Frame 60D9 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=b7079186-553c-45fd-a59d-afe4bddc4e7f
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
db_sync
px.ads.linkedin.com/ Frame 60D9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=cc056d69-4011-49d4-a9c3-ee1d13e4dbce
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokY2MwNTZkNjktNDAxMS00OWQ0LWE5YzMtZWUxZDEzZTRkYmNlEAAaDQjGirmkBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cbb3e467dea75438300e93c97793d9da4b4626f4a64435b2a1a935876a838afe791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cbb3e467dea75438300e93c97793d9da4b4626f4a64435b2a1a935876a838afe791426b5417dce21&rand=01186679
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cbb3e467dea75438300e93c97793d9da4b4626f4a64435b2a1a935876a838afe791426b5417dce21&rand=01186679&expected_cookie=1d7c9e26-cd9b-4ab5-9254-471d909bf229
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cbb3e467dea75438300e93c97793d9da4b4626f4a64435b2a1a935876a838afe791426b5417dce21&rand=01186679&expected_cookie=1d7c9e26-cd9b-4ab5-9254-471d909bf229
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:06 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 477A45B5B62744609E5E35666B8F7278 Ref B: MIAEDGE2718 Ref C: 2023-06-17T23:44:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+W+CYzblguGOTq+IlfA==

Redirect headers

date
Sat, 17 Jun 2023 23:44:06 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: ADBBD08B83014FD0B7DE7F312C4A6646 Ref B: MIAEDGE2718 Ref C: 2023-06-17T23:44:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/db_sync?pid=10339&puuid=cbb3e467dea75438300e93c97793d9da4b4626f4a64435b2a1a935876a838afe791426b5417dce21&rand=01186679&expected_cookie=1d7c9e26-cd9b-4ab5-9254-471d909bf229
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+W+CTiUaRxWzNzIz2kA==
sd
us-u.openx.net/w/1.0/ Frame 60D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6163557896886539984
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6163557896886539984
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 17 Jun 2023 23:44:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b23562bc-e93b-4026-9134-ffcc94ec6430
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6163557896886539984
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 60D9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3666460092970085583&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3666460092970085583&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3666460092970085583&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 60D9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZI5FQwAAARkr3QAz
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZI5FQwAAARkr3QAz
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1687045446.294947,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZI5FQwAAARkr3QAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&us_privacy=1---&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26us_privacy%3D1---%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&us_privacy=1---&uid=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&us_privacy=1---&uid=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:06 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://u.4dex.io/setuid?bidder=indexexchange&us_privacy=1---&uid=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
b-e09f10f-d93d43bf.js
tagan.adlightning.com/valnet/ Frame 2E13 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15c8a0708e3db7938bb7d7a63b5c67abad96dde683cccef9b5254e82e203cf62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 16:35:59 GMT
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
x-amz-version-id
Zv9.b8J7cZOfuJGJyhlkBF6T85xjCqrA
x-amz-cf-pop
IAD89-P1
age
1062488
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28870
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:35:39 GMT
server
AmazonS3
etag
"82cf001d792438020a87c24097f91aa6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WtDgT5CTVAxTY11xO99VQsF1vgYREE6cKG4h2GAomTfOHeyvkt2JJA==
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 2E13 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Jun 2023 23:44:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
38542
x-jsd-version
1.15.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9276
x-served-by
cache-fra-eddf8230064-FRA, cache-mia-kmia1760031-MIA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E13 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:06 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6HWFJ4EQLT&gtm=45je36e0&_p=1350175328&cid=282878327.1687045442&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&ngs=1&sid=1687045441&sct=1&seg=0&dl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&dt=Two%20United%20Airlines%20Employees%20Charging%20With%20Stealing%20Marijuana%20From%20Passenger%20Luggage&_s=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2E13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9bcTIsiX1UjSzzwOvSrt8V7zSDlWgq7EY4VhurwWrMWb9DuJa7Jqg0AgspjY0CDHeiqqh3cMTj2mJ9dVrrn77iSKULahML9SaQlFlqtJvr1b1vbIQ0W7EvUtvTxQVcnxfCwctKr8-_RCCeHSNPK0Pi7WYfBNx4_10IyT42LiW0AlVnMI6h4TYUl3NHv4Aav-mq8HNiUR_9SUsONwRmSAOgfLiNoW3iJVnsxllN9Wko8o0WVbKemTwsAd1JwC_LeMnolxBBhpSuNit0Q_INrAMTx3wHIC9d0RXU4bHq82tGaqs4W5PdoAps82LNfuDnKQQzXVBzyxLPD8AvzYGDHBrfV161v0u-k_ijF-p0Q&sai=AMfl-YR1QVQkCATOY8bYAGQWhq-n1fW_YW83-6AIp7xEPD3li_XWaMISLRl6Px2YvLKUhfxS-XNKHklFVlDVFyjZ2uGX-plA1xkabKweonqiVDBaWGnnetqgwUFqH_qzlks&sig=Cg0ArKJSzJdjnBgDxe6rEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ttj
ib.3lift.com/ Frame 2E13 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=SimpleFlying_ATF_SB_Desktop_300x250_HDX
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-81.iad55.r.cloudfront.net
Software
/
Resource Hash
1d735bd8e0a45a5de40b3c85731f14d757650e3d0a134cbff555784bfdec4dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
gzip
via
1.1 f1dd5bd4f4b31b158b9e826b6e013cda.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4
age
286
etag
"982388168cc3d08281caf78dfd98e4cc95d6a532"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
content-length
2292
x-amz-cf-id
cqpZN3JUd3ZSFtMl9M41XDrwWuV0Wu7uNoC0nfYrA8skjsYop9rwXg==
notify
tlx.3lift.com/header/ Frame 2E13 		37 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=2.233&ts=1687045443&aid=18788414406413937260552&ec=5989_79352_396059580&n=GgDyAvIBCAASFzE4Nzg4NDE0NDA2NDEzOTM3MjYwNTUyGAAgASjlLjD46wRAAUgBUAFgCmgAcMcFkAEAmAEAqAEAuAFkwAG5EcgB4xTwAQD4AeMUgAK5EZECAAAAAAAA8D%2BZAoAAjGXgesQ%2FqAIAsAIByAIE2AIA8QJmZmZmZmbmP%2FgChS%2BAA6wCiAP6AZADAJgDAKADAagDBbgDkeMDyAMA0gMJMzk2MDU5NTgw2gMJNzEwOTY2MzUw4AOT2hTpAwAAAAAAAAAA8APjFPkDAAAAAAAAAACABAiJBFK4HoXrUcg%2FoAQEqQSAAIxl4HrEP7gEC8AEwgf4AgyIAwCSAwRjNjI3mAMAoAPSmQ2oAwA%3D
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.10.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-10-219.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:07 GMT
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
container.html
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F3F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:05 GMT
expires
Sun, 16 Jun 2024 23:44:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
13704
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13704
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-12.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
via
1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-trace-id
Root=1-648e4547-1f652a5545b7959e5a08f9b4
x-amzn-requestid
210f9dca-1d3b-47ea-87e2-49e256836d34
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Gr_DOEaPjoEFxsQ=
content-length
25
x-amz-cf-id
NuxiCEBKlqagy2M_xfaD471ff_7eQ2aR1lLCC6PrdRBNUncX0lhTCw==
bundle.js
ib.3lift.com/rev/a75d1a7b6451fb8e97d45b1d972e95d4366c1591/dist/ Frame 2E13 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/a75d1a7b6451fb8e97d45b1d972e95d4366c1591/dist/bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-81.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4feb275f4004ae990d74f2baa3c0d6afa65e3f69cccce604d7048767bad46a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 21:11:21 GMT
content-encoding
gzip
via
1.1 f1dd5bd4f4b31b158b9e826b6e013cda.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4
age
268367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
61102
last-modified
Wed, 14 Jun 2023 20:57:30 GMT
server
AmazonS3
etag
"4a9ca6a94c52e98733c348bf159be078"
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
3R41OQCzUJOFffyUPOZfcQ43lP8JlJy5qfVWcJf7Lfnj_YnCQuYGGg==
truncated
/ Frame 2E13 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97c014e9f3333dbf34e24ac0ab42457fa7fb64973be183b4bfee6af1277c7f33

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
bl-255bb0a-215d450f.js
tagan.adlightning.com/valnet/ Frame 1F3F 		133 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/bl-255bb0a-215d450f.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af037d5bbe80a293a473b05175fee0bb20527405cf6921aaf3035ce1776d5936

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 17:36:28 GMT
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
x-amz-version-id
t4GF6pUWMTGKed772mkUmPaKV3qPVbwO
x-amz-cf-pop
IAD89-P1
age
367660
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
42378
x-amz-meta-git_commit
255bb0a
last-modified
Tue, 13 Jun 2023 17:32:31 GMT
server
AmazonS3
etag
"1ccc4ee64c627acfcb3f2b10732a0db3"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
N5H0OkxX1Xa-mhWWdbAxGJR5BuY9myDv3VZ2fASfea0sMYejxb4cxg==
b-e09f10f-d93d43bf.js
tagan.adlightning.com/valnet/ Frame 1F3F 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15c8a0708e3db7938bb7d7a63b5c67abad96dde683cccef9b5254e82e203cf62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 16:35:59 GMT
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
x-amz-version-id
Zv9.b8J7cZOfuJGJyhlkBF6T85xjCqrA
x-amz-cf-pop
IAD89-P1
age
1062489
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28870
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:35:39 GMT
server
AmazonS3
etag
"82cf001d792438020a87c24097f91aa6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6AdyvWh5Fxh9W5b7T8sr0Clf1Mz0z3lV42NKl5w2-MAHbgjkVVrk1g==
v1
a1474.casalemedia.com/impression/ Frame 1F3F 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1474.casalemedia.com/impression/v1?bidID=98bd9239-6f63-438a-be8e-c1dd09fcf596&traceID=ci74ahj5ub3odhq8dif0&dspID=85&userID=ZI5FQbEkXkeCVJbyhldx0QAA&cmpro=33&deviceType=2&expiryTime=1687046046&profileIDs=&ap=ZI5FRgAIZBAIaAB4AA5qUYK1Jm75u0EtbC91_A&siteID=557257&creativeID=1b66cfb&pubID=184915&format=banner&channel=site
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.204.239.164 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:08 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F3F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bgw1eUtud13fVCO-jBN53xiqS817OBveZ_O7HW3rIUe73hGw0i9TkIQyCxQ282mZ9uTpfR_ZUg3ZYxiPlMB2uCxo8uXivbkqoDzcbEG6tbxfdxhmc
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F3F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13722989378822227321&x=13&ct=76
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1F3F 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:07 GMT
jload
pixel.adsafeprotected.com/ Frame 1F3F 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=710966350&campId=51178161&pubId=13&placementId=396059734&adsafe_par&bundleId=&dealId=&bidurl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.148.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-148-57.compute-1.amazonaws.com
Software
/
Resource Hash
3518ef108c3772a9d0b2f282565edc7574bd4a4ddf330303012114aed3e10800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1362487/69631272/xbbe/creative/ Frame 1F3F 		251 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1362487/69631272/xbbe/creative/adj?p=APEucNUyvx52L1MeRDKyps9I3f2CeWF64We_56lmBext-z3oahTjDUE&d=CokBAKAmf-DLBySL6ukjqhBPEuhnoTv2GzLMi00_svmMPHg5jI8EW8H1tTwQuBh0UGP0_pg8Y1i-oRs0KTbXbAmbkJ3pdcvI-m_vZqXpzDdoLZuhBHRg4-SIQiYoZweqpDmjudBc1oZlEY-iDmsU2bBBQo6d7LNOLE9MXbL6MxZ0v15zkqGT02FWD0QS6Q8AoCZ_4Na8mAO_cL0SMtmTHuk6V-E-sQbQBTJwlR-k3__2CLjTfOxuFpWo4kaMk2J8zeo0Nkz_Pkhie6jkuHxndqOakEo8XAnfpHaUequY6nDtJIhQ_6r5Ji_7RadUWatRj2CbPbPV6etWV9PIHuQQd9PLW1Qr9eVL6S_-JLnRAAnHyHnLzcPOnKcN3-KTSutesHlMZGh-60GgCHV9bfVh5n6Qy7pgbpGPM4dB4mIEGoKkM1OAJZnYt-NzY4IloovAVyx2lmeocRxGZRmyGuQZ5b6a-H9YIsqnqK2V0bODvkcwebgqxLfySNO1b6HL1QCB7ZfUtmxGsOtDSa_FaBgBZ8JjF2FUEvOr-QVNY08FSHWpTGBmqN2l670mkZ3xLLo3w8iaCadimKLDfyFjRTOF4Fhpvc8JTawYe_JaEbC2f2aVG44OMrC3afwCBnX5eZxAHid13_nTBimB_NnMtA1Y1F6okmVOXmjeDcf2XOPL7EH5sxsqhDBVmr1Qy9rru5iWU0yHSSiEJTi2OuErtnbWCrEQ9hGtU4XCwoV9cWPIcpyF4DvtLc8yzG8i63G87SwsbI9an0xvUivYjt4iB2GtEo1BsV7zVDf8BJQo5GZalIzIA-4A2R88ithTkqxW8GSGKr9i5OYO5oXQW3GrH4D0hU3k8xa_9nMaWeSmU-x2pwhVzAiPvmlw4QGea8u-Vcyz6pKTzNDh8QHfrabAOJVZ4vniy0J1vkeCii99J4BNa-qBtrf10W5zlMT-wLeBK4GAcsDP4S8bPajymdY_6uHBeSzxtu7BvUhDdJ6CxXV0uqUTTAGc71cDgk5mcqdHWP0V7oH6_qoSiG6Am-J9tsVdgT-760rCPz73ODRJhoWlhWwul-zUGbVgg-sUYc6T4Z36l2tTw6YSoXEux62FfPiOr2rvou4lTDvPpEul_v-SgioaAuvEi1o4PCl5bbXdMXqgGP8MIUazRVzZ97d0bkIMGwKukR-7y8dIG3UaP24BDrtXi85xbf6ZWj-w_BEmFWbYgGkazgR4HrSLs5mFj4IdmJQ81SQDQF5Zuh45BBEsvaefxwZY_M3ret090DmFesGsbQPlw0MRyhn3iIwmUOLCGYCvQb5Nsybbb7RL3Kzjwjykwmk7bk4nrEHTuNEQ0G7ShF47kqCJmevyDDSUzKrLQIMiJwxung2qocUKzYMer_f98j_yQ_EulD_jlKi-AeGTgilQ1FgPiAyw6_6ZrtsXOml8WlUgCHOKFGaAERRvSdMzobAmt96kP_KrNuaA__TJnx8iCNTCQNxascBiU1B5o7kZX38BOug3cf1x6lhbrgrDmFsmr11JwoumaGHqMDDoXFjtdWH03RZ6Ed-Qu3_D9fM9kRsxEZe3T7QCWVGPCLT8iOchgk-H5ToK_dvu7Bu_YkD7DXDUH5d8J7T8dXkszTkz-Sc5RPSscaCmGnXJMD77danchVe2a1E6DIQjua1tLo2owQt0ZGo_U2avw43RNmDEWxbPkXyyTWfmVSjwz1xMZeH6_fWZEWTeO4rQUs0l3rfrJJmlerA0Fq3jbF0ZVucfBsYnOu3Osr4MILQxG2zHAK5q8Shd8ajM6dH7Iog-L5fbC_yi4WN-1vtfZ4G5Wslq5n4b_2L_gkFeFzkK8vX8Nr7Qxp5I68ieysC85x6pmCzL_h75pPcAMPQLe9ES24mcezUEnuvtgh-bqsw2YotcMyejbpEQ0twTkBiS1rbTz5dqS2HMxVlGjrXbhgrUPDURaLQacmjiy16iVo6Jc4MitQYbXZM8o6dsH9lGHI2llPotFjCvEp2W3j3AUBIVPZv6r_2tzJCqLUVZIvLSB3nAjBfjBMEktG5UKbYGoxqay3UXxbi7EacxGxxxYrF-aNIuWUD90gvOADQ6t133AVE-FlIRdX-f86JfabHuwKMSCPmflmxblTMxd-BBY3wvTDFxrxjQtie3iBSkz-X60g9F9SnOZAXb3WAMKAU4nLxFl-Yz1P3livgSJlKKJV4c9aYQL-DVR43kbDM8lyDIwGWdkhEXOZf0ZzwyjQfrLoJhiF9PtKhQzzbXxtNZwWUScQG2Q-sWzvDxY7xSQd-IKMSgKFxdom7RHQCOhE9LeJ0BddveXZY1fC_HcdQUWKeRdYPRiWjmIweCC4ThYXGzGM5KhKTvTCAfW_vIBkR-Q6ZDLVF8oQ3XMc50Kn2zOMD0cgSB-gyYoUWm-YH-BmADtA5ULq-HVTpp9JXnPYc4RodB9iNCeRTjGrglJ9LGp7N_xiBq68MJaG-v11Od-tksZNm0KqnvumwNxSQu0hrg1XQLHQHdWw0Z-h-aMFMhPjgww5q24YZzMd52OCSy0X7qpg-udscHYty3leGAnYmbQTDstnAxvhgYjCfgisMxEfYjSfMgupWdwiusWkRbMSWXU4VrYWNKTn8AzhV5og0buFPRJSVXEa-2ZL5RweGh1MNUMpsWbIfWzOq0oPbyz3Mcz8fCFFnK1KVOI-QKSFL55mHu2FDxJbPre14GKKCF8VycOWS3YUzb9Js_A_d9f43jHvn-BOqNzbzV_LGdHrXDNI0vLBhhFCednZrFM9Y-BAUJ0kySJgxj7qpvtxCiU-qxymN0sfH3t-of08A_xdyzGI7SfI8kWDUoe3pI27j93VmrH0BoKtqscGyIEy1rqk6a8w0oLa3PyLQ2X8kzItX1FisZ45ghAqpdlcMaLwgEEikAcoEIg7SiDBhdasyb8UcSg9BN8Pp2kHNwRBUH8Wb0n_zkn91tJ8MeQBgBYAE&bundleId=&ias_dspID=3&ias_campId=20426361&ias_pubId=184915&ias_chanId=13&ias_placementId=51178161&bidurl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hsqAOARBIUEtRMCbzd9MxT
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.3.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-3-198.compute-1.amazonaws.com
Software
/
Resource Hash
5d1670012e2ad886c27d24dc4225fe57fd7a6bee70949e34dae2ffb933404ae8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 1F3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 18:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
17280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 18:56:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 1F3F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 18:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
17279
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 18:56:08 GMT
l
www.google.com/ads/measurement/ Frame 1F3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDaBc1p0CNt40N8u05p1ZswsMpa-AdCTVvelkgFfbfZa6DY-0kKsfDABaR9XRp81M3SiGDqDcqxlpRTkOZvSbrg5TTVg
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1F3F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 12:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
300251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jun 2024 12:19:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F3F 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:07 GMT
notify
tlx.3lift.com/header/ 		37 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=2.233&ts=1687045443&aid=18788414406413937260552&ec=5989_79352_396059580&n=GgDyAvIBCAASFzE4Nzg4NDE0NDA2NDEzOTM3MjYwNTUyGAAgASjlLjD46wRAAUgBUAFgCmgAcMcFkAEAmAEAqAEAuAFkwAG5EcgB4xTwAQD4AeMUgAK5EZECAAAAAAAA8D%2BZAoAAjGXgesQ%2FqAIAsAIByAIE2AIA8QJmZmZmZmbmP%2FgChS%2BAA6wCiAP6AZADAJgDAKADAagDBbgDkeMDyAMA0gMJMzk2MDU5NTgw2gMJNzEwOTY2MzUw4AOT2hTpAwAAAAAAAAAA8APjFPkDAAAAAAAAAACABAiJBFK4HoXrUcg%2FoAQEqQSAAIxl4HrEP7gEC8AEwgf4AgyIAwCSAwRjNjI3mAMAoAPSmQ2oAwA%3D&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.10.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-10-219.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:07 GMT
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=SimpleFlying_ATF_SB_Desktop_300x250_HDX&aid=18788414406413937260552&rev=a75d1a7&pr=un&bc=2.659&bmid=5989&biid=6021&sid=79352&brid=711&adid=396059580&crid=339219&ts=1687045443&bcud=2659&ss=12&caid=0&unid=0&domain=simpleflying.com&ref=https%253A%252F%252Fsimpleflying.com%252Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%252F&rr=creative&fid=10&rb=0&g=0&tmplid=202578&cb=89210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pe
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?inv_code=SimpleFlying_ATF_SB_Desktop_300x250_HDX&aid=18788414406413937260552&rev=a75d1a7&peid=1&fid=10&tid=0&cb=94571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 2E13 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-81.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 18:50:02 GMT
via
1.1 6d5b0fa46ef77b2ff227bdbcee6603ee.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
536046
x-amz-cf-pop
IAD55-P4
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3125
x-amz-cf-id
gImIl3kejOEjieXmdv-EDa1iGY0bQWCQW57jgal2mHt3Q8hJ1wVx-g==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 2E13 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-81.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 20:32:02 GMT
via
1.1 6d5b0fa46ef77b2ff227bdbcee6603ee.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
529926
x-amz-cf-pop
IAD55-P4
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3518
x-amz-cf-id
qBHxMndBuga1Rox0d0M19dm3ReUZ2XlEUkSDIJxyZTJ5qin36PdFog==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=SimpleFlying_ATF_SB_Desktop_300x250_HDX&aid=18788414406413937260552&rev=a75d1a7&cta_render_method=1&cta_render_text=&cb=70181
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame DB1A 		663 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIYvMftvAEwAQ&v=APEucNVuIOO4xJfFEfMxBffzvx5CORs2CZEQ3Zrdirh_skG1bXipm10eCq8-tYip7duH9AQPszW81IkcuxQCUj34Q-qBoc69-w
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8A76 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:07 GMT
jload
pixel.adsafeprotected.com/ Frame 8A76 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=710966350&campId=51178161&pubId=96&placementId=396059580&adsafe_par&bundleId=&dealId=&bidurl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.148.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-148-57.compute-1.amazonaws.com
Software
/
Resource Hash
b7f71305ee3421e1b929c25045ed575e1c03d245fd7f7a452935fbb26011c6b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1362487/69631270/xbbe/creative/ Frame 8A76 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1362487/69631270/xbbe/creative/adj?p=APEucNW5E4rWA2pyRbBPKdopVfnuPP6tQ1dk2E5yIaWp634Tpr9z_Dc&d=CokBAKAmf-DsSeV1Wrv7PFymp9pWDL81_X2JfLRKOGuAJIC8HWU5fsarRnYLKGC3bpJzze8iOJpxSQCIoPQ5DNZysimKQiDcGuzdbbYcnUC5a8tjfXNZASGJodY8Fkdjx_F6kLfhbL06WY4WwyN_orVnrtg7rRErc8RqO9dkORWxbCFpYfEURhvpP84SyQ8AoCZ_4KZgtWLyDMhP1Q-v8DqSiVwFScC9vxpgqhrUrUTIb7V7MHWdn2VjpbpPvqtM8Z9mFmEfZ3WX3uKKCZpAIIh1u-wD9YCxnJmOO28oD8IZ8-iBJDnM4Tq9mh3DQ95g7a1nf7NT-tkRV7iq_gsxd-Tw-2X60GK8EPLLcgqbciZy4VHSLv2Hs_CyQNNMzmG8FNzf-naOXF28En_I352bDLFuUTA3abMKKq_CK9hChGNkGePqWNFSvx9m3M1-_9DzMVJKz7uwff5InOQ6KtkOaBPshNJfZplVht7bj5M_yXAy_yE2kQvbzESUWFMgeQwnZwGsSNIYujfD-g4jjf-g1_E0xouus3z7oTghR8-zLCVvIKVUxQjVSRpKvNFzAzvIlhJuv5BhMrnwFXoDY6pi3OtOeyegKIMXhfkKtqMvR9V31lKOSXSDmPh9GaZ77N9vl6PzRMtknCpS_AQ6ApXIQtqDF5UTV9ko7l9clxoTPOegQ2JBSDwaYAy1tf6RMatQ92a4qp8HaIRX1FnGz0Yj-Kugrp2MxHl_gN3qhxftpli_MjvthdsyXzCcrlwqGNyOZ7oelyqDyFQs9s1WV0kD4lFiePsw-1OgYO_OGlg5lZCRzlbhKy4N80LPeYYRET5FSljGS6Vof8pltL_bGdvMIewTnlOEWx7pBvx9lDODaJndENIW6jwg6VqL5Q9NtOsStEniZP9MpCObbj1-9BJdUNdjdlWtmdJIJuiRsoNzBVdKszm-rf7k1kOwP7YkeOY1Y2m_tQzyCrdUhyUhzHhtV8Wv4i9itukOaTb4VE_DJzlFoQkYa8JbL8aSZPZeublLqqBldok2ZE42_9bg4YIxfLACjdTy354EuCROamji-Cbl0dqBFbWpx3QGhcBErGy8Va4PsXD13hWj7GISbSk0dHEr9pHMoZZn4VdFimyeJZu-k967wY4bnqtNK_ZCHEmm0WnbPnN9d8kzUQonJ5ipCOa3CtD4Fb0-KhJwkoihHOcA25pBzVmfYSXrUto0CbbOmttvHmEDPcrVs1Yn3DaGJ2ClvjPBwg2kR6HVvQL5wfMlf5g02MQi8B9l12EtXqKucQrBDgNZSO20cYuajXsLt6iaJIaG378EwFNWdnyC2J5PepyoB6yH_28aNmyk3cnjkhVe9UlvXyQ4j9uD3rhpC2J3aNqrwJ6qx-rFm7ZmKfAjDuKvysIy0SISxwmbfHd1Tux7oh2wMeMgvbE2_3OYiOph7F0Ne4sdnqitdKfekS2GuKQbj9fJOpXiKZ4Vx88cHj2q7i70WA8_RE3IAg9_67kDY8YQwzpWXKjTYjDDXVvGMwzx2FfYKET3J_7WU6LiSU3yOW6fLa6X-35XQLTZrxjKpuvId190XQxy1ijfi9K9jegBCx5aT9rTnlHM1GorImafPRZVdjaSn0mAcUfRrJ3-gk4F4RAchMqwgr4Pu_IYFIrpL7YsMne6omDrZx4rDM8hWMFioI94zizHDNE6VvdXvd1nTlGBdrY4USPbxSPbUgQZtYDLU_JKDB9T_EbrHNcF7tRNKs03zPNW8wBbduHuEDQ6ceRR_XBQfTdWhg4g5l2OJCelK-5FeRPLD-jmpZfbGI3obI8_aPxprfRFP0JjRRDikvXMwqqavKDFlWFNHFKGOzweOOtqJF-ZJoixXuv3-gw-F_SlmsCyC77whxPsjyX-RIR7x7Y38lyxfTC12FRKl95RRLC16TBWqvpZjjjC010tDmJPILRrs_MZYJCMFrtkuZX5tVF3t2E_d66EZIxSw_1wqi2e7XokKHmMxFPh2uhXzssiwDOHC_-EPopc4xmvLAuXisfQ-Zkjtbcr5CyZXxIIEDVH8b1uG95NtavlB0VRzo2pu4YnFuWU1ZDezuWsd_LHgNUB-PeI1za26Upy-n2xs1Ogwp5bUN3XbcgCVaNZyd7Xp45X_uGKoNE2t0-opITgl8uVA-jD98t-CfjtahVQu5GiFJsJXfJ7eU_o-cZwcSvXXDO4R5pa4q2FTnetHnhKdP6Pj9FRtLptXa2KZ2tNlshmfuWYmC0_VUdhVBf_UsJ9eh93I3NRhFO1A5d_Rwe3CNTX6JFGHoh_rxGrZPPMzm06gAl22zkK9RmY9aRnOVOBJAph-P3xsqyotJBjpVFhSLz6q5AApBg3U1NW49whjUb094WBxCjnp4UVpCyWs1bA7QIY4ZXxWF04KJHBJaYePUfbI6_TvlkoIc9fGxzPgKrmY0cHHu4xtMyDo9uDftoHz_OfA5BZ4HP348_gFFpAm54LGMRiEiUPK-O1bqRtGDxBRxQYETNE6YgbwgzdHhY-ayN2MM4mYb3egEJxU57UKGlN8osuyzCgTebvQhkbsXvt65JKMCvXRon_q5Sf42RSMgkUA-m9-ggbEuCI6lgwBWn8pzrV3tQ5oaHxxBhDMZt_91wfqiEl2eswV2vjnR-1ZpmO5X03gZN-nAAzPJ-F5SQJaq9vgzcUYJQVhP_bYzLST-JqTK9JKUnVhBTwNcxxsx4i1kFhgBXiWCDGgomS1Br6qKoTbc5bCNsZuE5I4XKMrif_P6JU15fPGJNmSxu8B1xgJMezwIDJP95MGwMVsbGSJ7XUA4GNROqol2WOkduHpggvChKdF7lCDstYzc1fkxYMrL_yCRtufgP3BMEbGjgIBBIyAHKBCIMCLOE-mABz0CUYq_SD7G8QpaYMmEolEI7P6nAwBBgTHSQar_ry4LoLWa23C9kYAWAB&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DSimpleFlying_ATF_SB_Desktop_300x250_HDX%26aid%3D18788414406413937260552%26rev%3Da75d1a7%26pr%3D2.233%26bc%3D2.659%26bmid%3D5989%26biid%3D6021%26sid%3D79352%26brid%3D711%26adid%3D396059580%26crid%3D339219%26ts%3D1687045443%26bcud%3D2659%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D92240%26rdir%3D&bundleId=&ias_dspID=3&ias_campId=20426361&ias_pubId=11453&ias_chanId=96&ias_placementId=51178161&bidurl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iss5SH5R0ZMZMjf4WIQb0V
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.3.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-3-198.compute-1.amazonaws.com
Software
/
Resource Hash
d557d4c7424daa420829c0601bc94d172e5df238b0385b1df8083c5430c533b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A76 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPEVzo0NH6g6Ikjl-t9axB1Ks1TG9MdK0ERa_RRDJIAjk0NdNa8R5eSNkt9ffpMlAbA0F_NEjx6tEgrz8qQFcsLXU9i29DdNe2bKmOWvYefErenqU
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A76 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=982565726295363482&x=96&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=SimpleFlying_ATF_SB_Desktop_300x250_HDX&aid=18788414406413937260552&rev=a75d1a7&pr=un&bc=2.659&bmid=5989&biid=6021&sid=79352&brid=711&adid=396059580&crid=339219&ts=1687045443&bcud=2659&ss=12&caid=0&unid=0&domain=simpleflying.com&ref=https%253A%252F%252Fsimpleflying.com%252Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%252F&rr=creative&fid=10&rb=0&g=0&tmplid=202578&cb=42325
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
moatad.js
z.moatads.com/triplelift879988051105/ Frame 2E13 		324 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/triplelift879988051105/moatad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.156.48 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-156-48.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a438aafdd1ec78075f147cac89796254171fa2f898803b18324de9613c7cc1c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 18:22:36 GMT
server
AmazonS3
x-amz-request-id
52AZP9Y9HJ8YJBEX
etag
"4732ce4dd37728f46d2664cc602aff2d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59254
accept-ranges
bytes
content-length
112140
x-amz-id-2
5sgDEHo9Zau1EDzd5b9nSwoPoVzba7MmV3NZd+I7rHqn0qa5qSI8uoFxll1KjLZe75MXnCyEfYY=
tpvpx
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/tpvpx?inv_code=SimpleFlying_ATF_SB_Desktop_300x250_HDX&aid=18788414406413937260552&rev=a75d1a7&pid=216274&unid=0&vid=1&sr=1&cb=58608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame 1DAD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
2c0f1cb0117c7ff7e891f98c7f960bf2a49cdfa95bcbcffe1a7ff36b224e145b

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:07 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
xuid
eb2.3lift.com/ Frame 1DAD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 1DAD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1DAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPg6EJvGMDPre8WflrSJex8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPg6EJvGMDPre8WflrSJex8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPg6EJvGMDPre8WflrSJex8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1DAD
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D
date
Sat, 17 Jun 2023 23:44:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 1DAD 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4090118527531875369328&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:08 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 92DB42CCDC6E4A398D3A4C4EA8F736FD Ref B: MIAEDGE2718 Ref C: 2023-06-17T23:44:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+W+CuLq8XcRi2X8dWeg==
xuid
eb2.3lift.com/ Frame 1DAD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4090118527531875369328&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cffeb3e3-6131-4e23-b554-1c59b3ed9f1a&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 17 Jun 2023 23:44:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 1DAD 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4090118527531875369328&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A6725C5F77D844DF909D41A6F1824A16 Ref B: MIAEDGE1608 Ref C: 2023-06-17T23:44:08Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 1DAD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4090118527531875369328?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-QI8hmCJE2oQC0raEP2xyC2fHjK43eFpGYbIYcclpQQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-QI8hmCJE2oQC0raEP2xyC2fHjK43eFpGYbIYcclpQQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 17 Jun 2023 23:44:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-QI8hmCJE2oQC0raEP2xyC2fHjK43eFpGYbIYcclpQQ--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 1DAD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=SH61o9eW3usfInkR2FZ-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KNEDMMLPHFSVO...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=SH61o9eW3usfInkR2FZ-
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=SH61o9eW3usfInkR2FZ-
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:09 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=SH61o9eW3usfInkR2FZ-
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 1DAD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6163557896886539984&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6163557896886539984&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=53950
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sat, 17 Jun 2023 23:44:08 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
49d94c0c-e4a4-472e-8c68-0a2e594a6559
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6163557896886539984&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.lkqd.net/ Frame DB1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEGQDWxbZdlUgBz5JXhv0rGQ&google_cver=1
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEGQDWxbZdlUgBz5JXhv0rGQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIYvMftvAEwAQ&v=APEucNVuIOO4xJfFEfMxBffzvx5CORs2CZEQ3Zrdirh_skG1bXipm10eCq8-tYip7duH9AQPszW81IkcuxQCUj34Q-qBoc69-w
Protocol
H2
Server
146.20.128.141 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEGQDWxbZdlUgBz5JXhv0rGQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB1A
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=RTktTTVraDA2d0k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=RTktTTVraDA2d0k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIYvMftvAEwAQ&v=APEucNVuIOO4xJfFEfMxBffzvx5CORs2CZEQ3Zrdirh_skG1bXipm10eCq8-tYip7duH9AQPszW81IkcuxQCUj34Q-qBoc69-w
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Jun 2023 23:44:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=RTktTTVraDA2d0k
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame DB1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIYvMftvAEwAQ&v=APEucNVuIOO4xJfFEfMxBffzvx5CORs2CZEQ3Zrdirh_skG1bXipm10eCq8-tYip7duH9AQPszW81IkcuxQCUj34Q-qBoc69-w
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DB1A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI5FQbEkXkeCVJbyhldx0QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIYvMftvAEwAQ&v=APEucNVuIOO4xJfFEfMxBffzvx5CORs2CZEQ3Zrdirh_skG1bXipm10eCq8-tYip7duH9AQPszW81IkcuxQCUj34Q-qBoc69-w
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF2GWPW021FmXDKAChqrJVM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=0&d=eyJzaXRlSWQiOiJ2YWxuZXQiLCJ1cmwiOiJodHRwczovL3NpbXBsZWZseWluZy5jb20vdHdvLXVuaXRlZC1haXJsaW5lcy1lbXBsb3llZXMtY2hhcmdpbmctc3RlYWxpbmctbWFyaWp1YW5hLXBhc3Nlbmdlci1sdWdnYWdlLyIsImFkVW5pdCI6Ii8zOTM2Mzc3NS9TaW1wbGVGbHlpbmcvQXJ0aWNsZV9JbkNvbnRlbnRfRGVza3RvcF8xIiwiYWRTZXJ2ZXJEZXRhaWxzIjp7ImFkdmVydGlzZXJJZCI6Ijc4MDY5NDk1IiwiY2FtcGFpZ25JZCI6IjMxODQyODE1NTMiLCJjcmVhdGl2ZUlkIjoiMTM4NDM1MTQwNjAxIiwibGluZWl0ZW1JZCI6IjYyNzAzNDM2NjIiLCJhZFNlcnZlciI6ImRmcCIsInlpZWxkR3JvdXBJZHMiOls4MDA0Nl19LCJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwLCJ3diI6IjEuMC4wK2UwOWYxMGYiLCJidiI6ImJsLTI1NWJiMGEtMjE1ZDQ1MGY7Yi1lMDlmMTBmLWQ5M2Q0M2JmIiwibWV0YSI6eyJibGFja2xpc3RTdGF0dXMiOnsibG9hZGVkIjp0cnVlLCJjb3VudCI6MTA4NCwiZmlyc3RJdGVtIjp7InQiOiJjcmVhdGl2ZSAzMjM2MDM2OCIsInIiOjAuMSwiYSI6MTB9fSwiYmxvY2tlZEluZm8iOnsicmVmcmVzaGVkQ291bnQiOjAsImJsb2NrZWRDb3VudCI6MH0sInBsUmF0aW8iOjAuMDF9LCJ0YWdNYXJrdXAiOiI8aHRtbD48aGVhZD5cbiAgICA8bWV0YSBjaGFyc2V0PVwiVVRGLThcIj5cbiAgICA8dGl0bGU%2BU2FmZUZyYW1lIENvbnRhaW5lcjwvdGl0bGU%2BXG4gICAgPHNjcmlwdD5cbihmdW5jdGlvbigpey8qXG5cbiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLlxuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wXG4qL1xudmFyIGY9dGhpc3x8c2VsZixoPWZ1bmN0aW9uKGEpe3JldHVybiBhfTt2YXIgbj1mdW5jdGlvbihhLGIpe3RoaXMuaD1hPT09bCYmYnx8XCJcIjt0aGlzLmc9bX0scD1mdW5jdGlvbihhKXtyZXR1cm4gYSBpbnN0YW5jZW9mIG4mJmEuY29uc3RydWN0b3I9PT1uJiZhLmc9PT1tP2EuaDpcInR5cGVfZXJyb3I6Q29uc3RcIn0sbT17fSxsPXt9O3ZhciByPXZvaWQgMDsvKlxuXG4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjBcbiovXG52YXIgdCxhYT1mdW5jdGlvbigpe2lmKHZvaWQgMD09PXQpe3ZhciBhPW51bGwsYj1mLnRydXN0ZWRUeXBlcztpZihiJiZiLmNyZWF0ZVBvbGljeSl7dHJ5e2E9Yi5jcmVhdGVQb2xpY3koXCJnb29nI2h0bWxcIix7Y3JlYXRlSFRNTDpoLGNyZWF0ZVNjcmlwdDpoLGNyZWF0ZVNjcmlwdFVSTDpofSl9Y2F0Y2goYyl7Zi5jb25zb2xlJiZmLmNvbnNvbGUuZXJyb3IoYy5tZXNzYWdlKX10PWF9ZWxzZSB0PWF9cmV0dXJuIHR9O3ZhciBjYT1mdW5jdGlvbihhKXt0aGlzLmc9YmE9PT1iYT9hOlwiXCJ9O2NhLnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiB0aGlzLmcrXCJcIn07dmFyIGJhPXt9LGRhPWZ1bmN0aW9uKGEpe3ZhciBiPWFhKCk7YT1iP2IuY3JlYXRlU2NyaXB0VVJMKGEpOmE7cmV0dXJuIG5ldyBjYShhKX07dmFyIGVhPXt9LHU9ZnVuY3Rpb24oYSxiKXt0aGlzLmc9Yj09PWVhP2E6XCJcIn07dS5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5nLnRvU3RyaW5nKCl9O3ZhciBoYT1mdW5jdGlvbigpe3ZhciBhPXYsYj17bWVzc2FnZTpmYSh2KX07dmFyIGM9dm9pZCAwPT09Yz97fTpjO3RoaXMuZXJyb3I9YTt0aGlzLmNvbnRleHQ9Yi5jb250ZXh0O3RoaXMubXNnPWIubWVzc2FnZXx8XCJcIjt0aGlzLmlkPWIuaWR8fFwianNlcnJvclwiO3RoaXMubWV0YT1jfTt2YXIgdz1mdW5jdGlvbihhKXt3W1wiIFwiXShhKTtyZXR1cm4gYX07d1tcIiBcIl09ZnVuY3Rpb24oKXt9O3ZhciBpYT1SZWdFeHAoXCJeKD86KFteOi8%2FIy5dKyk6KT8oPzovLyg%2FOihbXlxcXFxcXFxcLz8jXSopQCk%2FKFteXFxcXFxcXFwvPyNdKj8pKD86OihbMC05XSspKT8oPz1bXFxcXFxcXFwvPyNdfCQpKT8oW14%2FI10rKT8oPzpcXFxcPyhbXiNdKikpPyg%2FOiMoW1xcXFxzXFxcXFNdKikpPyRcIik7dmFyIGphPWZ1bmN0aW9uKGEsYil7aWYoYSlmb3IodmFyIGMgaW4gYSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxjKSYmYihhW2NdLGMsYSl9O3ZhciBrYT1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKSxtYT1mdW5jdGlvbigpe3ZhciBhPWxhO3RoaXMuZz14O3RoaXMuaD1hfSxuYT1mdW5jdGlvbihhLGIpe3RoaXMudXJsPWE7dGhpcy5qPSEhYjt0aGlzLmRlcHRoPW51bGx9O2Z1bmN0aW9uIG9hKGEpe2YuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwoZi5nb29nbGVfaW1hZ2VfcmVxdWVzdHM9W10pO3ZhciBiPWYuZG9jdW1lbnQ7Yj12b2lkIDA9PT1iP2RvY3VtZW50OmI7Yj1iLmNyZWF0ZUVsZW1lbnQoXCJpbWdcIik7Yi5zcmM9YTtmLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cy5wdXNoKGIpfTt2YXIgeT1mdW5jdGlvbigpe3RoaXMuaT1cIiZcIjt0aGlzLmg9e307dGhpcy5vPTA7dGhpcy5nPVtdfSx6PWZ1bmN0aW9uKGEsYil7dmFyIGM9e307Y1thXT1iO3JldHVybltjXX0scWE9ZnVuY3Rpb24oYSxiLGMsZCxlKXt2YXIgaz1bXTtqYShhLGZ1bmN0aW9uKGcsQSl7KGc9cGEoZyxiLGMsZCxlKSkmJmsucHVzaChBK1wiPVwiK2cpfSk7cmV0dXJuIGsuam9pbihiKX0scGE9ZnVuY3Rpb24oYSxiLGMsZCxlKXtpZihudWxsPT1hKXJldHVyblwiXCI7Yj1ifHxcIiZcIjtjPWN8fFwiLCRcIjtcInN0cmluZ1wiPT10eXBlb2YgYyYmKGM9Yy5zcGxpdChcIlwiKSk7aWYoYSBpbnN0YW5jZW9mIEFycmF5KXtpZihkPWR8fDAsZDxjLmxlbmd0aCl7Zm9yKHZhciBrPVtdLGc9MDtnPGEubGVuZ3RoO2crKylrLnB1c2gocGEoYVtnXSxiLGMsZCsxLGUpKTtyZXR1cm4gay5qb2luKGNbZF0pfX1lbHNlIGlmKFwib2JqZWN0XCI9PXR5cGVvZiBhKXJldHVybiBlPWV8fDAsMj5lP2VuY29kZVVSSUNvbXBvbmVudChxYShhLGIsYyxkLGUrMSkpOlwiLi4uXCI7cmV0dXJuIGVuY29kZVVSSUNvbXBvbmVudChTdHJpbmcoYSkpfSxzYT1mdW5jdGlvbihhKXt2YXIgYj1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ%2FaWQ9anNlcnJvciZcIixjPXJhKGEpLTI3O2lmKDA%2BYylyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKHphLEFhKXtyZXR1cm4gemEtQWF9KTtmb3IodmFyIGQ9bnVsbCxlPVwiXCIsaz0wO2s8YS5nLmxlbmd0aDtrKyspZm9yKHZhciBnPWEuZ1trXSxBPWEuaFtnXSxPPTA7TzxBLmxlbmd0aDtPKyspe2lmKCFjKXtkPW51bGw9PWQ%2FZzpkO2JyZWFrfXZhciBxPXFhKEFbT10sYS5pLFwiLCRcIik7aWYocSl7cT1lK3E7aWYoYz49cS5sZW5ndGgpe2MtPXEubGVuZ3RoO2IrPXE7ZT1hLmk7YnJlYWt9ZD1udWxsPT1kP2c6ZH19YT1cIlwiO251bGwhPWQmJihhPWUrXCJ0cm49XCIrZCk7cmV0dXJuIGIrYX0scmE9ZnVuY3Rpb24oYSl7dmFyIGI9MSxjO2ZvcihjIGluIGEuaCliPWMubGVuZ3RoPmI%2FYy5sZW5ndGg6YjtyZXR1cm4gMzk5Ny1iLWEuaS5sZW5ndGgtMX07dmFyIHRhPWZ1bmN0aW9uKGEpe2lmKC4wMT5NYXRoLnJhbmRvbSgpKXRyeXtpZihhIGluc3RhbmNlb2YgeSl2YXIgYj1hO2Vsc2UgYj1uZXcgeSxqYShhLGZ1bmN0aW9uKGQsZSl7dmFyIGs9YixnPWsubysrO2Q9eihlLGQpO2suZy5wdXNoKGcpO2suaFtnXT1kfSk7dmFyIGM9c2EoYik7YyYmb2EoYyl9Y2F0Y2goZCl7fX07dmFyIGZhPWZ1bmN0aW9uKGEpe3ZhciBiPWEudG9TdHJpbmcoKTthLm5hbWUmJi0xPT1iLmluZGV4T2YoYS5uYW1lKSYmKGIrPVwiOiBcIithLm5hbWUpO2EubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihhLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2EubWVzc2FnZSk7aWYoYS5zdGFjayl7YT1hLnN0YWNrO3ZhciBjPWI7dHJ5ey0xPT1hLmluZGV4T2YoYykmJihhPWMrXCJcXG5cIithKTtmb3IodmFyIGQ7YSE9ZDspZD1hLGE9YS5yZXBsYWNlKFJlZ0V4cChcIigoaHR0cHM%2FOi8uLiovKVteLzpdKjpcXFxcZCsoPzoufFxcbikqKVxcXFwyXCIpLFwiJDFcIik7Yj1hLnJlcGxhY2UoUmVnRXhwKFwiXFxuICpcIixcImdcIiksXCJcXG5cIil9Y2F0Y2goZSl7Yj1jfX1yZXR1cm4gYn07KHt9KVszXT1kYShwKG5ldyBuKGwsXCJodHRwczovL3MwLjJtZG4ubmV0L2Fkcy9yaWNobWVkaWEvc3R1ZGlvL211L3RlbXBsYXRlcy9oaWZpL2hpZmkuanNcIikpKTsoe30pWzNdPWRhKHAobmV3IG4obCxcImh0dHBzOi8vczAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW9fY2FuYXJ5L211L3RlbXBsYXRlcy9oaWZpL2hpZmlfY2FuYXJ5LmpzXCIpKSk7dmFyIHVhPS9eKFteO10rKTsoXFxkKyk7KFtcXHNcXFNdKikkLzt2YXIgdmE9L14oW2EtejAtOV0oW2EtejAtOS1dezAsNjF9W2EtejAtOV0pP1xcLnNhZmVmcmFtZVxcLmdvb2dsZXN5bmRpY2F0aW9uXFwuY29tfHRwY1xcLmdvb2dsZXN5bmRpY2F0aW9uXFwuY29tfHNlY3VyZWZyYW1lXFwuZG91YmxlY2xpY2tcXC5uZXR8W2EtejAtOV0oW2EtejAtOS1dezAsNjF9W2EtejAtOV0pP1xcLnNhZmVmcmFtZVxcLnVzZXJjb250ZW50XFwuZ29vZykkLyx3YT0vXihwYWdlYWQyXFwuZ29vZ2xlc3luZGljYXRpb25cXC5jb218Z29vZ2xlYWRzXFwuZ1xcLmRvdWJsZWNsaWNrXFwubmV0KSQvO3ZhciB4YT1mdW5jdGlvbihhKXtyZXR1cm4gZnVuY3Rpb24oYil7dmFyIGM9YS5ob3N0bmFtZSxkPXZhLnRlc3QoYyl8fHdhLnRlc3QoYyk7Yz1bY107dmFyIGU9cjtyPXZvaWQgMDtpZighZCl7aWYoZSl0aHJvdyBFcnJvcihlKCkpO2lmKGMmJjA8Yy5sZW5ndGgpdGhyb3cgRXJyb3IoXCJbXCIrYy5tYXAoU3RyaW5nKS5qb2luKFwiLFwiKStcIl1cIik7dGhyb3cgRXJyb3IoU3RyaW5nKGQpKTt9Yj0oZD1hYSgpKT9kLmNyZWF0ZUhUTUwoYik6YjtyZXR1cm4gbmV3IHUoYixlYSl9fShsb2NhdGlvbik7aWYod2luZG93Lm5hbWUpdHJ5e3ZhciBCLHlhPXdpbmRvdy5uYW1lLEM9dWEuZXhlYyh5YSk7aWYobnVsbD09PUMpdGhyb3cgRXJyb3IoXCJDYW5ub3QgcGFyc2Ugc2VyaWFsaXplZCBkYXRhLiBcIit5YS5zdWJzdHJpbmcoMCw1MCkpO3ZhciBEPStDWzJdLEU9Q1szXTtpZihEPkUubGVuZ3RoKXRocm93IEVycm9yKFwiUGFyc2VkIGNvbnRlbnQgc2l6ZSBkb2Vzbid0IG1hdGNoLiBcIitEK1wiOlwiK0UubGVuZ3RoKTtCPXttOkNbMV0sY29udGVudDpFLnN1YnN0cigwLEQpLGw6RS5zdWJzdHIoRCl9O3ZhciBGPUpTT04ucGFyc2UoQi5sKTt3aW5kb3cubmFtZT1cIlwiO3ZhciBCYT1CLmNvbnRlbnQ7Ri5nb29nX3NhZmVmcmFtZV9obHQmJihmLmdvb2dfc2FmZWZyYW1lX2hsdD1GLmdvb2dfc2FmZWZyYW1lX2hsdCk7Ri5fY29udGV4dCYmKGYuQU1QX0NPTlRFWFRfREFUQT1GLl9jb250ZXh0KTtmLnNmXz17djpCLm0sY2ZnOkZ9O2RvY3VtZW50Lm9wZW4oXCJ0ZXh0L2h0bWxcIixcInJlcGxhY2VcIik7dmFyIEc9eGEoQmEpO2RvY3VtZW50LndyaXRlKEcgaW5zdGFuY2VvZiB1JiZHLmNvbnN0cnVjdG9yPT09dT9HLmc6XCJ0eXBlX2Vycm9yOlNhZmVIdG1sXCIpO2RvY3VtZW50LmNsb3NlKCk7Zi5zZl8mJih3aW5kb3cubmFtZT1cIlwiKX1jYXRjaChhKXt2YXIgdj1hLEg7dHJ5e3ZhciBJPW5ldyB5O0kuZy5wdXNoKDEpO0kuaFsxXT16KFwiY29udGV4dFwiLDUwNyk7di5lcnJvciYmdi5tZXRhJiZ2LmlkfHwodj1uZXcgaGEpO2lmKHYubXNnKXt2YXIgQ2E9di5tc2cuc3Vic3RyaW5nKDAsNTEyKTtJLmcucHVzaCgyKTtJLmhbMl09eihcIm1zZ1wiLENhKX12YXIgRGE9W3YubWV0YXx8e31dO0kuZy5wdXNoKDMpO0kuaFszXT1EYTt2YXIgSj1mLEs9W10sTCxNPW51bGwsTjtkb3tOPUo7dmFyIFA7dHJ5e3ZhciBRO2lmKFE9ISFOJiZudWxsIT1OLmxvY2F0aW9uLmhyZWYpYjp7dHJ5e3coTi5mb28pO1E9ITA7YnJlYWsgYn1jYXRjaChiKXt9UT0hMX1QPVF9Y2F0Y2goYil7UD0hMX1QPyhMPU4ubG9jYXRpb24uaHJlZixNPU4uZG9jdW1lbnQmJk4uZG9jdW&i=1-2&t=adltag_lj0nau6a_0oEAD20I19L&r=912749b8eb1959298d813b4d5a1cbf9&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17744
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
mTOZ8kRgc9js3M6R7T4G3sCCX3TzDuJitPApB_8HWD07cRsZ5WoMsg==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=0&d=1lbnQucmVmZXJyZXJ8fG51bGwpOihMPU0sTT1udWxsKTtLLnB1c2gobmV3IG5hKEx8fFwiXCIpKTt0cnl7Sj1OLnBhcmVudH1jYXRjaChiKXtKPW51bGx9fXdoaWxlKEomJk4hPUopO2Zvcih2YXIgUj0wLEVhPUsubGVuZ3RoLTE7Ujw9RWE7KytSKUtbUl0uZGVwdGg9RWEtUjtOPWY7aWYoTi5sb2NhdGlvbiYmTi5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMmJk4ubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zLmxlbmd0aD09Sy5sZW5ndGgtMSlmb3IodmFyIFM9MTtTPEsubGVuZ3RoOysrUyl7dmFyIFQ9S1tTXTtULnVybHx8KFQudXJsPU4ubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW1MtMV18fFwiXCIsVC5qPSEwKX1mb3IodmFyIHg9bmV3IG5hKGYubG9jYXRpb24uaHJlZiwhMSksRmE9bnVsbCxVPUsubGVuZ3RoLTEsVj1VOzA8PVY7LS1WKXt2YXIgVz1LW1ZdOyFGYSYma2EudGVzdChXLnVybCkmJihGYT1XKTtpZihXLnVybCYmIVcuail7eD1XO2JyZWFrfX12YXIgbGE9bnVsbCxHYT1LLmxlbmd0aCYmS1tVXS51cmw7MCE9eC5kZXB0aCYmR2EmJihsYT1LW1VdKTtIPW5ldyBtYTtpZihILmgpe3ZhciBIYT1ILmgudXJsfHxcIlwiO0kuZy5wdXNoKDQpO0kuaFs0XT16KFwidG9wXCIsSGEpfXZhciBJYT17dXJsOkguZy51cmx8fFwiXCJ9LFg7aWYoSC5nLnVybCl7dmFyIFk7WT1ILmcudXJsLm1hdGNoKGlhKTt2YXIgSmE9WVsxXSxLYT1ZWzNdLExhPVlbNF0sWj1cIlwiO0phJiYoWis9SmErXCI6XCIpO0thJiYoWis9XCIvL1wiLForPUthLExhJiYoWis9XCI6XCIrTGEpKTtYPVp9ZWxzZSBYPVwiXCI7dmFyIE1hPVtJYSx7dXJsOlh9XTtJLmcucHVzaCg1KTtJLmhbNV09TWE7dGEoSSl9Y2F0Y2goYil7dHJ5e3RhKHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6NTA3LG1zZzpmYShiKSx1cmw6SCYmSC5nLnVybH0pfWNhdGNoKGMpe319fTt9KS5jYWxsKHRoaXMpO1xuICAgIDwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vdmFsbmV0L2JsLTI1NWJiMGEtMjE1ZDQ1MGYuanNcIiB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS92YWxuZXQvYi1lMDlmMTBmLWQ5M2Q0M2JmLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQ%2BdmFyIGQ9ZGVjb2RlVVJJQ29tcG9uZW50KFwiJTdCJTIyc2l0ZUlkJTIyJTNBJTIydmFsbmV0JTIyJTJDJTIyd3YlMjIlM0ElMjIxLjAuMCUyQmUwOWYxMGYlMjIlMkMlMjJibHYlMjIlM0ElMjJibC0yNTViYjBhLTIxNWQ0NTBmJTIyJTJDJTIyYnYlMjIlM0ElMjJiLWUwOWYxMGYtZDkzZDQzYmYlMjIlMkMlMjJ0b3BEb21haW4lMjIlM0ElMjJodHRwcyUzQSUyRiUyRnNpbXBsZWZseWluZy5jb20lMkZ0d28tdW5pdGVkLWFpcmxpbmVzLWVtcGxveWVlcy1jaGFyZ2luZy1zdGVhbGluZy1tYXJpanVhbmEtcGFzc2VuZ2VyLWx1Z2dhZ2UlMkYlMjIlMkMlMjJjdXJyZW50VGFnSWQlMjIlM0ElMjJhZGx0YWdfbGowbmF1NmFfMG9FQUQyMEkxOUwlMjIlMkMlMjJhdSUyMiUzQSUyMiUyRjM5MzYzNzc1JTJGU2ltcGxlRmx5aW5nJTJGQXJ0aWNsZV9JbkNvbnRlbnRfRGVza3RvcF8xJTIyJTJDJTIyc2xvdEVsZW1lbnRJZCUyMiUzQSUyMmFkc25pbmphLWFkLXVuaXQtY29ubmVjdGVkQmVsb3dBZC01ZjQ1YTZjYzEzZDMyOCUyMiUyQyUyMnJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJibG9ja2VkQ291bnQlMjIlM0EwJTJDJTIyYWRTZXJ2ZXJEZXRhaWxzJTIyJTNBJTdCJTIyYWR2ZXJ0aXNlcklkJTIyJTNBJTIyNzgwNjk0OTUlMjIlMkMlMjJjYW1wYWlnbklkJTIyJTNBJTIyMzE4NDI4MTU1MyUyMiUyQyUyMmNyZWF0aXZlSWQlMjIlM0ElMjIxMzg0MzUxNDA2MDElMjIlMkMlMjJsaW5laXRlbUlkJTIyJTNBJTIyNjI3MDM0MzY2MiUyMiUyQyUyMmFkU2VydmVyJTIyJTNBJTIyZGZwJTIyJTJDJTIyeWllbGRHcm91cElkcyUyMiUzQSU1QjgwMDQ2JTVEJTdEJTJDJTIydyUyMiUzQTcyOCUyQyUyMmglMjIlM0E5MCUyQyUyMklBQkNvbnNlbnRTdHJpbmclMjIlM0ElN0IlMjJ0Y2ZhcGklMjIlM0ElNUIlN0IlMjJjbXBJZCUyMiUzQTklMkMlMjJjbXBWZXJzaW9uJTIyJTNBNCUyQyUyMmdkcHJBcHBsaWVzJTIyJTNBZmFsc2UlMkMlMjJ0Y2ZQb2xpY3lWZXJzaW9uJTIyJTNBMiUyQyUyMmV2ZW50U3RhdHVzJTIyJTNBJTIydGNsb2FkZWQlMjIlMkMlMjJjbXBTdGF0dXMlMjIlM0ElMjJsb2FkZWQlMjIlMkMlMjJsaXN0ZW5lcklkJTIyJTNBbnVsbCU3RCU1RCUyQyUyMnVzcGFwaSUyMiUzQSU1QiU3QiUyMnZlcnNpb24lMjIlM0ExJTJDJTIydXNwU3RyaW5nJTIyJTNBJTIyMS0tLSUyMiU3RCU1RCU3RCUyQyUyMnNhZmVGcmFtZUtleSUyMiUzQSUyMjg4MDgwMzYzJTIyJTdEXCIpO3dpbmRvd1tcIjU0NDkwMzZfdmFsbmV0XCJdPXt9O3dpbmRvd1tcIjU0NDkwMzZfdmFsbmV0XCJdLnRhZ0RldGFpbHM9SlNPTi5wYXJzZShkKTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiNTQ0OTAzNl92YWxuZXRcIiwgXCI8IS0tQURMX1dSQVBQRUQtLT5cIiwgZmFsc2UsIHdpbmRvdywge30pOzwvc2NyaXB0PjwvaGVhZD48L2h0bWw%2BPCEtLSBJRlJBTUUgSU5ORVIgQ09OVEVOVCAtLT4ifQ%3D%3D&i=2-2&t=adltag_lj0nau6a_0oEAD20I19L&r=912749b8eb1959298d813b4d5a1cbf9&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17744
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
NCX-GYjHDbOz-RjCJ2zeZgDTRz0hJBQsDvP8BIKGGrj7yUMIi0NgUw==
csync
sync.sync.viewdeos.com/ Frame 4600
Redirect Chain
  • https://sync.aralego.com/idsync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&usprivacy={us_privacy}&redirect=https%3A%2F%2Fsync.sync.viewdeos.com%2Fcsync%3Ft%3Da%26ep%3D305801%26extuid%3DSspCookieUserId
  • https://sync.sync.viewdeos.com/csync?t=a&ep=305801&extuid=eda34539-d860-3116-b391-ffe0a94fa09f
43 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.sync.viewdeos.com/csync?t=a&ep=305801&extuid=eda34539-d860-3116-b391-ffe0a94fa09f
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:09 GMT
Etag
dc3da21bd46fc731
Server
Adtelligent

Redirect headers

connection
close
content-length
248
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:08 GMT
location
https://sync.sync.viewdeos.com/csync?t=a&ep=305801&extuid=eda34539-d860-3116-b391-ffe0a94fa09f
vary
Accept, Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 5225 		762 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8d174b5f20e9e73243a6ebe216050399a32a93f23a9885c70d6a41188ab926e9

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
445
content-type
text/html
date
Sat, 17 Jun 2023 23:44:08 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pbcas
ads.yieldmo.com/ Frame 6101 		825 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.191.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-191-141.compute-1.amazonaws.com
Software
/
Resource Hash
1c1d6d25f18060cdd27b27094527ebeb16594cd10718eef8e2f9ceaa10653774

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sat, 17 Jun 2023 23:44:08 GMT
pragma
no-cache
vary
accept-encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4747 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.sync.viewdeos.com%2Fcsync%3Ft%3Da%26ep%3D642794%26extuid%3D
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99777
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 17 Jun 2023 23:44:08 GMT
expires
Mon, 19 Jun 2023 03:27:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.44.237.135, 4.7.166.102
x-check-cacheable
YES
x-serial
66383
async_usersync.html
acdn.adnxs.com/dmp/ Frame D124 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
61363
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 17 Jun 2023 23:44:08 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 09 Jun 2023 06:41:08 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1814, 166894
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760065-MIA
X-Timer
S1687045449.591155,VS0,VE0
/
sync.cootlogix.com/api/sync/iframe/ Frame 0920 		109 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
24.199.80.64 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Sat, 17 Jun 2023 23:44:08 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
usync.html
eus.rubiconproject.com/ Frame C692 		281 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:08 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AEDC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99777
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 17 Jun 2023 23:44:08 GMT
expires
Mon, 19 Jun 2023 03:27:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.44.237.135, 4.7.166.102
x-check-cacheable
YES
x-serial
66383
ixmatch.html
js-sec.indexww.com/um/ Frame F734 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
450
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d8f28a5b825b3d4-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:08 GMT
expires
Sun, 18 Jun 2023 03:44:08 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A11D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=71eac8c50a03810
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame DF44 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
7e6f35a09097d95319156542521bbeafec5d5644dc4b5293444f4ec572016d43

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1071
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:08 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame 6513 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c98aaf6e543503ad4c8449977d7a4e1d3b6bcca812999bc0f79451fe56838689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12078
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:08 GMT
expires
Mon, 19 Jun 2023 23:44:08 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame DF21 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Requested by
Host: adtechvideo.s3.amazonaws.com
URL: https://adtechvideo.s3.amazonaws.com/vvv-1.0.0-27c8398ac1d5da5a4609-simpleflying.com.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
656bf6eff58470d2f6e3fff6c57d4470bb353d25906aab0c2c0c83c94d741eff

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:07 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A76 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=848875565007&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A76 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=848875565007&version=m202301230201&ct=76&x=96&cor=982565726295363500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8A76 		17 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkBo7DbTAH_OriYlYueU3Ew_nA-Qu2xsrRTBChByxLvJ0kDWsSdHgFfxNg3pKY8s-0d5BqBaGUjm4IiHP__FHnwEOfRiOe_wNEIv1Q0LjpRJSgz6w0WjFiliDh5LyxjP1UzLCpG3TfrWDVAO0P7RbKSAy9znwlKfZI6BTRnf9HX333dyA&cry=1&dbm_d=AKAmf-DDrFQ_yx-Vk3iFDyAIpie4Vzmo3sOd2cxE8PL_gxhWutws3KTapZu0QRMgdhTfcR9e9ktJs1rrMp3w6URwFXHTo1We70YP-datO_Zf-vmA0RAM_E7NfLC37l-ZvguslXDiJccONu-EOxAYVrWk5l-lAMPnlKmadizbQd79GQ05ACCJf3aKJKtZ-cYSxTdH0kDAH53meBWG9keNURwXfAeXJOBSNpv482tYTfScKANVkZev6p-IGS6GZWkqVXME6q6Y7PNwDHd7_5VKDIfDi1cxvuy3TdLamsaGQcWxORFofxt07vDzciph2vxtBHwfFD8cnIOEpAJLHCPTJxc6rFR5jy8lk9t2UF1pck52Ts0hoIMvJ09TkqhihNDp_0N-YvT_8QKxDcfbINOwYwGk3uibMxz003zgaZL05N3hH1o9S2fG18Epv_gfaNnGqpcZRCapg1k4NPyNX-OhMIyrEqa29CXEckNj2TdYt0hUsNSgQUd5-jJ9utCS4cEfiX92C5pNt-KZn1iB103fD9RNsaY_OmNDDd8m9t3RMVLizPw0yn_PNoYH_DNild75UU3oVYRTPxLTxaCc1d-3ae33XL2PvtDoLqSKlxEoX1rn4SWciqIrAE3CJFVZss5likAWdhl9oMQrvVRZ7pw5484qzbAC5DGt45gdNtNB3o66_bDZiWsNxh6FpS_cQUWvnFMO_-ZaYwjBCSBMVMfMzXAC8Kek4iynPTkik1KyblvTEI7fu_hWdpBbNpQZsB8VT0BJNl_V8T1tVtArDAgUNX5oZ2jLYNIOxt6kTufz-vTef6tV6iMadf26uqvAnCB_XvHH4thgef-laSGNJZjFalnqWs528U-Nofoj__WnvZmggLD_fG9PD21wZgI0xy5J1jFVRcSg8_IrdqDLBKqulqtj2WAY8UivZ4FnCHnslnCir01Xc-MHypFVYej44Bm4k_Ab1Ji3ehWN6cpBpwGxH0IkSeY7j_M4ftulFI9EPaZkfRk4h_TJmEZk9Z3Xpk3mkhlWfazaikd4qC81sL4B7cbaDXL3NkSICvGs1tDmSEyQl7Rh19IIwhB3eV8HmgNSJewZoOrftOoHEWbIFb4-ESylbATz3Lrb5k20VvPdbpExiiZPlOKfxfLdOGzWK8g4eRigiuBHlgi517yPtsjwc2hul8UcCGKOWwi3IujS6LohY3xbKnozE0UGDjZOTwDlcEhLi-L290JVXmfKyXkUVX3uHSVfLRt4YvTyBFQbk8q_jDRFDBA_L2_0iNNUFgEWlZkwipGkJm8tKE4TRWP7hzX5elr4eiFxet-mI3ypzvVVC7rI34Tv3GLj8W938TU4quyFDwi-Rfbb6TfHNwsUBQIUdxj_17-XTwCpT1QjXrOexRUBO3N18NjCW_JDMJ1DVa7N6pN6Yu1teB6AtLaa6XVRh5SWBBn6VmLymHwPdZRhjXW-Vg6BVVLj83iDG_nLx4JnetIHr67JirnRS3v9T-_3MOsQsDnMiLmyp0GmpuhM7JWGa9ktXCnqez4vk8IZIojb1v3tZfNzXTvYbantG_R08yd7o42w6nIqAxNYtdtqPqCUTqo9Eujnsb3f0Sa5G6dCL8JwfAOxQ0-qqHPNL3ZMuPStjxXRUW7W8I9WHtnhBD2bx5PqA9ePmr7ZwgEJRvv6gsrlAoFPQ2BO5Nz4USioWDAjzEJGKZ99qf5nFaSfndtTEemT7xGpgWjIJ02cIy7sfop2fLU2ZAfaHFXhg0T5ZGmYcXBlUkLYVCc2HPDsMLlbHTlhWzaM9jLO22UUo3Q5MofgF0mFE5GvQNCSdoENn8Q6MeKK6CdhtbvU0WOTMXUZjIOldN0Ih_z2YSj071hPnyTwmMXMnHfxutXXGYfIUHeqGQtbil764gS90CsDUV9qHfKy8gGo4wvpyyI0HCVm7AMG61EggOippsY3p2c10L2icFAZnD7zcRKMo47KY2sy1DpQa4YW8Q0smXPW1gyro4pqEsIgSOTIYxb-ZSpLDPy2b3LgFymYqIok3PoDwqBQAOh366XbFaNvSdsuWqbBMnZDKSgkSBWQ_V9mue02esd0TKmTSMW5hmNzU4pisyn8WAsqBPSlHi21il-bn8cspd_IgJKGFJUP73wC9LHk3BcPdIRPd-2CrpOFQkfwu-HhAev4-weoR0vg8DhmNo4yXNX0utl0__U8GTQ9mN5DNWym9tfhsmMJe7ecCYg8mKNa7Ab7nODlErH62z1oAOtkGfuUjrpsrvMZWZI0gVMITgRqmHoiuDzkhT9kVahYgJ-1wXB-GD8IocT5cJ5q2SXmwJLy_WAtKLKY4RB-vCVJvbf_rxbD3sDxZUiNR8vv9cjJSmVdN24ZOO3bp8xQKsKx7gZo-i2O_VhAXXgUx2EINaoSXBZvXU6KhOPcIFLcu-3q6hW60uinIjTCUsvi5nrLjacifDMTBkvfn49TfrzQZTYFKrONbLMSzguVFFxZAsXboD0VcRFd1UyosNYklfpeVjZ7xsWYNMViN7MQz3125ehMYmOqIaQlSHwNHd7bH-6SkGEPfXdTZYceOCOMtWPUPRfvW5kp8Jp3ZkmxMem10X72d5bJah00TZmA7WXdZaS3anD180Gc2VhHIvXreJrrDDe5pCzVQJ5dKex_t8guAd1tI5RoaAXKOwjDVsGaEUWn5iGCFI4boGOrlpWrkNYofv28p5BoMtfS4F6Cy4_o_lsgytlKabDcGrXKvyKuUAcAcmI-6oQxySDEWNYW-cDQvEP_ND5UdmRD1q_ZRlcmSZx4BH7X5o-IgcayrZw_GNMsSE1jBsLbSEP7Q92JUnJ-KdkZYEZzn_9bKJx7dLvltzflB4MI13_OGFkcHOT5wb_W3jSCixXwVYoy7GIgx71z4v0iFB4R1pyvFEufVndtwbkl5Zdswnhu5aDlQ8u2SHv8agDBQJSdOeLYiD1YcBuScB2rBe0NNnVqSZMItrtEkHTObRgCrASFVdw7sMcAebMnbxPykb7IQUpBAbtkFDk25dJpmrwRK5MK5EBTeYP1SSKVPFBGUawPhf22y4aDQjLMkuKECP3ESgQfFIPfmvt1kdnHzYUXlSrYCn28ZlGnfFEYzDMT-DQCx6ymR9KDlhbp5nTenqaznK663wMQV3UlYPibDMtKRA6d2nyht4ccvEEcmZSJRqHLZkzcoEH95oVxF_PxtGqKaBahsqnofkrDe1nvQVRz&pr=96%3A2.659&cid=CAQSMgBygQiDAizhPpgAc9AlGKv0g-xvEKWmDJhKJRCOz-pwMAQYEx0kGq_68uC6C1mttwvZGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ds=l&xdt=0&iif=1&cor=982565726295363500&adk=3948053002&idt=121&cac=0&dtd=250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a07de7d71923147bbb5847e4d122e797fad5dfc306d03554561295529b2018d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12383
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1F3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIZ51RkWOZJDIIfiAoPMP0dS5qAqeoaGuXKH56P6fA8CNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTE3MDUxOTU1NzkxMzU2NzTIAQngAgCoAwGqBO0CT9C8EpWk6zOAio6DLVQ_H1sh_o9kFu8-J1b9OfXlhWcFF5QLwvy2STxhVZcFkn1InKPERonUWi1g0EL2tW2kGLtXej49qc5VFZMSCgt_XOQqw7mojeJSLmfowFR70ZrRmaYDyDgHSjG4vWHeOVh-A_RUNdWTOe4IkphmkpfqTUTh3pzs1qJ2S3egS5hEyl4Uu7Mi3nygizEQ4oFFDslrioLGJRFsgdDe6_I0SnpbTf3UDXV5PMTJrnW_tB3xjacPvyNjdDzpZfE31CWCELBLAcJI93zv8w2fu5h1WnKzMY9Clo4QuLnt-zEpte44NwVRm5wKBMfBbhDBxGOJzvG6DLB6PYdzpp4ZZY1zFBFc2W8ghS-V8v5M8-VsC8pKe4f65l66ntCQ6JSA1-ypwTmFKNpgFSPSSHJnjIpUVkdqg_EGV1dWcce5ZhvM835ddtep05Qp_P-F5R_Fm6DXGi_ZJVjJXQFQi3IRg6y6PCngBAGABuzFysuL7ejVY6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTE3MDUxOTU1NzkxMzU2NzQY16gW&sigh=QPAPdPH5svY&uach_m=[UACH]&cid=CAQSPABygQiDiud2OH7GBBZBSxsBCl-_zw2K7T1QqqtPmybIQbpn8z9aaWIqV-J648fylnLK6LWA5TBJW2eZtxgB
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame 5225
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=864d26ea-df2c-43fa-802f-f5afce4db427&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZI5FSYQBMGhu1Sw-Eq5iSP9A
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZI5FSYQBMGhu1Sw-Eq5iSP9A
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 17 Jun 2023 23:44:09 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZI5FSYQBMGhu1Sw-Eq5iSP9A
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
0279afcdbe6a
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 5225
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=RpWYMyTQxpoQziJZ-WaArA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5225
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=d895648e-4544-4600-8aa4-c61d989f4bad
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=d895648e-4544-4600-8aa4-c61d989f4bad
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x17 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=d895648e-4544-4600-8aa4-c61d989f4bad
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jun 2023 23:44:08 GMT
sd
us-u.openx.net/w/1.0/ Frame 5225
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=845f7f5a-0f14-42e4-bdd5-c3403979bb49
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=845f7f5a-0f14-42e4-bdd5-c3403979bb49
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=845f7f5a-0f14-42e4-bdd5-c3403979bb49
Date
Sat, 17 Jun 2023 23:44:09 GMT
Connection
keep-alive
X-CI-RTID
4a5cccfd-9eb9-4934-a681-398f2c133f2f
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 5225
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 5225 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=9fbd61f3-d651-4233-bc5b-f63819f37b1a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ads.yieldmo.com/v000/ Frame 6101
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1881434812
  • https://sync.1rx.io/usersync/tradedesk/7ecff58d-29b4-4fea-b0e3-d6c5213016b0
  • https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-4d7ac79a-b446-43dd-8b2a-532c94803b...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.202.191.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-191-141.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Date
Sat, 17 Jun 2023 23:44:10 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX4d7ac79ab44643dd8b2a532c94803b95005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pixel
cm.g.doubleclick.net/ Frame 6101 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzliMzdhMDdjZDA4NmE4NTgyNWI=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 6101
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g9b37a07cd086a85825b
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=83128701974786401403422692530526639026&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=83128701974786401403422692530526639026&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C%2C
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

DCS
dcs-prod-usw2-2-v045-0433dbb44.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
jLGD0oMSTIo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=83128701974786401403422692530526639026&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2C%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
ads.yieldmo.com/ Frame 6101
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://match.deepintent.com/usersync/129/store?id=&ext1=yieldmo&ext2=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
  • https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_0bee5e191f1d45d0b18ae&ssp=yieldmo&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
  • https://ads.yieldmo.com/sync?userid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.202.191.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-191-141.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Location
//ads.yieldmo.com/sync?userid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Sat, 17 Jun 2023 23:44:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame 6101
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1
  • https://ads.yieldmo.com/v000/sync?userid=9d345672-30c6-4df5-b8fd-70efdd8b93f6&pn_id=b
43 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=9d345672-30c6-4df5-b8fd-70efdd8b93f6&pn_id=b
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.202.191.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-191-141.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Sat, 17 Jun 2023 23:43:51 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://ads.yieldmo.com/v000/sync?userid=9d345672-30c6-4df5-b8fd-70efdd8b93f6&pn_id=b
cache-control
private,no-cache
content-length
206
expires
-1
setuid
ib.adnxs.com/prebid/ Frame DF44 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4090118527531875369328
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:08 GMT
AN-X-Request-Uuid
8a99fa64-7dc2-48d3-89d3-ebce0c6d1610
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame DF44 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4090118527531875369328
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:08 GMT
AN-X-Request-Uuid
fe87d400-4492-4fea-be9e-b32923f644fa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame DF44
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=845f7f5a-0f14-42e4-bdd5-c3403979bb49&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=845f7f5a-0f14-42e4-bdd5-c3403979bb49&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=845f7f5a-0f14-42e4-bdd5-c3403979bb49&dongle=d54f&gdpr=0&gdpr_consent=
Date
Sat, 17 Jun 2023 23:44:09 GMT
Connection
keep-alive
X-CI-RTID
601a6ecd-f09d-40dd-871f-2e5fdc581a0e
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame DF44
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame DF44
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d$ip$38.132.118.71&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d$ip$38.132.118.71&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d$ip$38.132.118.71&dongle=4430
Date
Sat, 17 Jun 2023 23:44:09 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame DF44 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.195.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-195-78.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame DF44 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.195.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-195-78.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame DF44
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3666460092970085583&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3666460092970085583&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3666460092970085583&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame DF44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4090118527531875369328
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame DF44
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAE2u07JHIsAACA_VdpK4w&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAE2u07JHIsAACA_VdpK4w&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAE2u07JHIsAACA_VdpK4w&dongle=bzwx&gdpr=0
Date
Sat, 17 Jun 2023 23:44:09 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame C692 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7243dfa6171dbc14cb955125d4d528e5567c4c8b45bb95545d426f0632d2d330

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:08 GMT
content-encoding
gzip
last-modified
Sat, 17 Jun 2023 10:05:41 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=37261
content-length
10113
expires
Sun, 18 Jun 2023 10:05:09 GMT
n.js
geo.moatads.com/ 		70 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=600688035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BQToISVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-ltsW7OXurwpsfw%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57M19aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1687045448920&de=493892093721&m=0&ar=fde231f50fe-clean&iw=b8ac528&q=2&cb=0&ym=0&cu=1687045448920&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11453%3A216274%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A18788414406413937260552%3Bsr%3A1%3Buid%3A0%3B&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=711&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&id=1&ii=4&bo=5989&bd=simpleflying.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=1%3A884%3A884%3A3381%3A845&jm=-1&fs=203695&na=1053845894&cs=0&ord=1687045448920&jv=543779221&callback=DOMlessLLDcallback_56806504
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/triplelift879988051105/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.30.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-30-82.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
5f7476cf6ad3e30c1ff8dc7d7285fa9b6e4ea0db9b333a5e5b5f71fd08ff93d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"16dce4c87d270b67b84c7943911f42e0565329d3"
content-length
70
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRIPLELIFT1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1687045448920&de=493892093721&m=0&ar=fde231f50fe-clean&iw=b8ac528&q=3&cb=0&ym=0&cu=1687045448920&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11453%3A216274%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A18788414406413937260552%3Bsr%3A1%3Buid%3A0%3B&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=711&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&id=1&ii=4&bo=5989&bd=simpleflying.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=1%3A884%3A884%3A3381%3A845&jm=-1&fs=203695&na=584052711&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.156.48 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-156-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 17 Jun 2023 23:44:09 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 04CE 		490 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIY1sjtvAEwAQ&v=APEucNWGpqNer7VnfUkrm-2ZjUfuL4fWdGNQDiAecUyr875o4NGChbyHF7uvyOO4xQe3vZVVxrZl7Bn1Q720xmv7Xlg9qXPsEQ
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6ccf06cb0a453582b11736475b935bf83d84a6d4c53036cd51b27178552002d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
170
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F3F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4493853757973&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F3F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4493853757973&version=m202301230201&ct=76&x=13&cor=13722989378822228000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1F3F 		17 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An83nCwB4m-9Wualizqu48GS7rfw3mEG17AVP7anTJHdF7I0z4Qze6oTS8F0DozwzWC8FUlGcJQvLPX5vrzZHTwJ9dAir9F5bhyLZtow82Om8RqrP3WIn3ZlWgqvq-QZpEAI9PYs3SEJ3e6BuadLAETItwRVyeGqTBsvsTA1kHVyaLxZQ&cry=1&dbm_d=AKAmf-Ap38fMQ4y8uVwSUKa7OTj2wQKkDGn3PRpqeXJt-jtE_0-s22uzHADJPmpTMeOorwUSX5JlF1ZZuEsVuvmMKwGVCIZVfDtTlfmyTslpZ2jHXS-YZIOqFT6x6Zk_G9YbclY-zYQWVejD29X7um2szkaTEoU8uHX52596jnL_EGWEOjl5h1xu_F8K_tO_er9VJVKLxQWfWv-IJbbW3oCJLgQa0Mzs4h7q9uFftpVulz47LLKbfIDi009dpH69gojNZNbD5I25KhvXQM9dhnLrCfh2fai0SMvYHmtq3hXxRqpdenMhLh5NCxy9TnynBzvc5eKxqhxU9Oy8IpvyTmB66g3SUIXo9nIErMPPiVfahhDFW3FQ1WqHD6jyPmhPalqu83cmXMkVHdIeMDstiS1ADXwZ8BZ6wYsAhYdCdRxbzeB9913bCKSFDE-ZGVSi4X9s_PkpUqpFSc4Bc2zAMn_zLpraehbaDnoe7XjzIgZeptyAZOOHQN49nWkGN6Fdr2iFQiHHuV98C7u373x-beH-aXsxlpB0OqhN1hK49gvKdMzCINi8vjSBqFvFyCvTfW3WSzxD4IPFGtdAbFlWwjvpLWtPIwHfAD7jtdKaY4I1Z5FFa_DkVT35rdcvsh7JqGNIxO-ryoSTyGKYzC3Lm1PrZfneateaYfrJ9ecZyl9qTIJ3BCKTFwc9sVPOLiKMcsXLU63qquZ00UsUUpRKIPtvsBa6rXVaCCzQvYAqEB6GAC_T9cKkfEt9OTsXRr5mJsUYSzuhqeB269dAxcQi_xApZgA2VcN0zsj2IbEhk8T_ZvnMcOpIepNhFgVCIF-yrOtMdfyhXAbpQ_eDj-RvFj6mzzGH-RHQUI60-C2cmHmgPDVVah-FkLIFlWv-Pm70jCCBxQbbKNk6RxPuxCnzvT2IEtm1A-rzMjSSKAIlJWwnwH9zXqz3ODtrH0gyPzjB_ECYgR6T4vZGs8bNF8Hi34aA5Np-LjN3XUxYeQUz2lZUCRaEJIgju-zo0JmvHK3xY6O01cD4tt_thoNlDV7jbetpB0OsvipfcDmJDMaDoKw2W8ie-vI7XIOWJruhAjkRk7tda9Sdn6LrPaWwNQCmKJTXjMo3llKGNUyw0eTtVkOKfmw_OwuWWj-7iuY_KnjIkS0bsCCC8wqEEeix_JM7poPwECRsy_E3TDhhCr07bqaNaLCCGvbgamxruwhuKERYtWnbs3U-Q90e-sm-4WWbah4lHsnmF3YOMkMQ2BLONhesUhVo9CMSZK4cBtDiOvUdq6vwOcZ9_mb-ZWG0f-Q1E7JnDasaHvLW1N6R0iTy05JxFFkczpUEcOunuwyb0mXQG4WDuQTEIaSoNcNxAioM2ffxNW7PGNWd4jRAwi_xAwZH7eqHyuW2dV1SKfTXvFsW3PMrjUkhvUcsLfyp5VqM5RO2fmRFE7oi530nmGpBESbFAlBMrOBVb8O8FJwoQ6Y0upJhVVkDc9JdBdrb355Zap3OhBbQ2emf-AbtYuTjRcE5wfx7x1WgmUt98XleA1m8LA2o0Zcn_XRNNWvGB6AiQU5ehR5erZ1YN1m0DpAzBuLSaC7yrNhIhV_qANIP-E6WG4rEQxICrI4RkwRh47yiODGdhoueRbEewXkVEalbMbEzSC6oXLzKmtlEQRotz6R1z6HdVUxIvA0PcvZ8doVaqrQgjveEiJrtiWr2b-dURJQgnzsp4oD36MAqaR6nMoqemj_XchS1VPWlxZUmgzyr0ZMwyfjUnWXj0r0qXDjMfA4UrHYQCon2_lY-VRSXkmgE7jyAqVBx2q0Q4wRe56qrPDx3C-CLS5eO8xBeQGFzlBL4wz9HqHl9DyIerXS33EGSOUapu4UdjMS7Q2IrcnGR0DPQ8t6AM8CRSVyRlpSZi-4tDyRVMU9sj8CqkSdARJPHzs8bNICdKIqpwAgl3CUzWxYpJudsv_tph875A4KNQfe2WluOTNnI6DxECxing_qwxvYWY4eB7qccAEDC07sESvQa-VDDWAhAFBd1iEGcc-d8qI_aMnPTegyDO_Z8DZIx2iFUKi0_bmCoSsHwal6mGYEB4GEqKJymNaPGEgCj1Br-3MPsuBxXKBWYSqT3X2eSr36yexnY0GgsMs1VVVm3BxlxpgQpJ-1ksNrjAZ7OOV6lUkwoV_7wtU4OiQnz5A-fbZGsoYiqFWvu16q5PR6Z7SDcMSo6svyYc4ivZ5UHCh76UG54c80QHqfpoh8dmhFOncbYNgn-1Awripl8Nyx6L6XRF4wB69TkP8wETdRJRS8DuCcnrcp6qlZmO3eMQ20L6a3cxrn0db5F0j6GrDMMVcw2lF1cr11D5bPI7ol9OHLU7wUMuK9MVFTLfmGa-urSh-slUq7FZigbJNKgPfQpC_zV_UoXbFXrLVtcsql2vDYlDitGA_BBKaLujyJoQ6faT4ZLlEa-kLVhOjFrZ001nUUBA5j57I6-jxEs6YjrG8MJaw25-B788r5uuDAOy3sq3tDJOx_HuWj9jMqqo-F95XFJpBY4ww4FT6yEjclRLTnuzd53-_MeEUJoqPnqATorYhFXMOta2ZeyH1W0PD9t7YJDBR1Qn8Gmq0EAiviUCMvhV2fzva3etr4qvc-QBuVf-gc1XdG0iAB6r4XXgV_2Dh43esHzcPE2sea96ejBCnSZxPaFnaRZsd9JXVxGOxZEhqiSKckrU8SbpT5Ts8JbIpe1mtp41Fqix_9UIN3t6vgzLMQENDdDcFIhtlE5fDzHLAGxSTPPNJ09gAjRiRIMqsOkNN3XlioMw7DYvmZEnlvRB2pG7zevQ4akNfi-G9JDb_4V6O7cl0zhzi2Owl3nOEQSef_ju5ubu5B7KsPHq2n39Hdw8ww-i5Z3v8rBo99pl1pNx2R9_S36PF_8_TMOgKy0WbPKK9_M_KVVEyFG0gHi5lrKU9JkfcnS1FjCRzFvaA7tM-cUz2CWcL889pni7tsJk38b_lE1FiENo2qSSGiO9YY1Drs4Owmw5JwE4RN6oN_8Z5Ntyzc8hXhe9xVsDQzc1j7fBmcU5rOPAoZU0XpcawkbCwviNSjfUpdWVWH7are2zYFez_GWIcPvOHEaD2GY-LukZmItvvDMdvHXbskqoICjRdPT3XSjcec_YOgnDfnub6vxFCZ3JPT3OohCdHSnJCT1xpeRTYmKVN4PZndZFXWJIzVD4qE&pr=13%3AZI5FRgAAAABOp1SytuIQJqoadEMM-6gstX-J2Q&cid=CAQSKQBygQiDtKIMGF1qzJvxRxKD0E3w-naQc3BEFQfxZvSf_OSf3W0nwx5AGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ds=l&xdt=1&iif=1&cor=13722989378822228000&adk=615221972&idt=133&cac=0&dtd=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13140a653582b6df6da1953636778c05c174bc0fe5c7b2e196ded3bb1a2e2f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12461
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CA7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:05 GMT
expires
Sun, 16 Jun 2024 23:44:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-e09f10f-d93d43bf.js
tagan.adlightning.com/valnet/ Frame 618A 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15c8a0708e3db7938bb7d7a63b5c67abad96dde683cccef9b5254e82e203cf62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 16:35:59 GMT
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
x-amz-version-id
Zv9.b8J7cZOfuJGJyhlkBF6T85xjCqrA
x-amz-cf-pop
IAD89-P1
age
1062491
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28870
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:35:39 GMT
server
AmazonS3
etag
"82cf001d792438020a87c24097f91aa6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
KjYN9cFxnkcojNvZuE9xkySDsA4OtQWyDZnhG-cBE5XPySA_dravSA==
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame 618A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjst5Xm3EwZ2N0eNSLH0MmP-j-7GsSt2vKax0hd8x4XfVKHM1Zq_tFO2lZd_i5fW5xxSBktQZfQJjAnUUQaasRnojv5QGznM7PkA1uQC3nKnALfNk7E9rSbnNLQIm_ubJovxA4uT_6jUPCAbaHReGwNNIGZUfrDWo0hSGlm47w5glYZzxQWK64CpKzmwRjqcr26oz6Jh6imSRPoI4eqSmunRXFueRdGl4bXmNFB7kwSyQ0AeuexOE6HUSpWT-DaOqQo7hv9Jk7VRKqQxakY7UrcX6TOh73QMscSm3B9LcgJ3-TXEJ9us9O0biUM3gOB4jD38wTntFZzaTUaDDFeNLRYhd6UtO2iDIFvr3GP1Eq3sd%26sai%3DAMfl-YQGWKaQ-5Agx-GAmkO-2zXM2r2ThMgvxVOX4-JFYXLZ1wLPkhEPJcT6-gft4Gt-qi_hSD5I06kc4w1Q8KpE2rKbybCbUsxPMEDh-ehKr8KYYT1mHDeblAmIsiqJlTY%26sig%3DCg0ArKJSzP8ucF5-S0ZkEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 11:55:54 GMT
content-encoding
gzip
age
42495
x-guploader-uploadid
ADPycduTiJH3IFQjexx5eZbqCtMKlrZQW5McDPY4RTROm5LUUsKc_IA4KEKTaVJ4pn29tdT0yqbn59jrPSAGKLogx3efQg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
970
last-modified
Fri, 16 Jun 2023 16:59:07 GMT
server
UploadServer
etag
"d2a55d0904bccc80d64718173cad8bb1"
vary
Accept-Encoding
x-goog-generation
1686934747742557
x-goog-hash
crc32c=aux8IQ==, md5=0qVdCQS8zIDWRxgXPK2LsQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
970
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 618A 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:09 GMT
pubcid.php
hbx.media.net/ Frame 6513 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Sat, 17 Jun 2023 23:44:09 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Sun, 18 Jun 2023 00:14:09 GMT
sync
gum.criteo.com/ Frame 6513 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2b0a9ee7b7080edc261f2aa8eb0bd25e469b7c3c02e8049a0467df4e11f469d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1259375
expires
60
cksync.html
contextual.media.net/ Frame 0800
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Drkt%26refUrl%3D%26vid%3D704544934133004704415239370...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=rkt&refUrl=&vid=70454493413300470441523937000V10&ovsid=970314640527939565
235 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=rkt&refUrl=&vid=70454493413300470441523937000V10&ovsid=970314640527939565
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Sat, 17 Jun 2023 23:44:09 GMT
expires
Sat, 17 Jun 2023 23:44:09 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sat, 17 Jun 2023 23:44:09 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=rkt&refUrl=&vid=70454493413300470441523937000V10&ovsid=970314640527939565
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE54 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dpba%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99776
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 17 Jun 2023 23:44:09 GMT
expires
Mon, 19 Jun 2023 03:27:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.44.237.135, 4.7.166.102
x-check-cacheable
YES
x-serial
66383
cksync.php
contextual.media.net/ Frame 6513
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=son&refUrl=&vid=70454493413300470441523937000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=son&refUrl=&vid=70454493413300470441523937000V10&ovsid=548f579a-2e91-4164-a201-9f750b993513
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=son&refUrl=&vid=70454493413300470441523937000V10&ovsid=548f579a-2e91-4164-a201-9f750b993513
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:09 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:09 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-83
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=son&refUrl=&vid=70454493413300470441523937000V10&ovsid=548f579a-2e91-4164-a201-9f750b993513
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 6513
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=3ad4a3d0def02384&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=con&refUrl=&vid=70454493413300470441523937000V10&ovsid=AAAF03RTt7LY8QNTEbplAAAAAAA&expiration=1687131849&is_secure=true
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=con&refUrl=&vid=70454493413300470441523937000V10&ovsid=AAAF03RTt7LY8QNTEbplAAAAAAA&expiration=1687131849&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:10 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=con&refUrl=&vid=70454493413300470441523937000V10&ovsid=AAAF03RTt7LY8QNTEbplAAAAAAA&expiration=1687131849&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 6513
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3300470441523937...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=opx&refUrl=&vid=70454493413300470441523937000V10&ovsid=51ef7b90-2656-4554-95f5-1080989028ca
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=opx&refUrl=&vid=70454493413300470441523937000V10&ovsid=51ef7b90-2656-4554-95f5-1080989028ca
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:09 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:09 GMT

Redirect headers

date
Sat, 17 Jun 2023 23:44:09 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3300470441523937000V10&type=opx&refUrl=&vid=70454493413300470441523937000V10&ovsid=51ef7b90-2656-4554-95f5-1080989028ca
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 6513
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dmma%26refUrl%3D%26vid%3D704544934133004704415239...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=mma&refUrl=&vid=70454493413300470441523937000V10&ovsid=d895648e-4544-4600-8aa4-c61d989f4bad
61 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=mma&refUrl=&vid=70454493413300470441523937000V10&ovsid=d895648e-4544-4600-8aa4-c61d989f4bad
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:09 GMT

Redirect headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x23 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=mma&refUrl=&vid=70454493413300470441523937000V10&ovsid=d895648e-4544-4600-8aa4-c61d989f4bad
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jun 2023 23:44:08 GMT
cksync
cs.media.net/ Frame 6513
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzMwMDQ3MDQ0MTUyMzkzNzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIUXUpyAwFrNdEJ57sMddxo&google_cver=1
61 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIUXUpyAwFrNdEJ57sMddxo&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:09 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIUXUpyAwFrNdEJ57sMddxo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6513
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Ddxu%26refUrl%3D%26vid%3D70454493413300470441523...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=dxu&refUrl=&vid=70454493413300470441523937000V10&ovsid=su5GORrt1QaFAo5
61 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=dxu&refUrl=&vid=70454493413300470441523937000V10&ovsid=su5GORrt1QaFAo5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:09 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:08 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-023329e0a498b46ac@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=dxu&refUrl=&vid=70454493413300470441523937000V10&ovsid=su5GORrt1QaFAo5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6513
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=b2669be2-8f34-4b4c-91cc-64d84e02b962
61 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=b2669be2-8f34-4b4c-91cc-64d84e02b962
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:09 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=b2669be2-8f34-4b4c-91cc-64d84e02b962
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1201984
content-length
0
expires
Sat, 17 Jun 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6513
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=bdc7de11-25d2-4be2-916c-1ec105949f96&ssp=medianet&gdpr=0
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent=&gdpr_pd=
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:10 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sat, 17 Jun 2023 23:44:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 6513
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=SH61o9eW3usfInkR2FZ-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKTJA3DC3ZZMVLTG5LTMZEW422SGJDFU...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=SH61o9eW3usfInkR2FZ-https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=704544934133004704415239...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=SH61o9eW3usfInkR2FZ-https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=70454493413300470441523937000V10&vsid=3300470441523937000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:10 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:10 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=SH61o9eW3usfInkR2FZ-https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=70454493413300470441523937000V10&vsid=3300470441523937000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 6513 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 6513
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3300470441523937000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=bdc7de11-25d2-4be2-916c-1ec105949f96&cs=1
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=bdc7de11-25d2-4be2-916c-1ec105949f96&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:09 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=bdc7de11-25d2-4be2-916c-1ec105949f96&cs=1
date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
710489.gif
id.rlcdn.com/ Frame 6513 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 6513
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
61 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:09 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Sat, 17 Jun 2023 23:44:09 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
setuid
ib.adnxs.com/ Frame 04CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAdW-ECxf6Ysxzi5SWslpjE&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdW-ECxf6Ysxzi5SWslpjE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIY1sjtvAEwAQ&v=APEucNWGpqNer7VnfUkrm-2ZjUfuL4fWdGNQDiAecUyr875o4NGChbyHF7uvyOO4xQe3vZVVxrZl7Bn1Q720xmv7Xlg9qXPsEQ
Protocol
HTTP/1.1
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:09 GMT
AN-X-Request-Uuid
0e3f99df-0edc-43fc-850a-4973e24acd19
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdW-ECxf6Ysxzi5SWslpjE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04CE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE2MzU1Nzg5Njg4NjUzOTk4NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE2MzU1Nzg5Njg4NjUzOTk4NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIY1sjtvAEwAQ&v=APEucNWGpqNer7VnfUkrm-2ZjUfuL4fWdGNQDiAecUyr875o4NGChbyHF7uvyOO4xQe3vZVVxrZl7Bn1Q720xmv7Xlg9qXPsEQ
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2f7bad75-23c1-4d5f-b81c-c82765319d79
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE2MzU1Nzg5Njg4NjUzOTk4NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 04CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECxbj2x2aWTqGdMUjDo7uP8&google_cver=1
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECxbj2x2aWTqGdMUjDo7uP8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIY1sjtvAEwAQ&v=APEucNWGpqNer7VnfUkrm-2ZjUfuL4fWdGNQDiAecUyr875o4NGChbyHF7uvyOO4xQe3vZVVxrZl7Bn1Q720xmv7Xlg9qXPsEQ
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECxbj2x2aWTqGdMUjDo7uP8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmVkODcwMzg1ODg2N2ZiZjM3YmI1NjZmYWUwMGVjYTMwZTkwYjc5Mg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmVkODcwMzg1ODg2N2ZiZjM3YmI1NjZmYWUwMGVjYTMwZTkwYjc5Mg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzviB0wIY1sjtvAEwAQ&v=APEucNWGpqNer7VnfUkrm-2ZjUfuL4fWdGNQDiAecUyr875o4NGChbyHF7uvyOO4xQe3vZVVxrZl7Bn1Q720xmv7Xlg9qXPsEQ
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmVkODcwMzg1ODg2N2ZiZjM3YmI1NjZmYWUwMGVjYTMwZTkwYjc5Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ev3
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=18788414406413937260552&sr=1&uid=0&type=mi&ord=1687045448920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
bid
aax.amazon-adsystem.com/e/dtb/ 		219 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3741&u=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&pid=8z0lNzn4WEbHJ&cb=2&ws=1600x1200&v=23.612.1758&t=3000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1619031514790-0-count-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F39363775%2FSimpleFlying%2FArticle_Sticky_Desktop%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22SimpleFlying%22%2C%22ext%22%3A%7B%22template%22%3A%22content-all%22%2C%22cat%22%3A%22%7CAirline%20News%7CNorth%20America%7C%22%2C%22postID%22%3A%222015400%22%7D%7D%7D%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*TLAD0CIZKumUT9w8Mxrui_uq2LLxSlIJMQSLp-KX2H9QGstc9B1SnyDb-k5q54HTUBs7SDPT3JbksDprRBhnXA%22%2C%22pubcommon%22%3A%22d62c0496-47d4-45b0-8890-2d8087a5f7f1%22%2C%22audigent%22%3A%22%257B%2522hadronId%2522%253A%2522060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%2522%257D%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.97.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-97-179.iad55.r.cloudfront.net
Software
Server /
Resource Hash
1f48b06e70f0e36b95732e7ea7426875d5275ee1e4008ac707b23e4db910a94b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 170caffbbbc9abe2c5fd15f4f58b75b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD55-P4
x-amz-rid
EBMWQWYNHZYZA703HHS2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
219
x-amz-cf-id
-RoAPT7hOihpmW16HpWeJ6AUYlDaCbAslDbROZQa2yl-gwgUYASlvg==
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.209.30.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-30-160.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
eb4c1b0c69d89aa2599706b133fd3151bdbe207652024b0187903feffc774de5

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://simpleflying.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
mp.4dex.io/ 		174 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a804291d56c6f023a893ba3d9a1eb5818d4d4384b60f6b90329fad1af71749e

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
via
1.1 google
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1220, Selecting bids. No selected bids
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d8f28ab0bbcdb1d-MIA
expires
0
prebid
krk2.kargo.com/api/v1/ 		2 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.79.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-79-114.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
auction
tlx.3lift.com/header/ 		19 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.52.0&referrer=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&tmax=3000&gdpr=false&us_privacy=1---
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.10.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-10-219.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
79
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU8C5QS6
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
10f75f2953cd56db7850c1e154772e46fb7267c7250bc42c13fb1b69b614f2e4

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Jun 2023 23:44:09 GMT
6402f360dde0ec3d3a7e216c
exchange.cootlogix.com/prebid/multi/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/6402f360dde0ec3d3a7e216c
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.25.23 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:09 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ 		20 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=762916
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e619c15549a194ce025e230520835287607c18ee49d1b74490e96666dbe212

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIfVsHh7UZBpdQA51aaewOfaN3hb3uOAk2atSHWEWfp0YKtHcpQdieREWTf2O46HJHjyMKvRwFYSiNYWCfiQmxBAjpk2dzyae2L%2BgJJWjihOsUcO8qgIPtxYJWe1RCUhL%2F8r6zmX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28ab0d12b3e0-MIA
alt-svc
h3=":443"; ma=86400
expires
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://simpleflying.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1687045449432&to=0&aun=div-gpt-ad-1619031514790-0-count-1&hadronId=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&pubcid=d62c0496-47d4-45b0-8890-2d8087a5f7f1&gpid=%2F39363775%2FSimpleFlying%2FArticle_Sticky_Desktop%23div-gpt-ad-1619031514790-0-count-1&pv=f12ef715-5627-484a-b5b7-9b7b82dbc6d8&t=8wyqry48&pi=2&gdprApplies=0&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.52.0%22%7D&ogu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&ns=9421
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.149.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-149-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3fb9329752f11422880d78e6922b2839ed272a995aa1df20c82c09e220ecdbfa

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fd07754b1b2cfaf024504d81cdd9382bc5f76815052a6405ff52432fc2087dee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1705e6c5-2322-4657-b39e-c3a206a45f9c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://simpleflying.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
pbs.nextmillmedia.com/openrtb2/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
x-prebid
pbs-go/nextmillmedia/41.27.17
vary
Origin
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=28626
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A76 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8A76 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 09:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 09:30:38 GMT
main.19.8.417.js
static.adsafeprotected.com/ Frame 8A76 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.417.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
751fb681f54d257d1e40ec453a64608224a9862491da12791310bdeb0c1d8a2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 15:19:15 GMT
x-amz-version-id
UVbFefY6UOYSsxlF6c.82fk2mbTK4IKy
content-encoding
gzip
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
807895
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Jun 2023 21:53:40 GMT
server
AmazonS3
etag
W/"bb95c129f80c46c33e169dde0694b792"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
fA8Ohqpb2WjlDMmjXk99RBl7Ghd-g7b4TJPAPbW3PcRA8IXy6M2pxQ==
passback_300x250.js
static.adsafeprotected.com/ Frame 8A76
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1362487/69631270/xbbe/creative/adj?p=APEucNW5E4rWA2pyRbBPKdopVfnuPP6tQ1dk2E5yIaWp634Tpr9z_Dc&d=CokBAKAmf-DsSeV1Wrv7PFymp9pWDL81_X2JfLRKOGuAJIC8HWU5fsarRnYLKGC...
  • https://static.adsafeprotected.com/passback_300x250.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_300x250.js
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding
gzip
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
date
Mon, 12 Jun 2023 05:07:38 GMT
x-amz-cf-pop
IAD55-P3
age
498992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:42 GMT
server
AmazonS3
etag
W/"44f0ac540dc9c11f94344414c879b658"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
qRKeLTJky71eNtdDbFHNeWuqIB60P3430_q8a-aj3PxfdsFDZxLjkA==

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
nginx
x-server-name
app20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame E4BA 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
6628375
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
p2881rhQ4KMMR2-7LXqn6UQIism9NMY1Am2-vIeNzy9KT0354a-4Wg==
PugMaster
image6.pubmatic.com/AdServer/ Frame 4747 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16610656&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.sync.viewdeos.com%2Fcsync%3Ft%3Da%26ep%3D642794%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:08 GMT
content-length
0
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fib.3lift.com%2Fstatic%2Fbuttons%2Fedaa%2FOBA_TRANS.png&i=TRIPLELIFT1&ol=600688035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BQToISVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-ltsW7OXurwpsfw%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57M19aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&id=1&ii=4&f=0&j=&t=1687045448920&de=493892093721&cu=1687045448920&m=101&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6114&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A884%3A884%3A3381%3A845&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=67&cd=0&ah=67&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11453%3A216274%3Aundefined%3A10&bo=5989&bd=simpleflying.com&gw=triplelift879988051105&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=711&zMoatTactic=undefined&zMoatPixelParams=aid%3A18788414406413937260552%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&jm=-1&tc=0&fs=203695&na=1472514344&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.156.48 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-156-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 17 Jun 2023 23:44:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1F3F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 09:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 09:30:38 GMT
bl-255bb0a-215d450f.js
tagan.adlightning.com/valnet/ Frame 0CA7 		133 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/bl-255bb0a-215d450f.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af037d5bbe80a293a473b05175fee0bb20527405cf6921aaf3035ce1776d5936

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 17:36:28 GMT
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
x-amz-version-id
t4GF6pUWMTGKed772mkUmPaKV3qPVbwO
x-amz-cf-pop
IAD89-P1
age
367662
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
42378
x-amz-meta-git_commit
255bb0a
last-modified
Tue, 13 Jun 2023 17:32:31 GMT
server
AmazonS3
etag
"1ccc4ee64c627acfcb3f2b10732a0db3"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
a08ESqtnr-SjT-7dDA06KKPvLcqsCpoVgGA0xqTOVoQnAZbCCeDA5Q==
b-e09f10f-d93d43bf.js
tagan.adlightning.com/valnet/ Frame 0CA7 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15c8a0708e3db7938bb7d7a63b5c67abad96dde683cccef9b5254e82e203cf62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 16:35:59 GMT
content-encoding
gzip
via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
x-amz-version-id
Zv9.b8J7cZOfuJGJyhlkBF6T85xjCqrA
x-amz-cf-pop
IAD89-P1
age
1062491
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28870
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:35:39 GMT
server
AmazonS3
etag
"82cf001d792438020a87c24097f91aa6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
131DDDU53eiQQDv3NaIFlvzxFsnFmESPJXGByZwJ7mi7pV-SBG6-pw==
async_usersync
ib.adnxs.com/ Frame D124 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:09 GMT
AN-X-Request-Uuid
562fd2e1-df70-4bc9-92a4-c5b8be8b0246
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/Serving/Cookie/ Frame DF21 		92 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fa6038e8d9eadac21cff7cf98fb3853255e008775f4fe2bdde3ce3a373bced35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
200
expires
-1
cm
us-u.openx.net/w/1.0/ Frame 4D38 		709 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e88120a7af5d794ed12526655b4d0da37498ebbdf092ca95f2cf3244b9096b1e

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
444
content-type
text/html
date
Sat, 17 Jun 2023 23:44:09 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7DC3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99776
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 17 Jun 2023 23:44:09 GMT
expires
Mon, 19 Jun 2023 03:27:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.44.237.135, 4.7.166.102
x-check-cacheable
YES
x-serial
66383
/
onetag-sys.com/usync/ Frame 2887 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame DF21
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=G1VwhPZH-q26XH-aR1uPMNQ8
95 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=G1VwhPZH-q26XH-aR1uPMNQ8
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Sat, 17 Jun 2023 23:44:08 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Sat, 17 Jun 2023 23:44:09 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=G1VwhPZH-q26XH-aR1uPMNQ8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/ Frame DF21
Redirect Chain
  • https://id5-sync.com/s/286/9.gif?puid=8d412b32-806f-4149-b836-0zz1687045443&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAE2u07JHIsAACA_VdpK4w
  • https://ce.lijit.com/merge?pid=58&3pid=C9FE2347-10FF-4ABA-8761-C084B8379398&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1242%2F7%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/286/1242/7/3.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAE2u07JHIsAACA_VdpK4w&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1241%2F6%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/286/1241/6/4.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F3%2F5%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/286/3/5/5.gif?puid=d895648e-4544-4600-8aa4-c61d989f4bad&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F434%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/286/434/4/6.gif?puid=548f579a-2e91-4164-a201-9f750b993513&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1129%2F3%2F7.gif%3Fpuid%3D%25%25VGUID%25%25%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/1129/3/7.gif?puid=FPMXHM4WgKFW&gdpr=0&gdpr_consent=&ev=1&pid=558355
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LJ0NAQAS-1X-L7LS&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LJ0NAQAS-1X-L7LS&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1243%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_co...
  • https://id5-sync.com/c/286/1243/1/9.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F101%2F0%2F10.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/101/0/10.gif?puid=552a321d-0826-4b59-96ba-f8d1f84f917e&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?uid=ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA
95 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?uid=ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Sat, 17 Jun 2023 23:44:13 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?uid=ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA
date
Sat, 17 Jun 2023 23:44:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
main.19.8.417.js
static.adsafeprotected.com/ Frame 1F3F 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.417.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
751fb681f54d257d1e40ec453a64608224a9862491da12791310bdeb0c1d8a2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 15:19:15 GMT
x-amz-version-id
UVbFefY6UOYSsxlF6c.82fk2mbTK4IKy
content-encoding
gzip
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
807895
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Jun 2023 21:53:40 GMT
server
AmazonS3
etag
W/"bb95c129f80c46c33e169dde0694b792"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
aX9UARoNWIpwUT5ZR7JPKmtr6WATg79yLllpro-dNiNzYUSqbokBMg==
passback_728x90.js
static.adsafeprotected.com/ Frame 1F3F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1362487/69631272/xbbe/creative/adj?p=APEucNUyvx52L1MeRDKyps9I3f2CeWF64We_56lmBext-z3oahTjDUE&d=CokBAKAmf-DLBySL6ukjqhBPEuhnoTv2GzLMi00_svmMPHg5jI8EW8H1tTwQuBh...
  • https://static.adsafeprotected.com/passback_728x90.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_728x90.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding
gzip
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
date
Tue, 13 Jun 2023 05:39:04 GMT
x-amz-cf-pop
IAD55-P3
age
410707
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:52 GMT
server
AmazonS3
etag
W/"696b4c19d35efd706805137a8a4b3831"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
yngdnsHx1h4m6Bjilx-q5_55EuVpl1ktxnV7OEA9lJNNwXs-sOFZfA==

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:09 GMT
server
nginx
x-server-name
app14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 930D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
6628375
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
1aNPwZz2gYK4zj7FlwAAxS5VtRKdU_Y4ewLg5PUqhfM7yZiV3iIV4A==
view
securepubads.g.doubleclick.net/pcs/ Frame 618A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5Xm3EwZ2N0eNSLH0MmP-j-7GsSt2vKax0hd8x4XfVKHM1Zq_tFO2lZd_i5fW5xxSBktQZfQJjAnUUQaasRnojv5QGznM7PkA1uQC3nKnALfNk7E9rSbnNLQIm_ubJovxA4uT_6jUPCAbaHReGwNNIGZUfrDWo0hSGlm47w5glYZzxQWK64CpKzmwRjqcr26oz6Jh6imSRPoI4eqSmunRXFueRdGl4bXmNFB7kwSyQ0AeuexOE6HUSpWT-DaOqQo7hv9Jk7VRKqQxakY7UrcX6TOh73QMscSm3B9LcgJ3-TXEJ9us9O0biUM3gOB4jD38wTntFZzaTUaDDFeNLRYhd6UtO2iDIFvr3GP1Eq3sd&sai=AMfl-YQGWKaQ-5Agx-GAmkO-2zXM2r2ThMgvxVOX4-JFYXLZ1wLPkhEPJcT6-gft4Gt-qi_hSD5I06kc4w1Q8KpE2rKbybCbUsxPMEDh-ehKr8KYYT1mHDeblAmIsiqJlTY&sig=Cg0ArKJSzP8ucF5-S0ZkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
i.js
tag.bounceexchange.com/5553/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/5553/i.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
8e20bcf6d02261d20eb66c16a5e09c5aff61008b471d10cd227dd8f3ab1d5a4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:43:04 GMT
content-encoding
gzip
via
1.1 google
age
66
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2092
server
istio-envoy
etag
10d28d34334a01
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=5777a7a2-3679-dfdb-c0a3-35bce5f1aa76&tv=%7Bc:fQgjsG,pingTime:-2,time:563,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1937,beZ:1938,mfA:1940,cmA:1942,inA:1942,inZ:1947,prA:1947,prZ:1972,si:1980,poA:1988,poZ:2014,cmZ:2014,mfZ:2014,loA:2089,loZ:2095,ltA:2498,ltZ:2498%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:42%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:564,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1065.2234.300.250,am:i,cc:1065.2234.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B557~0%5D,as:%5B557~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tHu6Mj1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2*.1362487-69631270%7C1g21%7C1g3%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u%7C1v%7C1w,idMap:1g2*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:44,slid:%5Bgoogle_ads_iframe_/39363775/SimpleFlying/Article_Rail_Desktop_0,google_ads_iframe_/39363775/SimpleFlying/Article_Rail_Desktop_0__container__,div-gpt-ad-1551123852005-0,ad-zone-size-container-div-gpt-ad-1551123852005-0,ad-zone-container-div-gpt-ad-1551123852005-0,dynamically-injected-refresh-ad-zone-div-gpt-ad-1551123852005-0,adsninja-ad-zone-div-gpt-ad-1551123852005-0,secondary%5D,sinceFw:510,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame 4D38 		95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=7b6e5be5-d568-48c2-ad87-e3d50738d95c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Sat, 17 Jun 2023 23:44:08 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
sd
us-u.openx.net/w/1.0/ Frame 4D38
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=A1A1E2756F36417A842BBECC019687AF
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A1A1E2756F36417A842BBECC019687AF
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 17 Jun 2023 23:44:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A1A1E2756F36417A842BBECC019687AF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Jun 2023 23:44:10 GMT
57424
i6.liadm.com/s/ Frame 4D38
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=9975ce8b-ba8c-45c5-b43c-92e8a0e97bf9
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=9975ce8b-ba8c-45c5-b43c-92e8a0e97bf9&_li_chk=true&previous_uuid=9ffaf2c16a604ac0a1e91fcff0445844
  • https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=9975ce8b-ba8c-45c5-b43c-92e8a0e97bf9
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=9975ce8b-ba8c-45c5-b43c-92e8a0e97bf9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:4106:3062:270c:cbbd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:11 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=9975ce8b-ba8c-45c5-b43c-92e8a0e97bf9
Date
Sat, 17 Jun 2023 23:44:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
g.pixel
aa.agkn.com/adscores/ Frame 4D38 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=8541f271-c29a-4425-9cf8-e264aab92830
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-105.iad55.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
via
1.1 5a0e8b615e213d3d5cc20b095e088b16.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD55-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
UeklidZuqDsutOsPPCEI01aOd0PIhKZvt3Rn87v_Bxel49kXfr23hg==
expires
0
37274
stags.bluekai.com/site/ Frame 4D38 		62 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=bed74aa9-b821-4235-8c4d-f1cab12fdaa5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.21.62 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-21-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
a175
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame 4D38 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 4D38
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=356e8785-95ce-5a82-0193-251d0fb2fad4
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0nluaib0xrmmr
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0nluaib0xrmmr
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0nluaib0xrmmr
cache-control
no-cache
cf-ray
7d8f28b07c0131f6-MIA
content-length
0
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=69baaad5-b56e-aea9-4734-b289c2738647&tv=%7Bc:fQgjtx,pingTime:-3,time:376,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:48%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:377,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B371~0%5D,as:%5B371~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHu6MmT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g21%7C1g22%7C1g3%7C1h*.1362487-69631272%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,siq:50%7D&br=c
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=69baaad5-b56e-aea9-4734-b289c2738647&tv=%7Bc:fQgjtD,pingTime:-6,time:382,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:382,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B376~0%5D,as:%5B376~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHu6MmT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g21%7C1g22%7C1g3%7C1h*.1362487-69631272%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,siq:50%7D&tpiLookup=ao:simpleflying.com*&br=c
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame 618A 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5ad55d1884073f268a1333b7d15e0c7bdbe3c92cc0d59075ac718daff08cc63

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 618A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsF1xSeEHziLTG0xMTi8wsqD_wQzFZhQqqo8cPLHTJcQDkkM8nU7VvpFNvKd-lsoIYhtEoAM__WzZSg4rRMImNh3QKPsztWU9zCuxAap9TBPgFnG_-wnOyW3cY03KsfP6wsWjvkCivBfbX76TjGfS9LkrotTTuqFIRd-4M5I8xZfLpD3a7mXYaTH1ZQXNno2HyGy65EjYajXd3UUoAgTkiqaBZBsW4IDSeb6LN2j9uNQaBlVGkk6TyD7VIbP4ygXmjWa-m3PBrGJ-WqiOKybZpJriHDEO9sVfAHONIkSXl6lKOLEEjvkUU8JBebXtZmaiEuS712_97evopyfkv44FB4t7Qz-QnJpmYtEFoePIGIf0&sai=AMfl-YTm64SzpMn24ZlNGsKk1vK2-po1SvAHVXhBv3-5L_hO-AZN_lCHb6p5d05wdl9CAyFhYUF2xoR1T7UEgH6hw9r3cLxmTNSjTMLOsdMTBYKqvifM1Wo8oUO23zPkhvU&sig=Cg0ArKJSzNB5Enm6i8ZjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 17 Jun 2023 23:44:10 GMT
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ssb&id=Ad7FvyOqTE3AvGoSrEDIy7kAAAGIy76m6wAADp31tzuF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H3RJH4MJ3WDTAM392HVC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=69baaad5-b56e-aea9-4734-b289c2738647&tv=%7Bc:fQgjC1,pingTime:-2,time:902,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2381,beZ:2382,mfA:2384,cmA:2385,inA:2385,inZ:2389,prA:2390,prZ:2422,si:2431,poA:2438,poZ:2463,cmZ:2463,mfZ:2463,loA:2763,loZ:2769,ltA:3282,ltZ:3283%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:48%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:902,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B896~0%5D,as:%5B896~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHu6Mj1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2.1362487-69631270%7C1g21%7C1g22%7C1g3%7C1h*.1362487-69631272%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w,idMap:1h*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:50,sinceFw:844,readyFired:false%7D&br=c
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
log
c21lg-d.media.net/ Frame 6513 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=t-coD51x4nBKo_4aNobnCest--OCJP3X&cs=15&vsid=3300470441523937000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 17 Jun 2023 23:44:10 GMT
content-length
35
content-type
image/gif
log
c21lg-d.media.net/ Frame 6513 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=0c457ea2-afab-4a89-a606-23580d1c3829&cs=15&vsid=3300470441523937000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 17 Jun 2023 23:44:10 GMT
content-length
35
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 447E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
254996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 00:54:14 GMT
expires
Fri, 14 Jun 2024 00:54:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b
c3.a-mo.net/
Redirect Chain
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/&tl=https://simpleflying.com/two-united-airlines-emp...
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=undefined&us_privacy=1---&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
0
0
prebid
id5-sync.com/api/config/ 		135 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
846544dc781fa3925d836b6cfb73e2890615fbb060434f1810722760e6e59952
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13704
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:10 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fpc
simpleflying.com/cvx/client/sync/ 		43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simpleflying.com/cvx/client/sync/fpc?id=pubcid%3Ad62c0496-47d4-45b0-8890-2d8087a5f7f1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-113-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache
content-length
43
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame A14B 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jMGI0MDVkMi0xY2VmLTQ1MDMtYWRjNy1hOTI4NjJiMDM3ZjU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 7C91
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:10 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sat, 17 Jun 2023 23:44:10 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=7ecff58d-29b4-4fea-b0e3-d6c5213016b0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
onetag-sys.com/usync/ Frame 0196 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1687045443921&gdpr=0&us_privacy=1---
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 6658 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
452
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d8f28b2e95eb3d4-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:10 GMT
expires
Sun, 18 Jun 2023 03:44:10 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
sync.cootlogix.com/api/sync/iframe/ Frame 23D7 		109 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
24.199.80.64 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Sat, 17 Jun 2023 23:44:10 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
checksync.php
contextual.media.net/ Frame E4E3 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c98aaf6e543503ad4c8449977d7a4e1d3b6bcca812999bc0f79451fe56838689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12078
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:10 GMT
expires
Mon, 19 Jun 2023 23:44:10 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
u.4dex.io/ Frame 8964 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/usync.html?us_privacy=1---
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c3a49a467118bc6047f8313c4c583e226cf347c650c03c12c819ebd48ad8f246

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
1027
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:10 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 443C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
d73c6fa26e2b7dc8cb5d1bdac31ea36209d58479d001c98cd19b2c225515e204

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1255
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:10 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
isyn
prebid.a-mo.net/ Frame 80D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sat, 17 Jun 2023 23:44:10 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2F34 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
61366
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 17 Jun 2023 23:44:10 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 09 Jun 2023 06:41:08 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1814, 166900
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760065-MIA
X-Timer
S1687045451.711804,VS0,VE0
setuid
pbs.nextmillmedia.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://pbs.nextmillmedia.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=6163557896886539984
86 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=6163557896886539984
Protocol
H2
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Date
Sat, 17 Jun 2023 23:44:10 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ebabbba6-bf87-4d41-8005-46f9683d8a31
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pbs.nextmillmedia.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=6163557896886539984
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
pbs.nextmillmedia.com/
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://pbs.nextmillmedia.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&f=i&uid=[UID]
86 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&f=i&uid=[UID]
Protocol
H2
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://pbs.nextmillmedia.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&f=i&uid=[UID]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
setuid
pbs.nextmillmedia.com/
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUID%7D
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=a01d9dc0-34c9-4c5d-9d36-aefbab24789b
86 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=a01d9dc0-34c9-4c5d-9d36-aefbab24789b
Protocol
H2
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:10 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://pbs.nextmillmedia.com/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=a01d9dc0-34c9-4c5d-9d36-aefbab24789b
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
setuid
pbs.nextmillmedia.com/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&pu=https://image4.pubmatic.com/AdServer/SPug?p=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157577%26pr%3Dhttp...
  • https://image4.pubmatic.com/AdServer/SPug?p=https://image4.pubmatic.com/AdServer/SPug?p=157577&pr=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3DC9FE2347-10FF-4ABA-8761-C0...
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=-1&gdpr_consent=
55 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=-1&gdpr_consent=
Protocol
H2
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
cdf01f732af29d4a13c384a2afa26c164bfe4be9ee36c04d7f2bf401f4cbeb8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
55
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=-1&gdpr_consent=
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
pbs.nextmillmedia.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=ZI5FQbEkXkeCVJbyhldx0QAA%26033
86 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=ZI5FQbEkXkeCVJbyhldx0QAA%26033
Protocol
H2
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://pbs.nextmillmedia.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=ZI5FQbEkXkeCVJbyhldx0QAA%26033
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A84A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
254996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 00:54:14 GMT
expires
Fri, 14 Jun 2024 00:54:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame C654 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
6628377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
LbaVjKQY4ZZhK0sT4ItCqtiVehlJ8lnBgoO8Aj7lB_E4Fx0kRearcA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=710966350&campId=51178161&pubId=96&placementId=396059580&adsafe_par&bundleId=&dealId=&bidurl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/&adsafe_url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:b596421c-1b45-81d6-5cb8-0b066de518a9,c:fQgjJk,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6dd95747fd-stkcd,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1065.2234.300.250,am:i,cc:1065.2234.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1562,mot:0,app:0,maw:0,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2*.925113%7C1g21%7C1g22%7C1g23%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110%7C111%7C112%7C113%7C114%7C115%7C116,idMap:1g2*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1600,oid:d9bee4c6-0d68-11ee-82ba-ca45486ddc57,v:19.8.417,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.148.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-148-57.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
app11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame C1CF 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
6628377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
FaZhrblJdOVw-Y5qAsFmQevpZ5FsgGhAULSQAn8J2lHPBtSJ271Krg==
mon
pixel.adsafeprotected.com/ Frame 1F3F 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=710966350&campId=51178161&pubId=13&placementId=396059734&adsafe_par&bundleId=&dealId=&bidurl=https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage&adsafe_url=https%3A%2F%2Fsimpleflying.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fd83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:134cc399-2d0d-bc26-68f6-acddc0288889,c:fQgjK3,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6dd95747fd-r87f9,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1388,mot:0,app:0,maw:0,fm:tHu6MmP+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g21%7C1g22%7C1g23%7C1g24%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110%7C111%7C112%7C113%7C114%7C115%7C116,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1404,oid:d9b76a82-0d68-11ee-ac81-0a04c8655328,v:19.8.417,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.148.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-148-57.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
app03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=28626
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:11 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 1F3F 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date
Sun, 11 Jun 2023 05:52:03 GMT
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
582729
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
10216
last-modified
Fri, 18 Feb 2022 23:29:13 GMT
server
AmazonS3
etag
"b1464a7201f691a1e4cf6fc057919d7f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
QTZXtSIYXOZ921j3-WFau92jNNk_qMsBsateMXCq6q90xw6jickMcg==
IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 8A76 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date
Sun, 11 Jun 2023 02:15:03 GMT
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
595749
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14233
last-modified
Fri, 18 Feb 2022 23:28:59 GMT
server
AmazonS3
etag
"65a8b98b798ce416d94c2847aca40c71"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
p3YCzdPFl-oMCviLnJCgBGkzPyHT8Y0_7yxxmyN1aa2aKpQzC_KKzA==
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=wkdusMBGYuHZQ2Hnw0Z7tsYWYbPZEjSwwUJU_IuQ
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=wkdusMBGYuHZQ2Hnw0Z7tsYWYbPZEjSwwUJU_IuQ
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=wkdusMBGYuHZQ2Hnw0Z7tsYWYbPZEjSwwUJU_IuQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=52f6cc5c2a392197&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAIrvVJP9e1mwMhFZyAAAAAAAA&expiration=1687131851&is_secure=true&gdpr_consent=&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAIrvVJP9e1mwMhFZyAAAAAAAA&expiration=1687131851&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAIrvVJP9e1mwMhFZyAAAAAAAA&expiration=1687131851&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=d895648e-4544-4600-8aa4-c61d989f4bad&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=d895648e-4544-4600-8aa4-c61d989f4bad&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sat, 17 Jun 2023 23:44:11 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x51 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=d895648e-4544-4600-8aa4-c61d989f4bad&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jun 2023 23:44:10 GMT
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=bdc7de11-25d2-4be2-916c-1ec105949f96&dongle=31ac&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=bdc7de11-25d2-4be2-916c-1ec105949f96&dongle=31ac&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=bdc7de11-25d2-4be2-916c-1ec105949f96&dongle=31ac&gdpr=0&gdpr_consent=
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZI5FQwAAARkr3QAz&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZI5FQwAAARkr3QAz&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1687045451.454394,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZI5FQwAAARkr3QAz&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=&tc=1
  • https://eb2.3lift.com/xuid?mid=6547&xuid=WyR0H1r4W4Pt0NMPdPw3&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=&tc=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=WyR0H1r4W4Pt0NMPdPw3&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=WyR0H1r4W4Pt0NMPdPw3&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT, Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=su5GORrt1QaFAo5&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=su5GORrt1QaFAo5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:10 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-080ca4cd6cc01412e@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=su5GORrt1QaFAo5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=A1A1E2756F36417A842BBECC019687AF&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=A1A1E2756F36417A842BBECC019687AF&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=A1A1E2756F36417A842BBECC019687AF&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Jun 2023 23:44:11 GMT
sync
ups.analytics.yahoo.com/ups/58382/ Frame 443C 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58382/sync?uid=4090118527531875369328&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
xuid
eb2.3lift.com/ Frame 443C
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_d79685b0-0d68-11ee-bd01-12a7adfcdbeb
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_d79685b0-0d68-11ee-bd01-12a7adfcdbeb
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_d79685b0-0d68-11ee-bd01-12a7adfcdbeb
date
Sat, 17 Jun 2023 23:44:11 GMT
content-length
0
content-type
text/plain
runtime_b4ad65fa381da0648767eee58152de5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		2 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_b4ad65fa381da0648767eee58152de5e.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8c0918c9505f3e9e1a402db8a8fd2134d799af574e639a3965a0a28ded8cc0b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 22:56:28 GMT
content-encoding
br
age
2863
x-guploader-uploadid
ADPycdt3AwQFoCYH7eMQKJqpoGqG5bva9pAY1pAvDrHOy_Gz7TeBPzxKyixvkENLOQSx1mtuerupATKkz0oHekRrsvZij4ji6K-l
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
677
last-modified
Fri, 16 Jun 2023 16:59:39 GMT
server
UploadServer
etag
"eefae9361af612ce4ba4df40b85e8e22"
x-goog-generation
1683121199273331
x-goog-hash
crc32c=/u+Zbg==, md5=7vrpNhr2Es5LpN9AuF6OIg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
677
accept-ranges
bytes
content-type
text/javascript
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=5777a7a2-3679-dfdb-c0a3-35bce5f1aa76&tv=%7Bc:fQgjOj,pingTime:-2.1,time:1904,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:42%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1904,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1065.2234.300.250,am:i,cc:1065.2234.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1897~0%5D,as:%5B1897~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:1112,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2*.1362487-69631270%7C1g21%7C1g3%7C1h.1362487-69631272%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u%7C1v%7C1w,idMap:1g2.b596421c-1b45-81d6-5cb8-0b066de518a9.319_925113%7C1g2*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:44,slid:%5Bgoogle_ads_iframe_/39363775/SimpleFlying/Article_Rail_Desktop_0,google_ads_iframe_/39363775/SimpleFlying/Article_Rail_Desktop_0__container__,div-gpt-ad-1551123852005-0,ad-zone-size-container-div-gpt-ad-1551123852005-0,ad-zone-container-div-gpt-ad-1551123852005-0,dynamically-injected-refresh-ad-zone-div-gpt-ad-1551123852005-0,adsninja-ad-zone-div-gpt-ad-1551123852005-0,secondary%5D,sinceFw:510,readyFired:true,sis:1673%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=69baaad5-b56e-aea9-4734-b289c2738647&tv=%7Bc:fQgjOH,pingTime:-2.1,time:1688,type:a,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:48%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1688,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1682~0%5D,as:%5B1682~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:1052,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2.1362487-69631270%7C1g21%7C1g22%7C1g3%7C1h*.1362487-69631272%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w,idMap:1h.134cc399-2d0d-bc26-68f6-acddc0288889.295_925113%7C1h*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:50,sinceFw:844,readyFired:false,sis:1430%7D&br=c
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=134cc399-2d0d-bc26-68f6-acddc0288889&tv=%7Bc:fQgjOK,pingTime:-3,time:1695,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1404%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1695,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B308~0%5D,as:%5B308~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2.925113%7C1g21%7C1g22%7C1g23%7C1g24%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110%7C111%7C112%7C113%7C114%7C115%7C116,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,siq:1404%7D&br=c
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=134cc399-2d0d-bc26-68f6-acddc0288889&tv=%7Bc:fQgjOM,pingTime:-6,time:1697,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1697,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B309~0%5D,as:%5B309~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2.925113%7C1g21%7C1g22%7C1g23%7C1g24%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110%7C111%7C112%7C113%7C114%7C115%7C116,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,siq:1404%7D&tpiLookup=ao:simpleflying.com*&br=c
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame 66F3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
4fed4306fbb3c49aba1651258c3388897eb4182ed8f99935a477dfdc48d6a816

Request headers

Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1654
Content-Type
text/html
Date
Sat, 17 Jun 2023 23:44:11 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1BC3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
24926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 16:48:45 GMT
etag
48472445140208031
expires
Sun, 18 Jun 2023 16:48:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame DF21 		95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=2198261905534825226
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Sat, 17 Jun 2023 23:44:10 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/ Frame EF22 		193 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b5c874d8de272535457ac525053006bede9da3fc07041a160486a6758b38634
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3446
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23488
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 22:46:45 GMT
expires
Sun, 16 Jun 2024 22:46:45 GMT
last-modified
Thu, 18 Nov 2021 10:36:42 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
/
dmp.adblade.com/srv/sync/gateway/ Frame E4E3 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:11 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
710489.gif
id.rlcdn.com/ Frame E4E3 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8322 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dpba%26refUrl%3D%26vid%3D70454514443300470441523937000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99774
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 17 Jun 2023 23:44:11 GMT
expires
Mon, 19 Jun 2023 03:27:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.44.237.135, 4.7.166.102
x-check-cacheable
YES
x-serial
66383
cksync.php
contextual.media.net/ Frame E4E3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=SH61o9eW3usfInkR2FZ-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKTJA3DC3ZZMVLTG5LTMZEW422SGJDFU...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=SH61o9eW3usfInkR2FZ-https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=704545144433004704415239...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=SH61o9eW3usfInkR2FZ-https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=70454514443300470441523937000V10&vsid=3300470441523937000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU8C5QS6&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C157%2C2028%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C171%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C77%2C38%2C141%2C262%2C461%2C222%2C2017%2C225%2C226%2C10000%2C80%2C108%2C229%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Sat, 17 Jun 2023 23:44:12 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=SH61o9eW3usfInkR2FZ-https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=70454514443300470441523937000V10&vsid=3300470441523937000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
truncated
/ Frame 1F3F 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8ee96d365ed75fe0e197af1c4f3d844ff5b3f2ab0a257bcef0aad68681969d1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=69baaad5-b56e-aea9-4734-b289c2738647&tv=%7Bc:fQgjQq,pingTime:-10,time:1795,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687045451485%7C%7Cba1e9493793f9a896811ecd52be98553%7C%7C8623b242deb4313525321dba17b62725%7C%7Cf4d9344212a76696ca09c5322035fd05%7C%7Cd65b51626554548e304137f0c22525ea%7C%7C1f66ecb14c5c97d91ff7562782a354ab%7C%7Cbcd7771bc77f5226435ad51161de05e7%7C%7Cf5c53ffc64ae437717ac888f135d8800%7C%7C1663701684%7D
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=b596421c-1b45-81d6-5cb8-0b066de518a9&tv=%7Bc:fQgjQV,pingTime:-2,time:2071,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1932,beZ:1934,mfA:3494,cmA:3497,inA:3497,inZ:3507,prA:3508,prZ:3525,si:3533,poA:3533,poZ:3555,cmZ:3555,mfZ:3555,loA:3859,loZ:3864,ltA:4003,ltZ:4003,mdA:1935,mdZ:2154%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:1599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2071,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1599,wc:0.0.1600.1200,ac:1065.2234.300.250,am:i,cc:1065.2234.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B502~0%5D,as:%5B502~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2*.925113%7C1g21%7C1g22%7C1g23%7C1h.925113%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110%7C111%7C112%7C113%7C114%7C115%7C116,idMap:1g2.5777a7a2-3679-dfdb-c0a3-35bce5f1aa76.115_1362487-69631270%7C1g2*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:1601,slid:%5Bgoogle_ads_iframe_/39363775/SimpleFlying/Article_Rail_Desktop_0,google_ads_iframe_/39363775/SimpleFlying/Article_Rail_Desktop_0__container__,div-gpt-ad-1551123852005-0,ad-zone-size-container-div-gpt-ad-1551123852005-0,ad-zone-container-div-gpt-ad-1551123852005-0,dynamically-injected-refresh-ad-zone-div-gpt-ad-1551123852005-0,adsninja-ad-zone-div-gpt-ad-1551123852005-0,secondary%5D,sinceFw:470,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F3F 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:11 GMT
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=134cc399-2d0d-bc26-68f6-acddc0288889&tv=%7Bc:fQgjR1,pingTime:-2,time:1836,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2377,beZ:2378,mfA:3765,cmA:3765,inA:3765,inZ:3766,prA:3766,prZ:3777,si:3781,poA:3782,poZ:3797,cmZ:3797,mfZ:3797,loA:4074,loZ:4078,ltA:4213,ltZ:4213,mdA:2379,mdZ:2495,idA:3798,idZ:3875%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1404%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1836,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B448~0%5D,as:%5B448~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2.925113%7C1g21%7C1g22%7C1g23%7C1g24%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110%7C111%7C112%7C113%7C114%7C115%7C116,idMap:1h.69baaad5-b56e-aea9-4734-b289c2738647.137_1362487-69631272%7C1h*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:1404,sinceFw:432,readyFired:false%7D&br=c
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adview
securepubads.g.doubleclick.net/pagead/ Frame 0CA7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnVH7R0WOZLeRJ_GJoPMP87KIwAOm4srJZq3BkJzkDr73v4-JDhABIKf5oSZgyYaAgNyjxBCgAZ24-9gDyAEJqQKiS9Dlh0WSPuACAKgDAcgDAqoE0QJP0M65QqxwkpoLrxhSvf2cvQcHT_VoadQ9zHo_CydWyrKhMniOq7F-rb2yNJQNr7-VmGo3uWKkBK6DXxOOdRSVk-xEUj9P_8YTOWM_OdvBhM5boYZvRqVioJvWW_YCoe7xKxAIquPkwKmTv_IOORwA1HXWDgrraROz09XWjvcdVDfcThEAqKj_PQtqkMXIhcy7khvckkLSkr-wl-7mb6zeOeyV7BqSSD7Ce_Z8NFKgqfWSXMvGEyKAyXaV5JX8FY9u--1gUc1Ck0BXlimqOuscBmj5yYH1vcRi-xujkSiPDNOouxsSgkzQ8CeXdaP6lB7KW04GSuqd3oaF5elrHPRz6haLyWnwnAo3WdfTyjTSys2l3TbbpLteCUOOGBRPsRtxoYpyoFmCT_r-SIqcdqvgTTT4oIJuGxkHrPYdkFdj-_LbxoM0yVT9lIJjBGzD8SXIwATAitH65QPgBAGSBQQIBBgBkgUECAUYBKAGXYAHy8eEJ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP3mUNIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTgzODI1OTg1MDM1MTk5NzEY16gW&sigh=RyibFa07P10&uach_m=[UACH]&cid=CAQSPABygQiDVI2RAoPet7wZyKfbE0PiK5Y2GdB2_zaZMy9TXWRqyYqkteYDjrx7n9CG8EkGVLBtHqd6LkffNxgB
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 0CA7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 18:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
17283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8931
x-xss-protection
0
server
cafe
etag
12022837384336330993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 18:56:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 856C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
455
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:36:36 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0CA7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 18:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
17283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 18:56:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0CA7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 18:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
17283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 18:56:08 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
880b18fe2ae242f80df02f22056d97fac4bd37968d0b66fef0f1175786465990
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
hde.tynt.com/deb/ Frame F1EE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Requested by
Host: u.4dex.io
URL: https://u.4dex.io/usync.html?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
24381a54b3adcd196fa9402abc0a54f704b01c1fb275a15d438c6523b3a32296

Request headers

Referer
https://u.4dex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1633
content-type
text/html
date
Sat, 17 Jun 2023 23:44:11 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sat, 17 Jun 2023 23:44:11 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
view
securepubads.g.doubleclick.net/pcs/ Frame 2E13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwLOVb43iJu1QK0xWUUBC2nd7cJ8ZdTFfsLpFydGl4otJpN2TvylgYcaYf_WMRECDu4ThcQCzaHKKY8fV5jsaqLNGEP_RO83hZ-P0op0ZCp3IVHzC5Z1_tQ_YkGe-UbXhADD2e6F8OW2Pjw7_SuvgGgk4RkscAoJB6Yym5qXJVO6dZnJjycDoYMOZJ8cs3YSyFwY-219DzPrBDwNa5HW3__o0v50z5L8tzY3FwuQWTr0YuJx0pyOAmy6AzpelNhZ9RQcKTPhwWzdgYtAtWsArb96uszG0smK7__JzfFrB3-zI2qW1yVa6ZUd4rNyzcEfAMB0KOeGEKRqMgV60ZUaXBvI2suQrg0TlQJkDkekbK&sai=AMfl-YTfhUYEfgrdEHYD1hdc4GUfLHR6pnbXxwm_p1NLAGuDDFULzZG0RoSIApBFQTX2C5oBtRFfkA79b2TdYIegMvKUHJ5kQ8Zin8vTl8LGGEfhF4ZqIQG1KQCO1GGxdOk&sig=Cg0ArKJSzO1MacATsjGFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 17 Jun 2023 23:44:11 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=5777a7a2-3679-dfdb-c0a3-35bce5f1aa76&tv=%7Bc:fQgjRN,pingTime:-10,time:2120,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687045451571%7C%7C3f955facf08e5517f7ba98b8fcd1ed69%7C%7C8623b242deb4313525321dba17b62725%7C%7Cf27fd70f97232f69a303dee8d3ecf753%7C%7Cf8996b67dffa50abc1008180a26e1576%7C%7C1979b171f3b4e96d4220b27eb5023520%7C%7C4481ca64b7786257fbaa8e97cd32142d%7C%7C93d1469a644e7848e2c1fb0d8043d928%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
css
fonts.googleapis.com/ Frame EF22 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans:300,regular,600|Open+Sans:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
232aa4f48d6ad5efb370ad987c477c692acfbf744fdc224843e123f4f85008d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Jun 2023 23:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Jun 2023 23:24:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Jun 2023 23:44:11 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EF22 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 16:03:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
27613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 18 Jun 2023 16:03:58 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EF22 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 16:03:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 18 Jun 2023 16:03:57 GMT
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame 447E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 10:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
306513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 10:35:38 GMT
async_usersync
ib.adnxs.com/ Frame 2F34 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
AN-X-Request-Uuid
69cb52ae-0806-4625-90f6-893dea9a0801
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame A84A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 10:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
306513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 10:35:38 GMT
crum
dsum-sec.casalemedia.com/ Frame 66F3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE2u07JHIsAACA_VdpK4w&expiration=1688255051
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE2u07JHIsAACA_VdpK4w&expiration=1688255051
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE2u07JHIsAACA_VdpK4w&expiration=1688255051
Date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 66F3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H2
Server
2600:1f18:4e9:5a01:1182:3903:eb81:31e2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB
date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 66F3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3666460092970085583
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3666460092970085583
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3666460092970085583
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 66F3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZI5FQwAAARkr3QAz
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZI5FQwAAARkr3QAz
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1687045452.711785,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZI5FQwAAARkr3QAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame 66F3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=47cc3151aac81066&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF03RTt7LZWwMkgANrAAAAAAA&expiration=1687131851&is_secure=true
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF03RTt7LZWwMkgANrAAAAAAA&expiration=1687131851&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF03RTt7LZWwMkgANrAAAAAAA&expiration=1687131851&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
dcm
s.amazon-adsystem.com/ Frame 66F3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
99FZ5C132D2CHC4CC4G5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 66F3
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702856651&external_user_id=ea902a8f-d778-4012-805d-a6faa940b707
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702856651&external_user_id=ea902a8f-d778-4012-805d-a6faa940b707
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Sat, 17 Jun 2023 23:44:11 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702856651&external_user_id=ea902a8f-d778-4012-805d-a6faa940b707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
r.casalemedia.com/ Frame 66F3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 66F3 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZI5FQbEkXkeCVJbyhldx0QAAACEAAAAB=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184915&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7d8f28b93d49b3d4-MIA
content-length
43
expires
Sun, 18 Jun 2023 03:44:11 GMT
pixel
cm.g.doubleclick.net/ Frame 1BC3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEICyPZfiA5RKWw0WQMHpY_0&google_cver=1&google_push=ATf1kGPuzcb8hI-AZYLV5aTSDkF_cjFKIPy0uAY6HcHBaFxL1tikZt1BMiZ8D8LsV2xr-rWbBLsKNQbn...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE5ODI2MTkwNTUzNDgyNTIyNg&google_push=ATf1kGPuzcb8hI-AZYLV5aTSDkF_cjFKIPy0uAY6HcHBaFxL1tikZt1BMiZ8D8LsV2xr-rWbBLsKNQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE5ODI2MTkwNTUzNDgyNTIyNg&google_push=ATf1kGPuzcb8hI-AZYLV5aTSDkF_cjFKIPy0uAY6HcHBaFxL1tikZt1BMiZ8D8LsV2xr-rWbBLsKNQbnvYZ1yzpIZRP0Xst70bc
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE5ODI2MTkwNTUzNDgyNTIyNg&google_push=ATf1kGPuzcb8hI-AZYLV5aTSDkF_cjFKIPy0uAY6HcHBaFxL1tikZt1BMiZ8D8LsV2xr-rWbBLsKNQbnvYZ1yzpIZRP0Xst70bc
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1BC3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJ4ReCXkgLkBFkwporQ0Vug&google_cver=1&google_push=ATf1kGPxC1u0AEuN9FZwxEiW7bs1YRAwoN-Bh1u_y9joHBQKrvcORaADOUGc3aykua74ourpEVQPvULnb1PC0y8...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qvw6C54pW5dT0Uyo7jdufSaEdkc&google_push=ATf1kGPxC1u0AEuN9FZwxEiW7bs1YRAwoN-Bh1u_y9joHBQKrvcORaADOUGc3aykua74ourpEVQPvULnb1PC0y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qvw6C54pW5dT0Uyo7jdufSaEdkc&google_push=ATf1kGPxC1u0AEuN9FZwxEiW7bs1YRAwoN-Bh1u_y9joHBQKrvcORaADOUGc3aykua74ourpEVQPvULnb1PC0y8UO_pjtGipp1M
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qvw6C54pW5dT0Uyo7jdufSaEdkc&google_push=ATf1kGPxC1u0AEuN9FZwxEiW7bs1YRAwoN-Bh1u_y9joHBQKrvcORaADOUGc3aykua74ourpEVQPvULnb1PC0y8UO_pjtGipp1M
Date
Sat, 17 Jun 2023 23:44:11 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 1BC3
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGOyuu0wsiBOTRH2C7maN5vDKglLsWCN87-vMIzac23nwKRRJhpYuvD49I2gsyTiZJjx6lJFWsJtoE...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGOyuu0wsiBOTRH2C7maN5vDKglLsWCN87-vMIzac23nwKRRJhpYuvD49I2gsyTiZJjx6lJFWsJtoEhfKQ7IDTe8KyuDWljb&google_hm=548f579a-2e91-4164-a2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGOyuu0wsiBOTRH2C7maN5vDKglLsWCN87-vMIzac23nwKRRJhpYuvD49I2gsyTiZJjx6lJFWsJtoEhfKQ7IDTe8KyuDWljb&google_hm=548f579a-2e91-4164-a201-9f750b993513
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-83
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGOyuu0wsiBOTRH2C7maN5vDKglLsWCN87-vMIzac23nwKRRJhpYuvD49I2gsyTiZJjx6lJFWsJtoEhfKQ7IDTe8KyuDWljb&google_hm=548f579a-2e91-4164-a201-9f750b993513
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1BC3
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEYR-2V1FlknXO-SywdPr1g&google_cver=1&google_push=ATf1kGPrDLzcKVTPVEKbQk7tFC1ZnXH_X0LRINGfoxZDHMQF4Xa7SCOzUTYVDDk5QZWVjAN-eQpHrbf_hciEh9h_l...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPrDLzcKVTPVEKbQk7tFC1ZnXH_X0LRINGfoxZDHMQF4Xa7SCOzUTYVDDk5QZWVjAN-eQpHrbf_hciEh9h_luW9k8OJggMb&google_hm=G1VwhPZH-q26XH-aR1uPMNQ8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPrDLzcKVTPVEKbQk7tFC1ZnXH_X0LRINGfoxZDHMQF4Xa7SCOzUTYVDDk5QZWVjAN-eQpHrbf_hciEh9h_luW9k8OJggMb&google_hm=G1VwhPZH-q26XH-aR1uPMNQ8
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 17 Jun 2023 23:44:11 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPrDLzcKVTPVEKbQk7tFC1ZnXH_X0LRINGfoxZDHMQF4Xa7SCOzUTYVDDk5QZWVjAN-eQpHrbf_hciEh9h_luW9k8OJggMb&google_hm=G1VwhPZH-q26XH-aR1uPMNQ8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1BC3
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECEHyKMcAnkGjI8NMT3fOao&google_cver=1&google_push=ATf1kGNJn79lRKTRMgu_wbyF4RbiH_QWP7WIeapOZiS7_C6ZMcghTskON0Xa-DRsBXtD9RbT-CxrqsHTlubZx4ID...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2e03aa2e&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGNJn79lRKTRMgu_wbyF4RbiH_QWP7WIeapOZiS7_C6Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2e03aa2e&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGNJn79lRKTRMgu_wbyF4RbiH_QWP7WIeapOZiS7_C6ZMcghTskON0Xa-DRsBXtD9RbT-CxrqsHTlubZx4IDvhXVpq50gsG1
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Jun 2023 23:44:11 GMT
via
1.1 cfb94084ba0615910dd15548de7c4c5e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2e03aa2e&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGNJn79lRKTRMgu_wbyF4RbiH_QWP7WIeapOZiS7_C6ZMcghTskON0Xa-DRsBXtD9RbT-CxrqsHTlubZx4IDvhXVpq50gsG1
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
5FSYWWtAfVOox1ccGgD06eqy7nKeKeEvvLh_5V566CqSaYmGPbzeyQ==
pixel
cm.g.doubleclick.net/ Frame 1BC3
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDFjbo8U87TnQ7aQcBVzT90&google_cver=1&google_push=ATf1kGN2VZapMSvI5BoBtvKWH63H4G2mIBDNJ2hu-eilLo7vvNJpUzQQvX_a3jjstzBMW4pWlBB_848Bzlmt8mvCV9R5mPy6_F4
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGN2VZapMSvI5BoBtvKWH63H4G2mIBDNJ2hu-eilLo7vvNJpUzQQvX_a3jjstzBMW4pWlBB_848Bzlmt8mvCV9R5mPy6_F4&google_hm=ZzliMzdhMDdjZDA4NmE4N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGN2VZapMSvI5BoBtvKWH63H4G2mIBDNJ2hu-eilLo7vvNJpUzQQvX_a3jjstzBMW4pWlBB_848Bzlmt8mvCV9R5mPy6_F4&google_hm=ZzliMzdhMDdjZDA4NmE4NTgyNWI=
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGN2VZapMSvI5BoBtvKWH63H4G2mIBDNJ2hu-eilLo7vvNJpUzQQvX_a3jjstzBMW4pWlBB_848Bzlmt8mvCV9R5mPy6_F4&google_hm=ZzliMzdhMDdjZDA4NmE4NTgyNWI=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1BC3
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKGmbBOGAlWGLVF_fl-weMI&google_cver=1&google_push=ATf1kGOn7vm6IO2a3QRlR7F_NcacXERoo6H17BypW7_tCSjy9PHe3AfXc43L1qDNTVQejY4dpMA16auv-SXxAIjaVYu4OH7hVTgv
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D&google_push=ATf1kGOn7vm6IO2a3QRlR7F_NcacXERoo6H17BypW7_tCSjy9PHe3AfX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D&google_push=ATf1kGOn7vm6IO2a3QRlR7F_NcacXERoo6H17BypW7_tCSjy9PHe3AfXc43L1qDNTVQejY4dpMA16auv-SXxAIjaVYu4OH7hVTgv
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA5MDExODUyNzUzMTg3NTM2OTMyOA%3D%3D&google_push=ATf1kGOn7vm6IO2a3QRlR7F_NcacXERoo6H17BypW7_tCSjy9PHe3AfXc43L1qDNTVQejY4dpMA16auv-SXxAIjaVYu4OH7hVTgv
date
Sat, 17 Jun 2023 23:44:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 1BC3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Loh1WayIGhp5ocYqaOvY5iNJxCCY_48H20jIazRrCiNwdUKMzdUeUjM4nbP5LKymvq50GX
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=134cc399-2d0d-bc26-68f6-acddc0288889&tv=%7Bc:fQgjTN,pingTime:-10,time:2008,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687045451485%7C%7Cba1e9493793f9a896811ecd52be98553%7C%7C8623b242deb4313525321dba17b62725%7C%7Cf4d9344212a76696ca09c5322035fd05%7C%7Cd65b51626554548e304137f0c22525ea%7C%7C1f66ecb14c5c97d91ff7562782a354ab%7C%7Cbcd7771bc77f5226435ad51161de05e7%7C%7Cf5c53ffc64ae437717ac888f135d8800%7C%7C1663701684,im:%7Bpci:%7Btdr:571%7D%7D,sca:%7Bspg:69baaad5-b56e-aea9-4734-b289c2738647%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:0,cnst:na%7D%7D%7D
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
main-v2_243804a7a16a269e5cbfa28db2382900.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		566 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_243804a7a16a269e5cbfa28db2382900.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6011dd69cbd74c6e590baa552439bd8f1efcdffb20a9404362ef7501fab0c317

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 16:59:36 GMT
content-encoding
br
age
24275
x-guploader-uploadid
ADPycdujv7PovFrqk3MhRFd1anzYL1SXsqIUbafLimMwL176qhpQGCw-Cfm2VsieqSWE-PfeWFAQ3pna8EfQTL7iZ-uOkw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112175
last-modified
Fri, 16 Jun 2023 16:59:23 GMT
server
UploadServer
etag
"92c4fb0272c248676b63d837c52a30b0"
x-goog-generation
1686934763519939
x-goog-hash
crc32c=s5IZ3g==, md5=ksT7AnLCSGdrY9g3xSowsA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
112175
accept-ranges
bytes
content-type
text/javascript
cjs_min_75b47138b6892356b3673aaacdf8c6b2.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_75b47138b6892356b3673aaacdf8c6b2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f25988eceea39a30a61f209c355ea08f6925f40fe963ff52cfa2e5f893059021

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 15:57:39 GMT
content-encoding
gzip
age
27992
x-guploader-uploadid
ADPycdsP0fIobPjVFEK-LnA8xMPwYQRrWLk9gDW52MTuP_n4uxuQs6VLwzrucH4_e3Iy0hsv_WE77N4obdoL0Nr0-MTNaphS_-n-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26395
last-modified
Wed, 14 Jun 2023 15:59:23 GMT
server
UploadServer
etag
"56bbf39c785e00478116108489dbb019"
x-goog-generation
1686758363051834
x-goog-hash
crc32c=/wxHAg==, md5=VrvznHheAEeBFhCEiduwGQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600,no-transform
x-goog-stored-content-length
26395
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 856C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:11 GMT
expires
Sat, 17 Jun 2023 23:44:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:11 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 0CA7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ70TEXMlZPTfgrRhSR2psa_U2RObKe8z_y0AG0GvhfU_Cq5v334YJZYvFUG5lWWUrb_MV4H1qs2XQru5OXevM_OmNzvQ
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0CA7 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 23:44:11 GMT
truncated
/ Frame 0CA7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f147b47f56820a785c10c13f77d0c8c763ef3f5b782dd759c26fe782290245fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6HWFJ4EQLT&gtm=45je36e0&_p=1350175328&cid=282878327.1687045442&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&ngs=1&sid=1687045441&sct=1&seg=0&dl=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&dt=Two%20United%20Airlines%20Employees%20Charging%20With%20Stealing%20Marijuana%20From%20Passenger%20Luggage&_s=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_75b47138b6892356b3673aaacdf8c6b2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.190.114.150 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
150.114.190.35.bc.googleusercontent.com
Software
/
Resource Hash
a18d6dc79720eb4b902a579156c409d85fd6f7dcd486ce3b9386b12c5ea2f3fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_75b47138b6892356b3673aaacdf8c6b2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.120.28.40 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.28.120.34.bc.googleusercontent.com
Software
/
Resource Hash
ca47dca50b91dd6ce400aa3264eeed5199646d3d87b9b627f5131c1740c72776

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_75b47138b6892356b3673aaacdf8c6b2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.120.232.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.232.120.34.bc.googleusercontent.com
Software
/
Resource Hash
2806dcb5468048c0feef0c94cbcd74d839aff5897f79ef4db82536ddc993cea6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:11 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
onsite-v2_cf4d7bb5ab0fde22ad6ae86f638f8246.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_cf4d7bb5ab0fde22ad6ae86f638f8246.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1ee26762e2224737d899a3a3ff533c0277943862e1183ee8ec5123875f5cb9ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 15:34:46 GMT
content-encoding
br
age
29365
x-guploader-uploadid
ADPycdsc4BC-nU20CSx3OFkdftCDncL1q8SkUWGt8ec5FSt8apnoBHshyO_Z_gjYxD8WF6dZobvj8rY9NveZ_WJ-rDzuNYlUBS1r
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5823
last-modified
Fri, 16 Jun 2023 16:59:29 GMT
server
UploadServer
etag
"08429fe3983810b5f6d237990c89af71"
x-goog-generation
1686934769551583
x-goog-hash
crc32c=KRSxYQ==, md5=CEKf45g4ELX20jeZDImvcQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
5823
accept-ranges
bytes
content-type
text/javascript
ads-v2_531e4f2ee859d37adbf3da39849c72a9.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		249 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_531e4f2ee859d37adbf3da39849c72a9.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b8d00c7ee9dcf7c3356ac8a3d1464442daf6699786098fc0e13301bc79678f53

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 16:56:58 GMT
content-encoding
br
age
24433
x-guploader-uploadid
ADPycdvnTvOnHDDcD-yPmwx8Ybi-RDIPNdH9Wbe7kGkUB4jmTQZnbdJ-oHpnzcIsoqsoIhT_5ww_lMhfwzIk8vben_D5PA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44996
last-modified
Fri, 16 Jun 2023 16:59:10 GMT
server
UploadServer
etag
"61c2373b78ae5ab68d40a0f75257387e"
x-goog-generation
1686934750906079
x-goog-hash
crc32c=3OqU0A==, md5=YcI3O3iuWraNQKD3Ulc4fg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
44996
accept-ranges
bytes
content-type
text/javascript
518.json
id5-sync.com/g/v2/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/518.json
Requested by
Host: simpleflying.com
URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
da216476827ca4cfdc94d7af2ecc97a11a7337edcbfe9430d379b0cf95f7089d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jun 2023 23:44:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simpleflying.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=5777a7a2-3679-dfdb-c0a3-35bce5f1aa76&tv=%7Bc:fQgjYO,time:2555,type:e,im:%7Bpci:%7Btdr:2133%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2555,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1065.2234.300.250,am:i,cc:1065.2234.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2548~0%5D,as:%5B2548~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:177,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2*.1362487-69631270%7C1g21%7C1g3%7C1h.1362487-69631272%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u%7C1v%7C1w,idMap:1g2.b596421c-1b45-81d6-5cb8-0b066de518a9.319_925113%7C1g2*,rmeas:1,rend:1,renddet:IMG.qs,siq:44,sis:1673%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=b596421c-1b45-81d6-5cb8-0b066de518a9&tv=%7Bc:fQgjYP,time:2561,type:e,im:%7Bpci:%7Btdr:603%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2561,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1599,wc:0.0.1600.1200,ac:1065.2234.300.250,am:i,cc:1065.2234.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B993~0%5D,as:%5B993~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:181,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2*.925113%7C1g21%7C1g22%7C1g23%7C1h.925113%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110%7C111%7C112%7C113%7C114%7C115%7C116,idMap:1g2.5777a7a2-3679-dfdb-c0a3-35bce5f1aa76.115_1362487-69631270%7C1g2*,rmeas:1,rend:1,renddet:IMG.qs,siq:1601,sis:2078%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=b596421c-1b45-81d6-5cb8-0b066de518a9&tv=%7Bc:fQgjYV,pingTime:-10,time:2567,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687045451485%7C%7Cba1e9493793f9a896811ecd52be98553%7C%7C8623b242deb4313525321dba17b62725%7C%7Cf4d9344212a76696ca09c5322035fd05%7C%7Cd65b51626554548e304137f0c22525ea%7C%7C1f66ecb14c5c97d91ff7562782a354ab%7C%7Cbcd7771bc77f5226435ad51161de05e7%7C%7Cf5c53ffc64ae437717ac888f135d8800%7C%7C1663701684,sca:%7Bspg:69baaad5-b56e-aea9-4734-b289c2738647%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v26/ Frame EF22 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v26/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:300,regular,600|Open+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 18:18:13 GMT
x-content-type-options
nosniff
age
365159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28600
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:59:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 18:18:13 GMT
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 14:21:14 GMT
content-encoding
gzip
age
33778
x-guploader-uploadid
ADPycduCx_c6kz5uuxuj9bk_CuhMcdGkJmS0lwHr7UY3_uCnZyiSDLL9kKeGz9LnThxKGYyDlFMvOVatvtWwi-3eUGlg7w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30848
last-modified
Fri, 16 Jun 2023 16:59:04 GMT
server
UploadServer
etag
"d94f9f78b9b3ada5b3b27acdb42b16b1"
vary
Accept-Encoding
x-goog-generation
1686934744523845
x-goog-hash
crc32c=SmGnEA==, md5=2U+feLmzraWzsnrNtCsWsQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
30848
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 4770 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
50928
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
gzip
content-length
1073
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 09:35:24 GMT
etag
"4eb6ea79d8db800cfc93e8d6ab4f9253"
last-modified
Fri, 16 Jun 2023 16:59:02 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1686934742836041
x-goog-hash
crc32c=TR6suA== md5=TrbqedjbgAz8k+jWq0+SUw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1073
x-guploader-uploadid
ADPycdvjQu6mnPnxnY09c3PoE5YUKNcVAR3lAM197UhEl18tfnoBNYNbRCNt74vNm286Vfmp3KiZASgnmT7mPJShi5xKn5OoBOB_
usync.html
eus.rubiconproject.com/ Frame CC85
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:12 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 17 Jun 2023 23:44:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
setuid
u.4dex.io/ Frame F1EE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1687045452030.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26u...
  • https://u.4dex.io/setuid?bidder=33across&us_privacy=1---&uid=212187997041863
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=33across&us_privacy=1---&uid=212187997041863
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&us_privacy=1---&uid=212187997041863
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F1EE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=qvw6C54pW5dT0Uyo7jdufSaEdkc&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F1EE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1687045452030.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=1&external_user_id=d895648e-4544-4600-8aa4-c61d989f4bad
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=1&external_user_id=d895648e-4544-4600-8aa4-c61d989f4bad
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 17 Jun 2023 23:44:12 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x53 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=1&external_user_id=d895648e-4544-4600-8aa4-c61d989f4bad
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jun 2023 23:44:11 GMT
match
events-ssc.33across.com/ Frame F1EE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-tX_fCyhE2uHfjvCU.KQC9zujitxOwE.A~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-tX_fCyhE2uHfjvCU.KQC9zujitxOwE.A%7EA&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-tX_fCyhE2uHfjvCU.KQC9zujitxOwE.A%7EA&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-tX_fCyhE2uHfjvCU.KQC9zujitxOwE.A%7EA&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F1EE
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=7acc145311b01066&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAF03RTt7LZaQNTXzfSAAAAAAA&expiration=1687131852&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF03RTt7LZaQNTXzfSAAAAAAA&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF03RTt7LZaQNTXzfSAAAAAAA&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF03RTt7LZaQNTXzfSAAAAAAA&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F1EE
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=4090118527531875369328
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4090118527531875369328&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4090118527531875369328&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&us_privacy=1---&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26us_privacy%3D1---%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4090118527531875369328&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJ2YWxuZXQiLCJ1cmwiOiJodHRwczovL3NpbXBsZWZseWluZy5jb20vdHdvLXVuaXRlZC1haXJsaW5lcy1lbXBsb3llZXMtY2hhcmdpbmctc3RlYWxpbmctbWFyaWp1YW5hLXBhc3Nlbmdlci1sdWdnYWdlLyIsImFkVW5pdCI6Ii8zOTM2Mzc3NS9TaW1wbGVGbHlpbmcvQXJ0aWNsZV9JbkNvbnRlbnRfRGVza3RvcF8xIiwiYWRTZXJ2ZXJEZXRhaWxzIjp7ImFkdmVydGlzZXJJZCI6Ijc4MDY5NDk1IiwiY2FtcGFpZ25JZCI6IjMxODQyODE1NTMiLCJjcmVhdGl2ZUlkIjoiMTM4NDM1MTQwNjAxIiwibGluZWl0ZW1JZCI6IjYyNzAzNDM2NjIiLCJhZFNlcnZlciI6ImRmcCIsInlpZWxkR3JvdXBJZHMiOls4MDA0Nl19LCJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwLCJ3diI6IjEuMC4wK2UwOWYxMGYiLCJidiI6ImJsLTI1NWJiMGEtMjE1ZDQ1MGY7Yi1lMDlmMTBmLWQ5M2Q0M2JmIiwibWV0YSI6eyJibGFja2xpc3RTdGF0dXMiOnsibG9hZGVkIjp0cnVlLCJjb3VudCI6MTA4NCwiZmlyc3RJdGVtIjp7InQiOiJjcmVhdGl2ZSAzMjM2MDM2OCIsInIiOjAuMSwiYSI6MTB9fSwiYmxvY2tlZEluZm8iOnsicmVmcmVzaGVkQ291bnQiOjAsImJsb2NrZWRDb3VudCI6MH0sImFkUmVzb3VyY2VzIjp7ImFkSWZyYW1lcyI6WyJodHRwczovL3NzdW0tc2VjLmNhc2FsZW1lZGlhLmNvbS91c2VybWF0Y2g%2FaXhfdW09MSZjYj1odHRwcyUzQSUyRiUyRmpzLXNlYy5pbmRleHd3LmNvbSUyRmh0JTJGaHR3LXBpeGVsLmdpZiUzRiZzPTE4NDkxNSZ1c19wcml2YWN5PSZnZHByX2NvbnNlbnQ9JmdkcHI9MCZncHA9JmdwcF9zaWQ9Il0sImFkSW1hZ2VzIjpbIjxpbWcgc3JjPVwiaHR0cHM6Ly9zdGF0aWMuYWRzYWZlcHJvdGVjdGVkLmNvbS9JQVNfUGFzc2JhY2tBZHNfNzI4eDkwLnBuZ1wiIHdpZHRoPVwiNzI4XCIgaGVpZ2h0PVwiOTBcIj4iXX0sInBsUmF0aW8iOjAuMDEsIklBQkNvbnNlbnRTdHJpbmciOnsidGNmYXBpIjpbeyJjbXBJZCI6OSwiY21wVmVyc2lvbiI6NCwiZ2RwckFwcGxpZXMiOmZhbHNlLCJ0Y2ZQb2xpY3lWZXJzaW9uIjoyLCJldmVudFN0YXR1cyI6InRjbG9hZGVkIiwiY21wU3RhdHVzIjoibG9hZGVkIiwibGlzdGVuZXJJZCI6bnVsbH1dLCJ1c3BhcGkiOlt7InZlcnNpb24iOjEsInVzcFN0cmluZyI6IjEtLS0ifV19fSwidGFnTWFya3VwIjoiPGh0bWw%2BPGhlYWQ%2BXG4gICAgPG1ldGEgY2hhcnNldD1cIlVURi04XCI%2BXG4gICAgPHRpdGxlPlNhZmVGcmFtZSBDb250YWluZXI8L3RpdGxlPlxuICAgIDxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiLy90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NvZGFyL1VGWXdXd210LmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdD5cbihmdW5jdGlvbigpey8qXG5cbiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLlxuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wXG4qL1xudmFyIGY9dGhpc3x8c2VsZixoPWZ1bmN0aW9uKGEpe3JldHVybiBhfTt2YXIgbj1mdW5jdGlvbihhLGIpe3RoaXMuaD1hPT09bCYmYnx8XCJcIjt0aGlzLmc9bX0scD1mdW5jdGlvbihhKXtyZXR1cm4gYSBpbnN0YW5jZW9mIG4mJmEuY29uc3RydWN0b3I9PT1uJiZhLmc9PT1tP2EuaDpcInR5cGVfZXJyb3I6Q29uc3RcIn0sbT17fSxsPXt9O3ZhciByPXZvaWQgMDsvKlxuXG4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjBcbiovXG52YXIgdCxhYT1mdW5jdGlvbigpe2lmKHZvaWQgMD09PXQpe3ZhciBhPW51bGwsYj1mLnRydXN0ZWRUeXBlcztpZihiJiZiLmNyZWF0ZVBvbGljeSl7dHJ5e2E9Yi5jcmVhdGVQb2xpY3koXCJnb29nI2h0bWxcIix7Y3JlYXRlSFRNTDpoLGNyZWF0ZVNjcmlwdDpoLGNyZWF0ZVNjcmlwdFVSTDpofSl9Y2F0Y2goYyl7Zi5jb25zb2xlJiZmLmNvbnNvbGUuZXJyb3IoYy5tZXNzYWdlKX10PWF9ZWxzZSB0PWF9cmV0dXJuIHR9O3ZhciBjYT1mdW5jdGlvbihhKXt0aGlzLmc9YmE9PT1iYT9hOlwiXCJ9O2NhLnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiB0aGlzLmcrXCJcIn07dmFyIGJhPXt9LGRhPWZ1bmN0aW9uKGEpe3ZhciBiPWFhKCk7YT1iP2IuY3JlYXRlU2NyaXB0VVJMKGEpOmE7cmV0dXJuIG5ldyBjYShhKX07dmFyIGVhPXt9LHU9ZnVuY3Rpb24oYSxiKXt0aGlzLmc9Yj09PWVhP2E6XCJcIn07dS5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5nLnRvU3RyaW5nKCl9O3ZhciBoYT1mdW5jdGlvbigpe3ZhciBhPXYsYj17bWVzc2FnZTpmYSh2KX07dmFyIGM9dm9pZCAwPT09Yz97fTpjO3RoaXMuZXJyb3I9YTt0aGlzLmNvbnRleHQ9Yi5jb250ZXh0O3RoaXMubXNnPWIubWVzc2FnZXx8XCJcIjt0aGlzLmlkPWIuaWR8fFwianNlcnJvclwiO3RoaXMubWV0YT1jfTt2YXIgdz1mdW5jdGlvbihhKXt3W1wiIFwiXShhKTtyZXR1cm4gYX07d1tcIiBcIl09ZnVuY3Rpb24oKXt9O3ZhciBpYT1SZWdFeHAoXCJeKD86KFteOi8%2FIy5dKyk6KT8oPzovLyg%2FOihbXlxcXFxcXFxcLz8jXSopQCk%2FKFteXFxcXFxcXFwvPyNdKj8pKD86OihbMC05XSspKT8oPz1bXFxcXFxcXFwvPyNdfCQpKT8oW14%2FI10rKT8oPzpcXFxcPyhbXiNdKikpPyg%2FOiMoW1xcXFxzXFxcXFNdKikpPyRcIik7dmFyIGphPWZ1bmN0aW9uKGEsYil7aWYoYSlmb3IodmFyIGMgaW4gYSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxjKSYmYihhW2NdLGMsYSl9O3ZhciBrYT1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKSxtYT1mdW5jdGlvbigpe3ZhciBhPWxhO3RoaXMuZz14O3RoaXMuaD1hfSxuYT1mdW5jdGlvbihhLGIpe3RoaXMudXJsPWE7dGhpcy5qPSEhYjt0aGlzLmRlcHRoPW51bGx9O2Z1bmN0aW9uIG9hKGEpe2YuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwoZi5nb29nbGVfaW1hZ2VfcmVxdWVzdHM9W10pO3ZhciBiPWYuZG9jdW1lbnQ7Yj12b2lkIDA9PT1iP2RvY3VtZW50OmI7Yj1iLmNyZWF0ZUVsZW1lbnQoXCJpbWdcIik7Yi5zcmM9YTtmLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cy5wdXNoKGIpfTt2YXIgeT1mdW5jdGlvbigpe3RoaXMuaT1cIiZcIjt0aGlzLmg9e307dGhpcy5vPTA7dGhpcy5nPVtdfSx6PWZ1bmN0aW9uKGEsYil7dmFyIGM9e307Y1thXT1iO3JldHVybltjXX0scWE9ZnVuY3Rpb24oYSxiLGMsZCxlKXt2YXIgaz1bXTtqYShhLGZ1bmN0aW9uKGcsQSl7KGc9cGEoZyxiLGMsZCxlKSkmJmsucHVzaChBK1wiPVwiK2cpfSk7cmV0dXJuIGsuam9pbihiKX0scGE9ZnVuY3Rpb24oYSxiLGMsZCxlKXtpZihudWxsPT1hKXJldHVyblwiXCI7Yj1ifHxcIiZcIjtjPWN8fFwiLCRcIjtcInN0cmluZ1wiPT10eXBlb2YgYyYmKGM9Yy5zcGxpdChcIlwiKSk7aWYoYSBpbnN0YW5jZW9mIEFycmF5KXtpZihkPWR8fDAsZDxjLmxlbmd0aCl7Zm9yKHZhciBrPVtdLGc9MDtnPGEubGVuZ3RoO2crKylrLnB1c2gocGEoYVtnXSxiLGMsZCsxLGUpKTtyZXR1cm4gay5qb2luKGNbZF0pfX1lbHNlIGlmKFwib2JqZWN0XCI9PXR5cGVvZiBhKXJldHVybiBlPWV8fDAsMj5lP2VuY29kZVVSSUNvbXBvbmVudChxYShhLGIsYyxkLGUrMSkpOlwiLi4uXCI7cmV0dXJuIGVuY29kZVVSSUNvbXBvbmVudChTdHJpbmcoYSkpfSxzYT1mdW5jdGlvbihhKXt2YXIgYj1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ%2FaWQ9anNlcnJvciZcIixjPXJhKGEpLTI3O2lmKDA%2BYylyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKHphLEFhKXtyZXR1cm4gemEtQWF9KTtmb3IodmFyIGQ9bnVsbCxlPVwiXCIsaz0wO2s8YS5nLmxlbmd0aDtrKyspZm9yKHZhciBnPWEuZ1trXSxBPWEuaFtnXSxPPTA7TzxBLmxlbmd0aDtPKyspe2lmKCFjKXtkPW51bGw9PWQ%2FZzpkO2JyZWFrfXZhciBxPXFhKEFbT10sYS5pLFwiLCRcIik7aWYocSl7cT1lK3E7aWYoYz49cS5sZW5ndGgpe2MtPXEubGVuZ3RoO2IrPXE7ZT1hLmk7YnJlYWt9ZD1udWxsPT1kP2c6ZH19YT1cIlwiO251bGwhPWQmJihhPWUrXCJ0cm49XCIrZCk7cmV0dXJuIGIrYX0scmE9ZnVuY3Rpb24oYSl7dmFyIGI9MSxjO2ZvcihjIGluIGEuaCliPWMubGVuZ3RoPmI%2FYy5sZW5ndGg6YjtyZXR1cm4gMzk5Ny1iLWEuaS5sZW5ndGgtMX07dmFyIHRhPWZ1bmN0aW9uKGEpe2lmKC4wMT5NYXRoLnJhbmRvbSgpKXRyeXtpZihhIGluc3RhbmNlb2YgeSl2YXIgYj1hO2Vsc2UgYj1uZXcgeSxqYShhLGZ1bmN0aW9uKGQsZSl7dmFyIGs9YixnPWsubysrO2Q9eihlLGQpO2suZy5wdXNoKGcpO2suaFtnXT1kfSk7dmFyIGM9c2EoYik7YyYmb2EoYyl9Y2F0Y2goZCl7fX07dmFyIGZhPWZ1bmN0aW9uKGEpe3ZhciBiPWEudG9TdHJpbmcoKTthLm5hbWUmJi0xPT1iLmluZGV4T2YoYS5uYW1lKSYmKGIrPVwiOiBcIithLm5hbWUpO2EubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihhLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2EubWVzc2FnZSk7aWYoYS5zdGFjayl7YT1hLnN0YWNrO3ZhciBjPWI7dHJ5ey0xPT1hLmluZGV4T2YoYykmJihhPWMrXCJcXG5cIithKTtmb3IodmFyIGQ7YSE9ZDspZD1hLGE9YS5yZXBsYWNlKFJlZ0V4cChcIigoaHR0cHM%2FOi8uLiovKVteLzpdKjpcXFxcZCsoPzoufFxcbikqKVxcXFwyXCIpLFwiJDFcIik7Yj1hLnJlcGxhY2UoUmVnRXhwKFwiXFxuICpcIixcImdcIiksXCJcXG5cIil9Y2F0Y2goZSl7Yj1jfX1yZXR1cm4gYn07KHt9KVszXT1kYShwKG5ldyBuKGwsXCJodHRwczovL3MwLjJtZG4ubmV0L2Fkcy9yaWNobWVkaWEvc3R1ZGlvL211L3RlbXBsYXRlcy9oaWZpL2hpZmkuanNcIikpKTsoe30pWzNdPWRhKHAobmV3IG4obCxcImh0dHBzOi8vczAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW9fY2FuYXJ5L211L3RlbXBsYXRlcy9oaWZpL2hpZmlfY2FuYXJ5LmpzXCIpKSk7dmFyIHVhPS9eKFteO10rKTsoXFxkKyk7KFtcXHNcXFNdKikkLzt2YXIgdmE9L14oW2EtejAtOV0oW2EtejAtOS1dezAsNjF9W2EtejAtOV0pP1xcLnNhZmVmcmFtZVxcLmdvb2dsZXN5bmRpY2F0aW9uXFwuY29tfHRwY1xcLmdvb2dsZXN5bmRpY2F0aW9uXFwuY29tfHNlY3VyZWZyYW1lXFwuZG91YmxlY2xpY2tcXC5uZXR8W2EtejAtOV0oW2EtejAtOS1dezAsNjF9W2EtejAtOV0pP1xcLnNhZmVmcmFtZVxcLnVzZXJjb250ZW50XFwuZ29vZykkLyx3YT0vXihwYWdlYWQyXFwuZ29vZ2xlc3luZGljYXRpb25cXC5jb218Z29vZ2xlYWRzXFwuZ1xcLmRvdWJsZWNsaWNrXFwubmV0KSQvO3ZhciB4YT1mdW5jdGlvbihhKXtyZXR1cm4gZnVuY3Rpb24oYil7dmFyIGM9YS5ob3N0bmFtZSxkPXZhLnRlc3QoYyl8fHdhLnRlc3QoYyk7Yz1bY107dmFyIGU9cjtyPXZvaWQgMDtpZighZCl7aWYoZSl0aHJvdyBFcnJvcihlKCkpO2lmKGMmJjA8Yy5sZW5ndGgpdGhyb3cgRXJyb3IoXCJbXCIrYy5tYXAoU3RyaW5nKS5qb2luKFwiLFwiKStcIl1cIik7dGhyb3cgRXJyb3IoU3RyaW5nKGQpKTt9Yj0oZD1hYSgpKT9kLmNyZWF0ZUhUTUwoYik6YjtyZXR1cm4gbmV3IHUoYixlYSl9fShsb2NhdGlvbik7aWYod2luZG93Lm5hbWUpdHJ5e3ZhciBCLHlhPXdpbmRvdy5uYW1lLEM9dWEuZXhlYyh5YSk7aWYobnVsbD09PUMpdGhyb3cgRXJyb3IoXCJDYW5ub3QgcGFyc2Ugc2VyaWFsaXplZCBkYXRhLiBcIit5YS5zdWJzdHJpbmcoMCw1MCkpO3ZhciBEPStDWzJdLEU9Q1szXTtpZihEPkUubGVuZ3RoKXRocm93IEVycm9yKFwiUGFyc2VkIGNvbnRlbnQgc2l6ZSBkb2Vzbid0IG1hdGNoLiBcIitEK1wiOlwiK0UubGVuZ3RoKTtCPXttOkNbMV0sY29udGVudDpFLnN1YnN0cigwLEQpLGw6RS5zdWJzdHIoRCl9O3ZhciBGPUpTT04ucGFyc2UoQi5sKTt3aW5kb3cubmFtZT1cIlwiO3ZhciBCYT1CLmNvbnRlbnQ7Ri5nb29nX3NhZmVmcmFtZV9obHQmJihmLmdvb2dfc2FmZWZyYW1lX2hsdD1GLmdvb2dfc2FmZWZyYW1lX2hsdCk7Ri5fY2&i=1-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
SpFebZ-VRTS1p84jzm3Sylrml9B0qvKJj26ZQRRnUDJBsVh1oKHK-g==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=9udGV4dCYmKGYuQU1QX0NPTlRFWFRfREFUQT1GLl9jb250ZXh0KTtmLnNmXz17djpCLm0sY2ZnOkZ9O2RvY3VtZW50Lm9wZW4oXCJ0ZXh0L2h0bWxcIixcInJlcGxhY2VcIik7dmFyIEc9eGEoQmEpO2RvY3VtZW50LndyaXRlKEcgaW5zdGFuY2VvZiB1JiZHLmNvbnN0cnVjdG9yPT09dT9HLmc6XCJ0eXBlX2Vycm9yOlNhZmVIdG1sXCIpO2RvY3VtZW50LmNsb3NlKCk7Zi5zZl8mJih3aW5kb3cubmFtZT1cIlwiKX1jYXRjaChhKXt2YXIgdj1hLEg7dHJ5e3ZhciBJPW5ldyB5O0kuZy5wdXNoKDEpO0kuaFsxXT16KFwiY29udGV4dFwiLDUwNyk7di5lcnJvciYmdi5tZXRhJiZ2LmlkfHwodj1uZXcgaGEpO2lmKHYubXNnKXt2YXIgQ2E9di5tc2cuc3Vic3RyaW5nKDAsNTEyKTtJLmcucHVzaCgyKTtJLmhbMl09eihcIm1zZ1wiLENhKX12YXIgRGE9W3YubWV0YXx8e31dO0kuZy5wdXNoKDMpO0kuaFszXT1EYTt2YXIgSj1mLEs9W10sTCxNPW51bGwsTjtkb3tOPUo7dmFyIFA7dHJ5e3ZhciBRO2lmKFE9ISFOJiZudWxsIT1OLmxvY2F0aW9uLmhyZWYpYjp7dHJ5e3coTi5mb28pO1E9ITA7YnJlYWsgYn1jYXRjaChiKXt9UT0hMX1QPVF9Y2F0Y2goYil7UD0hMX1QPyhMPU4ubG9jYXRpb24uaHJlZixNPU4uZG9jdW1lbnQmJk4uZG9jdW1lbnQucmVmZXJyZXJ8fG51bGwpOihMPU0sTT1udWxsKTtLLnB1c2gobmV3IG5hKEx8fFwiXCIpKTt0cnl7Sj1OLnBhcmVudH1jYXRjaChiKXtKPW51bGx9fXdoaWxlKEomJk4hPUopO2Zvcih2YXIgUj0wLEVhPUsubGVuZ3RoLTE7Ujw9RWE7KytSKUtbUl0uZGVwdGg9RWEtUjtOPWY7aWYoTi5sb2NhdGlvbiYmTi5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMmJk4ubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zLmxlbmd0aD09Sy5sZW5ndGgtMSlmb3IodmFyIFM9MTtTPEsubGVuZ3RoOysrUyl7dmFyIFQ9S1tTXTtULnVybHx8KFQudXJsPU4ubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW1MtMV18fFwiXCIsVC5qPSEwKX1mb3IodmFyIHg9bmV3IG5hKGYubG9jYXRpb24uaHJlZiwhMSksRmE9bnVsbCxVPUsubGVuZ3RoLTEsVj1VOzA8PVY7LS1WKXt2YXIgVz1LW1ZdOyFGYSYma2EudGVzdChXLnVybCkmJihGYT1XKTtpZihXLnVybCYmIVcuail7eD1XO2JyZWFrfX12YXIgbGE9bnVsbCxHYT1LLmxlbmd0aCYmS1tVXS51cmw7MCE9eC5kZXB0aCYmR2EmJihsYT1LW1VdKTtIPW5ldyBtYTtpZihILmgpe3ZhciBIYT1ILmgudXJsfHxcIlwiO0kuZy5wdXNoKDQpO0kuaFs0XT16KFwidG9wXCIsSGEpfXZhciBJYT17dXJsOkguZy51cmx8fFwiXCJ9LFg7aWYoSC5nLnVybCl7dmFyIFk7WT1ILmcudXJsLm1hdGNoKGlhKTt2YXIgSmE9WVsxXSxLYT1ZWzNdLExhPVlbNF0sWj1cIlwiO0phJiYoWis9SmErXCI6XCIpO0thJiYoWis9XCIvL1wiLForPUthLExhJiYoWis9XCI6XCIrTGEpKTtYPVp9ZWxzZSBYPVwiXCI7dmFyIE1hPVtJYSx7dXJsOlh9XTtJLmcucHVzaCg1KTtJLmhbNV09TWE7dGEoSSl9Y2F0Y2goYil7dHJ5e3RhKHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6NTA3LG1zZzpmYShiKSx1cmw6SCYmSC5nLnVybH0pfWNhdGNoKGMpe319fTt9KS5jYWxsKHRoaXMpO1xuICAgIDwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vdmFsbmV0L2JsLTI1NWJiMGEtMjE1ZDQ1MGYuanNcIiB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS92YWxuZXQvYi1lMDlmMTBmLWQ5M2Q0M2JmLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQ%2BdmFyIGQ9ZGVjb2RlVVJJQ29tcG9uZW50KFwiJTdCJTIyc2l0ZUlkJTIyJTNBJTIydmFsbmV0JTIyJTJDJTIyd3YlMjIlM0ElMjIxLjAuMCUyQmUwOWYxMGYlMjIlMkMlMjJibHYlMjIlM0ElMjJibC0yNTViYjBhLTIxNWQ0NTBmJTIyJTJDJTIyYnYlMjIlM0ElMjJiLWUwOWYxMGYtZDkzZDQzYmYlMjIlMkMlMjJ0b3BEb21haW4lMjIlM0ElMjJodHRwcyUzQSUyRiUyRnNpbXBsZWZseWluZy5jb20lMkZ0d28tdW5pdGVkLWFpcmxpbmVzLWVtcGxveWVlcy1jaGFyZ2luZy1zdGVhbGluZy1tYXJpanVhbmEtcGFzc2VuZ2VyLWx1Z2dhZ2UlMkYlMjIlMkMlMjJjdXJyZW50VGFnSWQlMjIlM0ElMjJhZGx0YWdfbGowbmF1NmFfMG9FQUQyMEkxOUwlMjIlMkMlMjJhdSUyMiUzQSUyMiUyRjM5MzYzNzc1JTJGU2ltcGxlRmx5aW5nJTJGQXJ0aWNsZV9JbkNvbnRlbnRfRGVza3RvcF8xJTIyJTJDJTIyc2xvdEVsZW1lbnRJZCUyMiUzQSUyMmFkc25pbmphLWFkLXVuaXQtY29ubmVjdGVkQmVsb3dBZC01ZjQ1YTZjYzEzZDMyOCUyMiUyQyUyMnJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJibG9ja2VkQ291bnQlMjIlM0EwJTJDJTIyYWRTZXJ2ZXJEZXRhaWxzJTIyJTNBJTdCJTIyYWR2ZXJ0aXNlcklkJTIyJTNBJTIyNzgwNjk0OTUlMjIlMkMlMjJjYW1wYWlnbklkJTIyJTNBJTIyMzE4NDI4MTU1MyUyMiUyQyUyMmNyZWF0aXZlSWQlMjIlM0ElMjIxMzg0MzUxNDA2MDElMjIlMkMlMjJsaW5laXRlbUlkJTIyJTNBJTIyNjI3MDM0MzY2MiUyMiUyQyUyMmFkU2VydmVyJTIyJTNBJTIyZGZwJTIyJTJDJTIyeWllbGRHcm91cElkcyUyMiUzQSU1QjgwMDQ2JTVEJTdEJTJDJTIydyUyMiUzQTcyOCUyQyUyMmglMjIlM0E5MCUyQyUyMklBQkNvbnNlbnRTdHJpbmclMjIlM0ElN0IlMjJ0Y2ZhcGklMjIlM0ElNUIlN0IlMjJjbXBJZCUyMiUzQTklMkMlMjJjbXBWZXJzaW9uJTIyJTNBNCUyQyUyMmdkcHJBcHBsaWVzJTIyJTNBZmFsc2UlMkMlMjJ0Y2ZQb2xpY3lWZXJzaW9uJTIyJTNBMiUyQyUyMmV2ZW50U3RhdHVzJTIyJTNBJTIydGNsb2FkZWQlMjIlMkMlMjJjbXBTdGF0dXMlMjIlM0ElMjJsb2FkZWQlMjIlMkMlMjJsaXN0ZW5lcklkJTIyJTNBbnVsbCU3RCU1RCUyQyUyMnVzcGFwaSUyMiUzQSU1QiU3QiUyMnZlcnNpb24lMjIlM0ExJTJDJTIydXNwU3RyaW5nJTIyJTNBJTIyMS0tLSUyMiU3RCU1RCU3RCUyQyUyMnNhZmVGcmFtZUtleSUyMiUzQSUyMjg4MDgwMzYzJTIyJTdEXCIpO3dpbmRvd1tcIjU0NDkwMzZfdmFsbmV0XCJdPXt9O3dpbmRvd1tcIjU0NDkwMzZfdmFsbmV0XCJdLnRhZ0RldGFpbHM9SlNPTi5wYXJzZShkKTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiNTQ0OTAzNl92YWxuZXRcIiwgXCI8IS0tQURMX1dSQVBQRUQtLT5cIiwgZmFsc2UsIHdpbmRvdywge30pOzwvc2NyaXB0PjxzY3JpcHQ%2BdmFyIGpzY1ZlcnNpb24gPSAncjIwMjMwNjE0Jzs8L3NjcmlwdD48c2NyaXB0PnZhciBnb29nbGVfY2FzbT1bXTs8L3NjcmlwdD48bWV0YSBodHRwLWVxdWl2PVwib3JpZ2luLXRyaWFsXCIgY29udGVudD1cIkEzdktUOXl4UlBqbVhOM0RwSWl6NThmNUp5a2NXSGpVby9XN2h2bXRqZ2g5alBwUWdlbTlWYkFEaU5vdkc4TmtPNm1SbWs3MEtleDgvS1VxQVlXVldBRUFBQUNMZXlKdmNtbG5hVzRpT2lKb2RIUndjem92TDJkdmIyZHNaWE41Ym1ScFkyRjBhVzl1TG1OdmJUbzBORE1pTENKbVpXRjBkWEpsSWpvaVVISnBkbUZqZVZOaGJtUmliM2hCWkhOQlVFbHpJaXdpWlhod2FYSjVJam94TmprMU1UWTNPVGs1TENKcGMxTjFZbVJ2YldGcGJpSTZkSEoxWlN3aWFYTlVhR2x5WkZCaGNuUjVJanAwY25WbGZRPT1cIj48bWV0YSBodHRwLWVxdWl2PVwib3JpZ2luLXRyaWFsXCIgY29udGVudD1cIkEvNmhtd3g4RHBIdWQ2MTNmU1lZYTJDMlQ2MWlDNTEzVjRCWUcvcEJINHpzNXNHc1VjOVJnYVBLaGZrM0poSEYzME4vOS9ObnRXekVxMjhra3JNeHBnUUFBQUJ3ZXlKdmNtbG5hVzRpT2lKb2RIUndjem92TDJGa0xtUnZkV0pzWldOc2FXTnJMbTVsZERvME5ETWlMQ0ptWldGMGRYSmxJam9pVUdWdVpHbHVaMEpsWVdOdmJrRlFTU0lzSW1WNGNHbHllU0k2TVRZM09ESXpNelU1T1N3aWFYTlVhR2x5WkZCaGNuUjVJanAwY25WbGZRPT1cIj48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3N0YXRpYy5hZHNhZmVwcm90ZWN0ZWQuY29tL21haW4uMTkuOC40MTcuanNcIj48L3NjcmlwdD48bWV0YSBodHRwLWVxdWl2PVwib3JpZ2luLXRyaWFsXCIgY29udGVudD1cIkEvNmhtd3g4RHBIdWQ2MTNmU1lZYTJDMlQ2MWlDNTEzVjRCWUcvcEJINHpzNXNHc1VjOVJnYVBLaGZrM0poSEYzME4vOS9ObnRXekVxMjhra3JNeHBnUUFBQUJ3ZXlKdmNtbG5hVzRpT2lKb2RIUndjem92TDJGa0xtUnZkV0pzWldOc2FXTnJMbTVsZERvME5ETWlMQ0ptWldGMGRYSmxJam9pVUdWdVpHbHVaMEpsWVdOdmJrRlFTU0lzSW1WNGNHbHllU0k2TVRZM09ESXpNelU1T1N3aWFYTlVhR2x5WkZCaGNuUjVJanAwY25WbGZRPT1cIj48L2hlYWQ%2BPGJvZHkgbGVmdG1hcmdpbj1cIjBcIiB0b3BtYXJnaW49XCIwXCIgbWFyZ2lud2lkdGg9XCIwXCIgbWFyZ2luaGVpZ2h0PVwiMFwiIGRhdGEtaW50ZWdyYWxhcy1pZC02OWJhYWFkNS1iNTZlLWFlYTktNDczNC1iMjg5YzI3Mzg2NDc9XCJcIiBkYXRhLWludGVncmFsYXMtaWQtMTM0Y2MzOTktMmQwZC1iYzI2LTY4ZjYtYWNkZGMwMjg4ODg5PVwiXCI%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdzZXJ2aWNlcy5jb20vYWN0aXZldmlldy9qcy9jdXJyZW50L3J4X2xpZGFyLmpzP2NhY2hlPXIyMDExMDkxNFwiPjwvc2NyaXB0PjxzY3JpcHQ%2Bd2luZG93LmRpY25mID0ge307PC9zY3JpcHQ%2BPHNjcmlwdCBkYXRhLWpjPVwiNDJcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyMzA2MTRcIiBkYXRhLWpjLWZsYWdzPVwiWyZxdW90O3glMjc4NDQ2JzllZm90bSgmYW1wOzIwMDY3Oz44JmFtcDs%2BYGRvcGIvJTwxNzMyMjYxIT18dnFjKSE3MjAxMDYxPyc5ZWZvdG0oJmFtcDsyMDcyMzs%2BOiZhbXA7PmBkb3BifiZxdW90O11cIj4oZnVuY3Rpb24oKXsvKiAgQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gJ3VzZSBzdHJpY3QnO3ZhciByPXRoaXN8fHNlbGY7dmFyIHYsdzthOntmb3IodmFyIGFhPVtcIkNMT1NVUkVfRkxBR1NcIl0seD1yLHk9MDt5PGFhLmxlbmd0aDt5KyspaWYoeD14W2FhW3ldXSxudWxsPT14KXt3PW51bGw7YnJlYWsgYX13PXh9dmFyIGJhPXcmJndbNjEwNDAxMzAxXTt2PW51bGwhPWJhP2JhOiExO3ZhciBEO2NvbnN0IGNhPXIubmF2aWdhdG9yO0Q9Y2E%2FY2EudXNlckFnZW50RGF0YXx8bnVsbDpudWxsO2Z1bmN0aW9uIEUoYSl7cmV0dXJuIHY%2FRD9ELmJyYW5kcy5zb21lKCh7YnJhbmQ6Yn0pPT5iJiYtMSE9Yi5pbmRleE9mKGEpKTohMTohMX1mdW5jdGlvbiBGKGEpe3ZhciBiO2E6e2lmKGI9ci5uYXZpZ2F0b3IpaWYoYj1iLnVzZXJBZ2VudClicmVhayBhO2I9XCJcIn1yZXR1cm4tMSE9Yi5pbmRleE9mKGEpfTtmdW5jdGlvbiBHKCl7cmV0dXJuIHY%2FISFEJiYwPEQuYnJhbmRzLmxlbmd0aDohMX1mdW5jdGlvbiBIKCl7cmV0dXJuIEcoKT9FKFwiQ2hyb21pdW1cIik6KEYoXCJDaHJvbWVcIil8fEYoXCJDcmlPU1wiKSkmJiEoRygpPzA6RihcIkVkZ2VcIikpfHxGKFwiU2lsa1wiKX07ZnVuY3Rpb24gZGEoYSl7ZGFbXCIgXCJdKGEpO3JldHVybiBhfWRhW1wiIFwiXT1mdW5jdGlvbigpe307IUYoXCJBbmRyb2lkXCIpfHxIKCk7SCgpO0YoXCJTYWZhcmlcIikmJihIKCl8fChHKCk%2FMDpGKFwiQ29hc3RcIikpfHwoRygpPzA6RihcIk9wZXJhXCIpKXx8KEcoKT8wOkYoXCJFZGdlXCIpKXx8KEcoKT9FKFwiTWljcm9zb2Z0IEVkZ2VcIik6RihcIkVkZy9cIikpfHxHKCkmJkUoXCJPcGVyYVwiKSk7dmFyIGVhPXt9LEk9bnVsbDtjb25zdCBLPVN5bWJvbCgpO2Z1bmN0aW9uIGZhKGEpe2NvbnN0IGI9YVtLXXwwOzEhPT0oYiYxKSYmKE9iamVjdC5pc0Zyb3plbihhKSYmKGE9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYSkpLGFbS109YnwxKX1mdW5jdGlvbiBoYSgpe3ZhciBhPVtdO2FbS118PTE7cmV0dXJuIGF9ZnVuY3Rpb24gaW&i=2-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
_rJdfM9eQRbTFZQY_q2AdDoQfzk_3DGakSl6NoVMAbLYJLsvupo1FA==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=EoYSl7YT1hPj4xMCYxMDIzO3JldHVybiAwPT09YT81MzY4NzA5MTI6YX07dmFyIGphPXt9O2Z1bmN0aW9uIEwoYSl7cmV0dXJuIG51bGwhPT1hJiZcIm9iamVjdFwiPT09dHlwZW9mIGEmJiFBcnJheS5pc0FycmF5KGEpJiZhLmNvbnN0cnVjdG9yPT09T2JqZWN0fWxldCBrYTt2YXIgTTtjb25zdCBsYT1bXTtsYVtLXT0yMztNPU9iamVjdC5mcmVlemUobGEpO2Z1bmN0aW9uIE4oYSxiLGMpe2NvbnN0IGQ9YS5qLGU9ZFtLXTtpZihlJjIpdGhyb3cgRXJyb3IoKTtvYShkLGUsYixjKTtyZXR1cm4gYX1mdW5jdGlvbiBvYShhLGIsYyxkKXt2YXIgZT1pYShiKTtpZihjPj1lKXtsZXQgZj1iO2lmKGImMTI4KWU9YVthLmxlbmd0aC0xXTtlbHNle2lmKG51bGw9PWQpcmV0dXJuO2U9YVtlKygoYj4%2BOCYxKS0xKV09e307Znw9MTI4fWVbY109ZDtmJj0tNTEzO2YhPT1iJiYoYVtLXT1mKX1lbHNlIGFbYysoKGI%2BPjgmMSktMSldPWQsYiYxMjgmJihkPWFbYS5sZW5ndGgtMV0sYyBpbiBkJiZkZWxldGUgZFtjXSksYiY1MTImJihhW0tdPWImLTUxMyl9O2xldCBwYTtmdW5jdGlvbiBxYShhLGIpe3JldHVybiByYShiKX1mdW5jdGlvbiByYShhKXtzd2l0Y2godHlwZW9mIGEpe2Nhc2UgXCJudW1iZXJcIjpyZXR1cm4gaXNGaW5pdGUoYSk%2FYTpTdHJpbmcoYSk7Y2FzZSBcImJvb2xlYW5cIjpyZXR1cm4gYT8xOjA7Y2FzZSBcIm9iamVjdFwiOmlmKGEmJiFBcnJheS5pc0FycmF5KGEpJiZudWxsIT1hJiZhIGluc3RhbmNlb2YgVWludDhBcnJheSl7bGV0IGI9XCJcIixjPTA7Y29uc3QgZD1hLmxlbmd0aC0xMDI0MDtmb3IoO2M8ZDspYis9U3RyaW5nLmZyb21DaGFyQ29kZS5hcHBseShudWxsLGEuc3ViYXJyYXkoYyxjKz0xMDI0MCkpO2IrPVN0cmluZy5mcm9tQ2hhckNvZGUuYXBwbHkobnVsbCxjP2Euc3ViYXJyYXkoYyk6YSk7cmV0dXJuIGJ0b2EoYil9fXJldHVybiBhfTtmdW5jdGlvbiBzYShhLGIsYyxkLGUsZil7aWYobnVsbCE9YSl7aWYoQXJyYXkuaXNBcnJheShhKSlhPWUmJjA9PWEubGVuZ3RoJiYoYVtLXXwwKSYxP3ZvaWQgMDpmJiYoYVtLXXwwKSYyP2E6dGEoYSxiLGMsdm9pZCAwIT09ZCxlLGYpO2Vsc2UgaWYoTChhKSl7Y29uc3QgZz17fTtmb3IobGV0IGwgaW4gYSlnW2xdPXNhKGFbbF0sYixjLGQsZSxmKTthPWd9ZWxzZSBhPWIoYSxkKTtyZXR1cm4gYX19ZnVuY3Rpb24gdGEoYSxiLGMsZCxlLGYpe2NvbnN0IGc9ZHx8Yz9hW0tdfDA6MDtkPWQ%2FISEoZyYxNik6dm9pZCAwO2E9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYSk7Zm9yKGxldCBsPTA7bDxhLmxlbmd0aDtsKyspYVtsXT1zYShhW2xdLGIsYyxkLGUsZik7YyYmYyhnLGEpO3JldHVybiBhfWZ1bmN0aW9uIHVhKGEpe3JldHVybiBhLnY9PT1qYT9hLnRvSlNPTigpOnJhKGEpfTt2YXIgTz1jbGFzc3tjb25zdHJ1Y3Rvcigpe3ZhciBhO251bGw9PWEmJihhPXBhKTtwYT12b2lkIDA7aWYobnVsbD09YSl7dmFyIGI9NDg7YT1bXX1lbHNle2lmKCFBcnJheS5pc0FycmF5KGEpKXRocm93IEVycm9yKCk7Yj1hW0tdfDMyfXRoaXMuaj1hO3ZhciBjPWEsZD1jLmxlbmd0aDtpZihkKXt2YXIgZT1kLTEsZj1jW2VdO2lmKEwoZikpe2J8PTEyODtkPShiPj44JjEpLTE7ZS09ZDtpZigxMDI0PD1lKXtlPTEwMjMrZDtjb25zdCBnPWMubGVuZ3RoO2ZvcihsZXQgbD1lO2w8ZztsKyspe2NvbnN0IGg9Y1tsXTtudWxsIT1oJiZoIT09ZiYmKGZbbC1kXT1oKX1jLmxlbmd0aD1lKzE7Y1tlXT1mO2U9MTAyM31iPWImLTEwNDc1NTN8KGUmMTAyMyk8PDEwfX1hW0tdPWJ9dG9KU09OKCl7aWYoa2EpdmFyIGE9dmEodGhpcyx0aGlzLmosITEpO2Vsc2UgYT10YSh0aGlzLmosdWEsdm9pZCAwLHZvaWQgMCwhMSwhMSksYT12YSh0aGlzLGEsITApO3JldHVybiBhfX07IE8ucHJvdG90eXBlLnY9amE7Ty5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdmEodGhpcyx0aGlzLmosITEpLnRvU3RyaW5nKCl9OyBmdW5jdGlvbiB2YShhLGIsYyl7Y29uc3QgZD1hLmNvbnN0cnVjdG9yLkE7dmFyIGU9aWEoKGM%2FYS5qOmIpW0tdKTtpZihkKXtpZighYyl7Yj1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChiKTt2YXIgZjtpZihiLmxlbmd0aCYmTChmPWJbYi5sZW5ndGgtMV0pKWZvcih2YXIgZz0wO2c8ZC5sZW5ndGg7ZysrKWlmKGRbZ10%2BPWUpe09iamVjdC5hc3NpZ24oYltiLmxlbmd0aC0xXT17fSxmKTticmVha319ZT1iO2M9IWM7Zj1hLmpbS107YT1pYShmKTtmPShmPj44JjEpLTE7bGV0IGs7Zm9yKGc9MDtnPGQubGVuZ3RoO2crKyl7dmFyIGw9ZFtnXTtpZihsPGEpe2wrPWY7dmFyIGg9ZVtsXTtudWxsPT1oP2VbbF09Yz9NOmhhKCk6YyYmaCE9PU0mJmZhKGgpfWVsc2V7aWYoIWspe2xldCBtO2UubGVuZ3RoJiZMKG09ZVtlLmxlbmd0aC0xXSk%2Faz1tOmUucHVzaChrPXt9KX1oPWtbbF07bnVsbD09a1tsXT9rW2xdPWM%2FTTpoYSgpOmMmJmghPT1NJiZmYShoKX19fXJldHVybiBifTt2YXIgUD1jbGFzc3tjb25zdHJ1Y3RvcihhLGI9ITEpe3RoaXMua2V5PWE7dGhpcy5kZWZhdWx0VmFsdWU9Yjt0aGlzLnZhbHVlVHlwZT1cImJvb2xlYW5cIn19O3ZhciB3YT1uZXcgUChcIjQ1MzY4MjU5XCIpLHhhPW5ldyBQKFwiNDUzNTcxNTZcIiwhMCkseWE9bmV3IFAoXCI0NTM1MDg5MFwiKSx6YT1uZXcgUChcIjQ1NDE0ODkyXCIpO3ZhciBRPShhLGIpPT5cIiZhZHVybD1cIj09YS5zdWJzdHJpbmcoYS5sZW5ndGgtNyk%2FYS5zdWJzdHJpbmcoMCxhLmxlbmd0aC03KStiK1wiJmFkdXJsPVwiOmErYjtmdW5jdGlvbiBBYShhLGIsYyl7YS5hZGRFdmVudExpc3RlbmVyJiZhLmFkZEV2ZW50TGlzdGVuZXIoYixjLCExKX07dmFyIEJhPVJlZ0V4cChcIl4oPzooW146Lz8jLl0rKTopPyg%2FOi8vKD86KFteXFxcXFxcXFwvPyNdKilAKT8oW15cXFxcXFxcXC8%2FI10qPykoPzo6KFswLTldKykpPyg%2FPVtcXFxcXFxcXC8%2FI118JCkpPyhbXj8jXSspPyg%2FOlxcXFw%2FKFteI10qKSk%2FKD86IyhbXFxcXHNcXFxcU10qKSk%2FJFwiKTtmdW5jdGlvbiBDYShhLGIsYyxkKXtmb3IodmFyIGU9Yy5sZW5ndGg7MDw9KGI9YS5pbmRleE9mKGMsYikpJiZiPGQ7KXt2YXIgZj1hLmNoYXJDb2RlQXQoYi0xKTtpZigzOD09Znx8NjM9PWYpaWYoZj1hLmNoYXJDb2RlQXQoYitlKSwhZnx8NjE9PWZ8fDM4PT1mfHwzNT09ZilyZXR1cm4gYjtiKz1lKzF9cmV0dXJuLTF9dmFyIERhPS8jfCQvOyBmdW5jdGlvbiBFYShhKXt2YXIgYj1hLnNlYXJjaChEYSksYz1DYShhLDAsXCJhc2VcIixiKTtpZigwPmMpcmV0dXJuIG51bGw7dmFyIGQ9YS5pbmRleE9mKFwiJlwiLGMpO2lmKDA%2BZHx8ZD5iKWQ9YjtyZXR1cm4gZGVjb2RlVVJJQ29tcG9uZW50KGEuc2xpY2UoYys0LC0xIT09ZD9kOjApLnJlcGxhY2UoL1xcKy9nLFwiIFwiKSl9dmFyIEZhPS9bPyZdKCR8IykvOyBmdW5jdGlvbiBHYShhLGIpe2Zvcih2YXIgYz1hLnNlYXJjaChEYSksZD0wLGUsZj1bXTswPD0oZT1DYShhLGQsXCJuaXNcIixjKSk7KWYucHVzaChhLnN1YnN0cmluZyhkLGUpKSxkPU1hdGgubWluKGEuaW5kZXhPZihcIiZcIixlKSsxfHxjLGMpO2YucHVzaChhLnNsaWNlKGQpKTthPWYuam9pbihcIlwiKS5yZXBsYWNlKEZhLFwiJDFcIik7KGI9XCJuaXNcIisobnVsbCE9Yj9cIj1cIitlbmNvZGVVUklDb21wb25lbnQoU3RyaW5nKGIpKTpcIlwiKSk%2FKGM9YS5pbmRleE9mKFwiI1wiKSwwPmMmJihjPWEubGVuZ3RoKSxkPWEuaW5kZXhPZihcIj9cIiksMD5kfHxkPmM%2FKGQ9YyxlPVwiXCIpOmU9YS5zdWJzdHJpbmcoZCsxLGMpLGE9W2Euc2xpY2UoMCxkKSxlLGEuc2xpY2UoYyldLGM9YVsxXSxhWzFdPWI%2FYz9jK1wiJlwiK2I6YjpjLGI9YVswXSsoYVsxXT9cIj9cIithWzFdOlwiXCIpK2FbMl0pOmI9YTtyZXR1cm4gYn07ZnVuY3Rpb24gSGEoKXtpZighZ2xvYmFsVGhpcy5jcnlwdG8pcmV0dXJuIE1hdGgucmFuZG9tKCk7dHJ5e2NvbnN0IGE9bmV3IFVpbnQzMkFycmF5KDEpO2dsb2JhbFRoaXMuY3J5cHRvLmdldFJhbmRvbVZhbHVlcyhhKTtyZXR1cm4gYVswXS82NTUzNi82NTUzNn1jYXRjaHtyZXR1cm4gTWF0aC5yYW5kb20oKX19ZnVuY3Rpb24gSWEoYSxiKXtpZihhKWZvcihjb25zdCBjIGluIGEpT2JqZWN0LnByb3RvdHlwZS5oYXNPd25Qcm9wZXJ0eS5jYWxsKGEsYykmJmIoYVtjXSxjLGEpfWZ1bmN0aW9uIEphKGE9ZG9jdW1lbnQpe3JldHVybiBhLmNyZWF0ZUVsZW1lbnQoXCJpbWdcIil9O2Z1bmN0aW9uIEthKGEsYj1udWxsKXtMYShhLGIpfWZ1bmN0aW9uIExhKGEsYil7ci5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChyLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cz1bXSk7Y29uc3QgYz1KYShyLmRvY3VtZW50KTtpZihiKXtjb25zdCBkPWU9PntiJiZiKGUpO2MucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYy5yZW1vdmVFdmVudExpc3RlbmVyKFwibG9hZFwiLGQsITEpO2MucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYy5yZW1vdmVFdmVudExpc3RlbmVyKFwiZXJyb3JcIixkLCExKX07QWEoYyxcImxvYWRcIixkKTtBYShjLFwiZXJyb3JcIixkKX1jLnNyYz1hO3IuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzLnB1c2goYyl9O2xldCBNYT0wO2Z1bmN0aW9uIE5hKGEsYj1udWxsKXtyZXR1cm4gYiYmYi5nZXRBdHRyaWJ1dGUoXCJkYXRhLWpjXCIpPT09U3RyaW5nKGEpP2I6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcihgWyR7XCJkYXRhLWpjXCJ9PVwiJHthfVwiXWApfTtmdW5jdGlvbiBSKGEpe1NhfHwoU2E9bmV3IFRhKTtjb25zdCBiPVNhLmdbYS5rZXldO2lmKFwicHJvdG9cIj09PWEudmFsdWVUeXBlKXt0cnl7Y29uc3QgYz1KU09OLnBhcnNlKGIpO2lmKEFycmF5LmlzQXJyYXkoYykpcmV0dXJuIGN9Y2F0Y2goYyl7fXJldHVybiBhLmRlZmF1bHRWYWx1ZX1yZXR1cm4gdHlwZW9mIGI9PT10eXBlb2YgYS5kZWZhdWx0VmFsdWU%2FYjphLmRlZmF1bHRWYWx1ZX12YXIgVWE9Y2xhc3N7Y29uc3RydWN0b3IoKXt0aGlzLmc9e319fTt2YXIgVGE9Y2xhc3MgZXh0ZW5kcyBVYXtjb25zdHJ1Y3Rvcigpe3N1cGVyKCk7dmFyIGE9TmEoTWEsZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7YT1hJiZhLmdldEF0dHJpYnV0ZShcImRhdGEtamMtZmxhZ3NcIil8fFwiXCI7dHJ5e2NvbnN0IGI9SlNPTi5wYXJzZShhKVswXTthPVwiXCI7Zm9yKGxldCBjPTA7YzxiLmxlbmd0aDtjKyspYSs9U3RyaW5nLmZyb21DaGFyQ29kZShiLmNoYXJDb2RlQXQoYyleXCJcXHUwMDAzXFx1MDAwN1xcdTAwMDNcXHUwMDA3XFxiXFx1MDAwNFxcdTAwMDRcXHUwMDA2XFx1MDAwNVxcdTAwMDNcIi5jaGFyQ29kZUF0KGMlMTApKTt0aGlzLmc9SlNPTi5wYXJzZShhKX1jYXRjaChiKXt9fX0sU2E7Y2xhc3MgVmF7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmVycm9yPWE7dGhpcy5jb250ZXh0PWIuY29udGV4dDt0aGlzLm1zZz1iLm1lc3NhZ2V8fFwiXCI7dGhpcy5pZD1iLmlkfHxcImpzZXJyb3JcIjt0aGlzLm1ldGE9e319fTtjb25zdCBXYT1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKTt2YXIgWGE9Y2xhc3N7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn19LFlhPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy51cmw9YTt0aGlzLm89ISFiO3RoaXMuZGVwdGg9bnVsbH19O2Z1bmN0aW9uIFMoYSxiKXtjb25zdCBjPXt9O2NbYV09YjtyZXR1cm5bY119ZnVuY3Rpb24gWmEoYSxiLGMsZCxlKXtjb25zdCBmPVtdO0lhKGEsZnVuY3Rpb24oZyxsKXsoZz0kYShnLGIsYyxkLGUpKSYmZi5wdXNoKGwrXCI9XCIrZyl9KTtyZXR1cm4gZi5qb2luKGIpfSBmdW5jdGlvbiAkYShhLGIsYyxkLGUpe2lmKG51bGw9PWEpcmV0dXJuXCJcIjtiPWJ8fFwiJlwiO2M9Y3x8XCIsJFwiO1wic3RyaW5nXCI9PXR5cGVvZiBjJiYoYz1jLnNwbGl0KFwiXCIpKTtpZihhIGluc3RhbmNlb2YgQXJyYXkpe2lmKGQ9ZHx8MCxkPGMubGVuZ3RoKXtjb25zdCBmPVtdO2ZvcihsZXQgZz0wO2c8YS5sZW5ndGg7ZysrKWYucHVzaCgkYShhW2ddLGIs&i=3-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
4IzUYToHj3k_HH50mPY6YYTv3D0i0qPIlT2fMh3MVefaCp0HAph2mg==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=YyxkKzEsZSkpO3JldHVybiBmLmpvaW4oY1tkXSl9fWVsc2UgaWYoXCJvYmplY3RcIj09dHlwZW9mIGEpcmV0dXJuIGU9ZXx8MCwyPmU%2FZW5jb2RlVVJJQ29tcG9uZW50KFphKGEsYixjLGQsZSsxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9ZnVuY3Rpb24gYWIoYSl7bGV0IGI9MTtmb3IoY29uc3QgYyBpbiBhLmgpYj1jLmxlbmd0aD5iP2MubGVuZ3RoOmI7cmV0dXJuIDM5OTctYi1hLmkubGVuZ3RoLTF9IGZ1bmN0aW9uIGJiKGEsYil7bGV0IGM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tXCIrYixkPWFiKGEpLWIubGVuZ3RoO2lmKDA%2BZClyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKGYsZyl7cmV0dXJuIGYtZ30pO2I9bnVsbDtsZXQgZT1cIlwiO2ZvcihsZXQgZj0wO2Y8YS5nLmxlbmd0aDtmKyspe2NvbnN0IGc9YS5nW2ZdLGw9YS5oW2ddO2ZvcihsZXQgaD0wO2g8bC5sZW5ndGg7aCsrKXtpZighZCl7Yj1udWxsPT1iP2c6YjticmVha31sZXQgaz1aYShsW2hdLGEuaSxcIiwkXCIpO2lmKGspe2s9ZStrO2lmKGQ%2BPWsubGVuZ3RoKXtkLT1rLmxlbmd0aDtjKz1rO2U9YS5pO2JyZWFrfWI9bnVsbD09Yj9nOmJ9fX1hPVwiXCI7bnVsbCE9YiYmKGE9ZStcInRybj1cIitiKTtyZXR1cm4gYythfWNsYXNzIGNie2NvbnN0cnVjdG9yKCl7dGhpcy5pPVwiJlwiO3RoaXMuaD17fTt0aGlzLmw9MDt0aGlzLmc9W119fTtmdW5jdGlvbiBkYigpe3ZhciBhPVQsYj13aW5kb3cuZ29vZ2xlX3NydDswPD1iJiYxPj1iJiYoYS5nPWIpfWZ1bmN0aW9uIGViKGEsYixjLGQ9ITEsZSxmKXtpZigoZD9hLmc6TWF0aC5yYW5kb20oKSk8KGV8fC4wMSkpdHJ5e2xldCBnO2MgaW5zdGFuY2VvZiBjYj9nPWM6KGc9bmV3IGNiLElhKGMsKGgsayk9Pnt2YXIgbT1nO2NvbnN0IG49bS5sKys7aD1TKGssaCk7bS5nLnB1c2gobik7bS5oW25dPWh9KSk7Y29uc3QgbD1iYihnLFwiL3BhZ2VhZC9nZW5fMjA0P2lkPVwiK2IrXCImXCIpO2wmJihcInVuZGVmaW5lZFwiIT09dHlwZW9mIGY%2FS2EobCxmKTpLYShsKSl9Y2F0Y2goZyl7fX1jbGFzcyBmYntjb25zdHJ1Y3Rvcigpe3RoaXMuZz1NYXRoLnJhbmRvbSgpfX07bGV0IFU9bnVsbDtmdW5jdGlvbiBnYigpe2NvbnN0IGE9ci5wZXJmb3JtYW5jZTtyZXR1cm4gYSYmYS5ub3cmJmEudGltaW5nP01hdGguZmxvb3IoYS5ub3coKSthLnRpbWluZy5uYXZpZ2F0aW9uU3RhcnQpOkRhdGUubm93KCl9ZnVuY3Rpb24gaGIoKXtjb25zdCBhPXIucGVyZm9ybWFuY2U7cmV0dXJuIGEmJmEubm93P2Eubm93KCk6bnVsbH07Y2xhc3MgaWJ7Y29uc3RydWN0b3IoYSxiKXt2YXIgYz1oYigpfHxnYigpO3RoaXMubGFiZWw9YTt0aGlzLnR5cGU9Yjt0aGlzLnZhbHVlPWM7dGhpcy5kdXJhdGlvbj0wO3RoaXMudW5pcXVlSWQ9TWF0aC5yYW5kb20oKTt0aGlzLnRhc2tJZD10aGlzLnNsb3RJZD12b2lkIDB9fTtjb25zdCBXPXIucGVyZm9ybWFuY2UsamI9ISEoVyYmVy5tYXJrJiZXLm1lYXN1cmUmJlcuY2xlYXJNYXJrcyksWD1mdW5jdGlvbihhKXtsZXQgYj0hMSxjO3JldHVybiBmdW5jdGlvbigpe2J8fChjPWEoKSxiPSEwKTtyZXR1cm4gY319KCgpPT57dmFyIGE7aWYoYT1qYil7dmFyIGI7aWYobnVsbD09PVUpe1U9XCJcIjt0cnl7YT1cIlwiO3RyeXthPXIudG9wLmxvY2F0aW9uLmhhc2h9Y2F0Y2goYyl7YT1yLmxvY2F0aW9uLmhhc2h9YSYmKFU9KGI9YS5tYXRjaCgvXFxiZGVpZD0oW1xcZCxdKykvKSk%2FYlsxXTpcIlwiKX1jYXRjaChjKXt9fWI9VTthPSEhYi5pbmRleE9mJiYwPD1iLmluZGV4T2YoXCIxMzM3XCIpfXJldHVybiBhfSk7ZnVuY3Rpb24ga2IoYSl7YSYmVyYmWCgpJiYoVy5jbGVhck1hcmtzKGBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9zdGFydGApLFcuY2xlYXJNYXJrcyhgZ29vZ18ke2EubGFiZWx9XyR7YS51bmlxdWVJZH1fZW5kYCkpfSBjbGFzcyBsYntjb25zdHJ1Y3Rvcigpe3ZhciBhPXdpbmRvdzt0aGlzLmg9W107dGhpcy5pPWF8fHI7bGV0IGI9bnVsbDthJiYoYS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlPWEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZXx8W10sdGhpcy5oPWEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZSxiPWEuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nKTt0aGlzLmc9WCgpfHwobnVsbCE9Yj9iOjE%2BTWF0aC5yYW5kb20oKSl9c3RhcnQoYSxiKXtpZighdGhpcy5nKXJldHVybiBudWxsO2E9bmV3IGliKGEsYik7Yj1gZ29vZ18ke2EubGFiZWx9XyR7YS51bmlxdWVJZH1fc3RhcnRgO1cmJlgoKSYmVy5tYXJrKGIpO3JldHVybiBhfWVuZChhKXtpZih0aGlzLmcmJlwibnVtYmVyXCI9PT10eXBlb2YgYS52YWx1ZSl7YS5kdXJhdGlvbj0oaGIoKXx8Z2IoKSktYS52YWx1ZTt2YXIgYj1gZ29vZ18ke2EubGFiZWx9XyR7YS51bmlxdWVJZH1fZW5kYDtXJiZYKCkmJlcubWFyayhiKTshdGhpcy5nfHwyMDQ4PCB0aGlzLmgubGVuZ3RofHx0aGlzLmgucHVzaChhKX19fTtmdW5jdGlvbiBtYihhKXtsZXQgYj1hLnRvU3RyaW5nKCk7YS5uYW1lJiYtMT09Yi5pbmRleE9mKGEubmFtZSkmJihiKz1cIjogXCIrYS5uYW1lKTthLm1lc3NhZ2UmJi0xPT1iLmluZGV4T2YoYS5tZXNzYWdlKSYmKGIrPVwiOiBcIithLm1lc3NhZ2UpO2lmKGEuc3RhY2spe2E9YS5zdGFjazt2YXIgYz1iO3RyeXstMT09YS5pbmRleE9mKGMpJiYoYT1jK1wiXFxuXCIrYSk7bGV0IGQ7Zm9yKDthIT1kOylkPWEsYT1hLnJlcGxhY2UoUmVnRXhwKFwiKChodHRwcz86Ly4uKi8pW14vOl0qOlxcXFxkKyg%2FOi58XFxuKSopXFxcXDJcIiksXCIkMVwiKTtiPWEucmVwbGFjZShSZWdFeHAoXCJcXG4gKlwiLFwiZ1wiKSxcIlxcblwiKX1jYXRjaChkKXtiPWN9fXJldHVybiBifSBmdW5jdGlvbiBuYihhLGIsYyxkKXtsZXQgZSxmO3RyeXthLmcmJmEuZy5nPyhmPWEuZy5zdGFydChiLnRvU3RyaW5nKCksMyksZT1jKCksYS5nLmVuZChmKSk6ZT1jKCl9Y2F0Y2goZyl7Yz0hMDt0cnl7a2IoZiksYz1hLnUoYixuZXcgVmEoZyx7bWVzc2FnZTptYihnKX0pLHZvaWQgMCxkKX1jYXRjaChsKXthLmwoMjE3LGwpfWlmKGMpd2luZG93LmNvbnNvbGU%2FLmVycm9yPy4oZyk7ZWxzZSB0aHJvdyBnO31yZXR1cm4gZX1mdW5jdGlvbiBvYihhLGIsYyxkKXt2YXIgZT1ZO3JldHVybiguLi5mKT0%2BbmIoZSxhLCgpPT5iLmFwcGx5KGMsZiksZCl9IGNsYXNzIHBie2NvbnN0cnVjdG9yKGE9bnVsbCl7dGhpcy5zPVQ7dGhpcy5oPW51bGw7dGhpcy51PXRoaXMubDt0aGlzLmc9YTt0aGlzLmk9ITF9bChhLGIsYyxkLGUpe2U9ZXx8XCJqc2Vycm9yXCI7bGV0IGY7dHJ5e2NvbnN0IHo9bmV3IGNiO3ZhciBnPXo7Zy5nLnB1c2goMSk7Zy5oWzFdPVMoXCJjb250ZXh0XCIsYSk7Yi5lcnJvciYmYi5tZXRhJiZiLmlkfHwoYj1uZXcgVmEoYix7bWVzc2FnZTptYihiKX0pKTtpZihiLm1zZyl7Zz16O3ZhciBsPWIubXNnLnN1YnN0cmluZygwLDUxMik7Zy5nLnB1c2goMik7Zy5oWzJdPVMoXCJtc2dcIixsKX12YXIgaD1iLm1ldGF8fHt9O2I9aDtpZih0aGlzLmgpdHJ5e3RoaXMuaChiKX1jYXRjaChBKXt9aWYoZCl0cnl7ZChiKX1jYXRjaChBKXt9ZD16O2g9W2hdO2QuZy5wdXNoKDMpO2QuaFszXT1oO2Q9cjtoPVtdO2xldCBWO2I9bnVsbDtkb3t2YXIgaz1kO3RyeXt2YXIgbTtpZihtPSEhayYmbnVsbCE9ay5sb2NhdGlvbi5ocmVmKWI6e3RyeXtkYShrLmZvbyk7IG09ITA7YnJlYWsgYn1jYXRjaChBKXt9bT0hMX12YXIgbj1tfWNhdGNoe249ITF9bj8oVj1rLmxvY2F0aW9uLmhyZWYsYj1rLmRvY3VtZW50JiZrLmRvY3VtZW50LnJlZmVycmVyfHxudWxsKTooVj1iLGI9bnVsbCk7aC5wdXNoKG5ldyBZYShWfHxcIlwiKSk7dHJ5e2Q9ay5wYXJlbnR9Y2F0Y2goQSl7ZD1udWxsfX13aGlsZShkJiZrIT1kKTtmb3IobGV0IEE9MCxPYT1oLmxlbmd0aC0xO0E8PU9hOysrQSloW0FdLmRlcHRoPU9hLUE7az1yO2lmKGsubG9jYXRpb24mJmsubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zJiZrLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucy5sZW5ndGg9PWgubGVuZ3RoLTEpZm9yKG49MTtuPGgubGVuZ3RoOysrbil7dmFyIHE9aFtuXTtxLnVybHx8KHEudXJsPWsubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW24tMV18fFwiXCIscS5vPSEwKX12YXIgcD1oO2xldCBtYT1uZXcgWWEoci5sb2NhdGlvbi5ocmVmLCExKTtrPW51bGw7Y29uc3QgbmE9cC5sZW5ndGgtMTtmb3IocT0gbmE7MDw9cTstLXEpe3ZhciB0PXBbcV07IWsmJldhLnRlc3QodC51cmwpJiYoaz10KTtpZih0LnVybCYmIXQubyl7bWE9dDticmVha319dD1udWxsO2NvbnN0IHViPXAubGVuZ3RoJiZwW25hXS51cmw7MCE9bWEuZGVwdGgmJnViJiYodD1wW25hXSk7Zj1uZXcgWGEobWEsdCk7aWYoZi5oKXtwPXo7dmFyIHU9Zi5oLnVybHx8XCJcIjtwLmcucHVzaCg0KTtwLmhbNF09UyhcInRvcFwiLHUpfXZhciBCPXt1cmw6Zi5nLnVybHx8XCJcIn07aWYoZi5nLnVybCl7dmFyIEM9Zi5nLnVybC5tYXRjaChCYSksSj1DWzFdLFBhPUNbM10sUWE9Q1s0XTt1PVwiXCI7SiYmKHUrPUorXCI6XCIpO1BhJiYodSs9XCIvL1wiLHUrPVBhLFFhJiYodSs9XCI6XCIrUWEpKTt2YXIgUmE9dX1lbHNlIFJhPVwiXCI7Sj16O0I9W0Ise3VybDpSYX1dO0ouZy5wdXNoKDUpO0ouaFs1XT1CO2ViKHRoaXMucyxlLHosdGhpcy5pLGMpfWNhdGNoKHope3RyeXtlYih0aGlzLnMsZSx7Y29udGV4dDpcImVjbXNlcnJcIixyY3R4OmEsbXNnOm1iKHopLHVybDpmJiYgZi5nLnVybH0sdGhpcy5pLGMpfWNhdGNoKFYpe319cmV0dXJuITB9fTtjbGFzcyBxYnt9O2xldCBULFk7Y29uc3QgWj1uZXcgbGI7dmFyIHJiPSgpPT57d2luZG93Lmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZ3x8KFouZz0hMSxaLmghPVouaS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlJiYoWCgpJiZBcnJheS5wcm90b3R5cGUuZm9yRWFjaC5jYWxsKFouaCxrYix2b2lkIDApLFouaC5sZW5ndGg9MCkpfTsoYT0%2Be1Q9YT8%2FbmV3IGZiO1wibnVtYmVyXCIhPT10eXBlb2Ygd2luZG93Lmdvb2dsZV9zcnQmJih3aW5kb3cuZ29vZ2xlX3NydD1NYXRoLnJhbmRvbSgpKTtkYigpO1k9bmV3IHBiKFopO1kuaD1iPT57dmFyIGM9TWE7MCE9PWMmJihiLmpjPVN0cmluZyhjKSxjPShjPU5hKGMsZG9jdW1lbnQuY3VycmVudFNjcmlwdCkpJiZjLmdldEF0dHJpYnV0ZShcImRhdGEtamMtdmVyc2lvblwiKXx8XCJ1bmtub3duXCIsYi5zaHY9Yyl9O1kuaT0hMDtcImNvbXBsZXRlXCI9PXdpbmRvdy5kb2N1bWVudC5yZWFkeVN0YXRlP3JiKCk6Wi5nJiZBYSh3aW5kb3csXCJsb2FkXCIsKCk9PntyYigpfSl9KSgpOyB2YXIgc2I9KGEsYixjLGQpPT5vYihhLGIsYyxkKSx0Yj0oYSxiLGMsZCk9Pnt2YXIgZT1xYjt2YXIgZj1cIm1cIjtlLm0mJmUuaGFzT3duUHJvcGVydHkoZil8fChmPW5ldyBlLGUubT1mKTtlPVtdOyFiLmVpZCYmZS5sZW5ndGgmJihiLmVpZD1lLnRvU3RyaW5nKCkpO2ViKFQsYSxiLCEwLGMsZCl9O2Z1bmN0aW9uIHZiKCl7Y29uc3QgYT13aW5kb3c7aWYoYS5nbWFTZGt8fGEud2Via2l0Py5tZXNzYWdlSGFuZGxlcnM%2FLmdldEdtYVZpZXdTaWduYWxzKXJldHVybiBhO3RyeXtjb25zdCBiPXdpbmRvdy5wYXJlbnQ7aWYoYi5nbWFTZGt8fGIud2Via2l0Py5tZXNzYWdlSGFuZGxlcnM%2FLmdldEdtYVZpZXdTaWduYWxzKXJldHVybiBifWNhdGNoKGIpe31yZXR1cm4gbnVsbH0gZnVuY3Rpb24gd2IoYSxiPXt9LGM9KCk9Pnt9LGQ9KCk9Pnt9LGU9MjAwLGYsZyl7Y29uc3QgbD1TdHJpbmcoTWF0aC5mbG9vcigyMTQ3NDgzNjQ3KkhhKCkpKTtsZXQgaD0wO2NvbnN0IGs9bT0%2Be3RyeXtjb25zdCBuPVwib2JqZWN0XCI9PT10eXBlb2YgbS5kYXRhP20uZGF0YTpKU09OLnBhcnNlKG0uZGF0YSk7bD09PW4ucGF3X2lkJiYod2luZG93LmNsZWFyVGltZW91dChoKSx3aW5kb3cucmVtb3ZlRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIixrKSxuLnNpZ25hbD9jKG4uc2lnbmFsKTpuLmVycm9yJiZkKG4uZXJyb3IpKX1jYXRjaChu&i=4-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
bClXednTJZHtnk0iI6g7rNXYGIvCvvEGZBGNvtg7AKHfdq8G5d_DvQ==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=KXtnKFwicGF3X3NpZ3NcIix7bXNnOlwicG9zdG1lc3NhZ2VFcnJvclwiLGVycjpuIGluc3RhbmNlb2YgRXJyb3I%2Fbi5tZXNzYWdlOlwibm9uRXJyb3JcIixkYXRhOm51bGw9PW0uZGF0YT9cIm51bGxcIjo1MDA8bS5kYXRhLmxlbmd0aD9tLmRhdGEuc3Vic3RyaW5nKDAsNTAwKTptLmRhdGF9KX19O3dpbmRvdy5hZGRFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLG09PntmKDkwMywgKCk9PntrKG0pfSkoKX0pO2EucG9zdE1lc3NhZ2Uoe3Bhd19pZDpsLC4uLmJ9KTtoPXdpbmRvdy5zZXRUaW1lb3V0KCgpPT57d2luZG93LnJlbW92ZUV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsayk7ZChcIlBBVyBHTUEgcG9zdG1lc3NhZ2UgdGltZWQgb3V0LlwiKX0sZSl9O2Z1bmN0aW9uIHhiKGE9ZG9jdW1lbnQpe3JldHVybiEhYS5mZWF0dXJlUG9saWN5Py5hbGxvd2VkRmVhdHVyZXMoKS5pbmNsdWRlcyhcImF0dHJpYnV0aW9uLXJlcG9ydGluZ1wiKX07dmFyIHliPWNsYXNzIGV4dGVuZHMgT3t9O2Z1bmN0aW9uIHpiKGEsYil7cmV0dXJuIE4oYSwyLGIpfWZ1bmN0aW9uIEFiKGEsYil7cmV0dXJuIE4oYSwzLGIpfWZ1bmN0aW9uIEJiKGEsYil7cmV0dXJuIE4oYSw0LGIpfWZ1bmN0aW9uIENiKGEsYil7cmV0dXJuIE4oYSw1LGIpfWZ1bmN0aW9uIERiKGEsYil7cmV0dXJuIE4oYSw5LGIpfWZ1bmN0aW9uIEViKGEsYil7dmFyIGM9YjtiPWEuajtjb25zdCBkPWJbS107aWYoZCYyKXRocm93IEVycm9yKCk7aWYobnVsbCE9Yyl7dmFyIGU9ISFjLmxlbmd0aDtmb3IodmFyIGY9MDtmPGMubGVuZ3RoO2YrKyl7dmFyIGc9Y1tmXTtlPWUmJiEoKGcualtLXXwwKSYyKX1mPWNbS118MDtnPWZ8MTtlPShlP2d8ODpnJi05KXw0O2UhPWYmJihPYmplY3QuaXNGcm96ZW4oYykmJihjPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGMpKSxjW0tdPWUpfW51bGw9PWMmJihjPXZvaWQgMCk7b2EoYixkLDEwLGMpO3JldHVybiBhfSBmdW5jdGlvbiBGYihhLGIpe3JldHVybiBOKGEsMTEsbnVsbD09Yj9iOiEhYil9ZnVuY3Rpb24gR2IoYSxiKXtyZXR1cm4gTihhLDEsYil9ZnVuY3Rpb24gSGIoYSxiKXtyZXR1cm4gTihhLDcsbnVsbD09Yj9iOiEhYil9dmFyIEliPWNsYXNzIGV4dGVuZHMgT3t9O0liLkE9WzEwLDZdO2NvbnN0IEpiPVwicGxhdGZvcm0gcGxhdGZvcm1WZXJzaW9uIGFyY2hpdGVjdHVyZSBtb2RlbCB1YUZ1bGxWZXJzaW9uIGJpdG5lc3MgZnVsbFZlcnNpb25MaXN0IHdvdzY0XCIuc3BsaXQoXCIgXCIpO2Z1bmN0aW9uIEtiKCl7dmFyIGE9d2luZG93O2lmKFwiZnVuY3Rpb25cIiE9PXR5cGVvZiBhLm5hdmlnYXRvcj8udXNlckFnZW50RGF0YT8uZ2V0SGlnaEVudHJvcHlWYWx1ZXMpcmV0dXJuIG51bGw7Y29uc3QgYj1hLmdvb2dsZV90YWdfZGF0YT8%2FKGEuZ29vZ2xlX3RhZ19kYXRhPXt9KTtpZihiLnVhY2hfcHJvbWlzZSlyZXR1cm4gYi51YWNoX3Byb21pc2U7YT1hLm5hdmlnYXRvci51c2VyQWdlbnREYXRhLmdldEhpZ2hFbnRyb3B5VmFsdWVzKEpiKS50aGVuKGM9PntiLnVhY2g%2FPyhiLnVhY2g9Yyk7cmV0dXJuIGN9KTtyZXR1cm4gYi51YWNoX3Byb21pc2U9YX0gZnVuY3Rpb24gTGIoYSl7cmV0dXJuIEZiKEViKENiKHpiKEdiKEJiKEhiKERiKEFiKG5ldyBJYixhLmFyY2hpdGVjdHVyZXx8XCJcIiksYS5iaXRuZXNzfHxcIlwiKSxhLm1vYmlsZXx8ITEpLGEubW9kZWx8fFwiXCIpLGEucGxhdGZvcm18fFwiXCIpLGEucGxhdGZvcm1WZXJzaW9ufHxcIlwiKSxhLnVhRnVsbFZlcnNpb258fFwiXCIpLGEuZnVsbFZlcnNpb25MaXN0Py5tYXAoYj0%2Be3ZhciBjPW5ldyB5YjtjPU4oYywxLGIuYnJhbmQpO3JldHVybiBOKGMsMixiLnZlcnNpb24pfSl8fFtdKSxhLndvdzY0fHwhMSl9ZnVuY3Rpb24gTWIoKXtyZXR1cm4gS2IoKT8udGhlbihhPT5MYihhKSk%2FP251bGx9O2NsYXNzIE5ie2NvbnN0cnVjdG9yKCl7dGhpcy5wcm9taXNlPW5ldyBQcm9taXNlKGE9Pnt0aGlzLmc9YX0pfX07d2luZG93LnZpZXdSZXE9W107ZnVuY3Rpb24gT2IoYSxiKXtiPyhiPUphKCksYi5zcmM9YS5yZXBsYWNlKFwiJmFtcDtcIixcIiZcIiksYi5hdHRyaWJ1dGlvblNyYz1cIlwiLHdpbmRvdy52aWV3UmVxLnB1c2goYikpOihiPW5ldyBJbWFnZSxiLnNyYz1hLnJlcGxhY2UoXCImYW1wO1wiLFwiJlwiKSx3aW5kb3cudmlld1JlcS5wdXNoKGIpKX0gZnVuY3Rpb24gUGIoYSxiKXtjb25zdCBjPXtrZWVwYWxpdmU6ITAsY3JlZGVudGlhbHM6XCJpbmNsdWRlXCIscmVkaXJlY3Q6XCJmb2xsb3dcIixtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifTtiJiYoYy5tb2RlPVwiY29yc1wiLFwic2V0QXR0cmlidXRpb25SZXBvcnRpbmdcImluIFhNTEh0dHBSZXF1ZXN0LnByb3RvdHlwZT9jLmF0dHJpYnV0aW9uUmVwb3J0aW5nPXtldmVudFNvdXJjZUVsaWdpYmxlOlwidHJ1ZVwiLHRyaWdnZXJFbGlnaWJsZTpcImZhbHNlXCJ9OmMuaGVhZGVycz17XCJBdHRyaWJ1dGlvbi1SZXBvcnRpbmctRWxpZ2libGVcIjpcImV2ZW50LXNvdXJjZVwifSk7ZmV0Y2goYSxjKS5jYXRjaCgoKT0%2Be09iKGEsYil9KX1mdW5jdGlvbiBRYihhLGIpe3dpbmRvdy5mZXRjaD9QYihhLGIpOk9iKGEsYil9TWE9NDI7IHdpbmRvdy52dT1hPT57dmFyIGI9Uih4YSl8fFIoemEpO2NvbnN0IGM9dmIoKTtpZihiJiZjPy5nbWFTZGs%2FLmdldFZpZXdTaWduYWxzKXt2YXIgZD1jLmdtYVNkay5nZXRWaWV3U2lnbmFscygpO2QmJiFSKHphKSYmKGE9UShhLFwiJm1zPVwiK2QpKX1SKHdhKSYmXCJfX2dvb2dsZV9saWRhcl9yYWRmX1wiaW4gd2luZG93JiYoYT1RKGEsXCImYXZyYWRmPTFcIikpO2NvbnN0IGU9W107ZD0oKT0%2Be2NvbnN0IGc9bmV3IE5iO2UucHVzaChnLnByb21pc2UpO3JldHVybiBnLmd9O2lmKFIoeWEpKXtjb25zdCBnPU1iKCk7aWYobnVsbCE9Zyl7Y29uc3QgbD1kKCk7Zy50aGVuKGg9PnthOntrYT0hMDt0cnl7dmFyIGs9SlNPTi5zdHJpbmdpZnkoaC50b0pTT04oKSxxYSk7YnJlYWsgYX1maW5hbGx5e2thPSExfWs9dm9pZCAwfWg9W107Zm9yKHZhciBtPTAsbj0wO248ay5sZW5ndGg7bisrKXt2YXIgcT1rLmNoYXJDb2RlQXQobik7MjU1PHEmJihoW20rK109cSYyNTUscT4%2BPTgpO2hbbSsrXT1xfWs9Mzsgdm9pZCAwPT09ayYmKGs9MCk7aWYoIUkpZm9yKEk9e30sbT1cIkFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5XCIuc3BsaXQoXCJcIiksbj1bXCIrLz1cIixcIisvXCIsXCItXz1cIixcIi1fLlwiLFwiLV9cIl0scT0wOzU%2BcTtxKyspe3ZhciBwPW0uY29uY2F0KG5bcV0uc3BsaXQoXCJcIikpO2VhW3FdPXA7Zm9yKHZhciB0PTA7dDxwLmxlbmd0aDt0Kyspe3ZhciB1PXBbdF07dm9pZCAwPT09SVt1XSYmKElbdV09dCl9fWs9ZWFba107bT1BcnJheShNYXRoLmZsb29yKGgubGVuZ3RoLzMpKTtuPWtbNjRdfHxcIlwiO2ZvcihxPXA9MDtwPGgubGVuZ3RoLTI7cCs9Myl7dmFyIEI9aFtwXSxDPWhbcCsxXTt1PWhbcCsyXTt0PWtbQj4%2BMl07Qj1rWyhCJjMpPDw0fEM%2BPjRdO0M9a1soQyYxNSk8PDJ8dT4%2BNl07dT1rW3UmNjNdO21bcSsrXT10K0IrQyt1fXQ9MDt1PW47c3dpdGNoKGgubGVuZ3RoLXApe2Nhc2UgMjp0PWhbcCsxXSx1PWtbKHQmMTUpPDwyXXx8IG47Y2FzZSAxOmg9aFtwXSxtW3FdPWtbaD4%2BMl0ra1soaCYzKTw8NHx0Pj40XSt1K259aD1tLmpvaW4oXCJcIik7MDxoLmxlbmd0aCYmKGE9UShhLFwiJnVhY2g9XCIraCkpO2woKX0pfX1pZihiJiZjPy53ZWJraXQ%2FLm1lc3NhZ2VIYW5kbGVycz8uZ2V0R21hVmlld1NpZ25hbHMpe2NvbnN0IGc9ZCgpO3diKGMud2Via2l0Lm1lc3NhZ2VIYW5kbGVycy5nZXRHbWFWaWV3U2lnbmFscyx7fSxsPT57Uih6YSl8fChhPVEoYSxcIiZcIitsKSk7ZygpfSwoKT0%2Be2coKX0sMjAwLHNiLHRiKX1jb25zdCBmPUVhKGEpPT09KDIpLnRvU3RyaW5nKCk7ZiYmKGI9eGIod2luZG93LmRvY3VtZW50KT82OjUsYT1HYShhLGIpKTswPGUubGVuZ3RoP1Byb21pc2UuYWxsKGUpLnRoZW4oKCk9PntRYihhLGYpfSk6UWIoYSxmKX07fSkuY2FsbCh0aGlzKTs8L3NjcmlwdD48c2NyaXB0PnZ1KFwiaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haVxceDNkQ0laNTFSa1dPWkpESUlmaUFvUE1QMGRTNXFBcWVvYUd1WEtINTZQNmZBOENOdHdFUUFTQUFZTW1HZ0lEY284UVFnZ0VYWTJFdGNIVmlMVEUzTURVeE9UVTFOemt4TXpVMk56VElBUW5nQWdDb0F3R3FCTzBDVDlDOEVwV2s2ek9BaW82RExWUV9IMXNoX285a0Z1OC1KMWI5T2ZYbGhXY0ZGNVFMd3Z5MlNUeGhWWmNGa24xSW5LUEVSb25VV2kxZzBFTDJ0VzJrR0x0WGVqNDlxYzVWRlpNU0NndF9YT1Fxdzdtb2plSlNMbWZvd0ZSNzBaclJtYVlEeURnSFNqRzR2V0hlT1ZoLUFfUlVOZFdUT2U0SWtwaG1rcGZxVFVUaDNwenMxcUoyUzNlZ1M1aEV5bDRVdTdNaTNueWdpekVRNG9GRkRzbHJpb0xHSlJGc2dkRGU2X0kwU25wYlRmM1VEWFY1UE1USnJuV190QjN4amFjUHZ5TmpkRHpwWmZFMzFDV0NFTEJMQWNKSTkzenY4dzJmdTVoMVduS3pNWTlDbG80UXVMbnQtekVwdGU0NE53VlJtNXdLQk1mQmJoREJ4R09KenZHNkRMQjZQWWR6cHA0WlpZMXpGQkZjMlc4Z2hTLVY4djVNOC1Wc0M4cEtlNGY2NWw2Nm50Q1E2SlNBMS15cHdUbUZLTnBnRlNQU1NISm5qSXBVVmtkcWdfRUdWMWRXY2NlNVpodk04MzVkZHRlcDA1UXBfUC1GNVJfRm02RFhHaV9aSlZqSlhRRlFpM0lSZzZ5NlBDbmdCQUdBQnV6RnlzdUw3ZWpWWTZBR0lhZ0hwcjRicUFlVzJCdW9CNnFic1FLb0I0T3RzUUtvQl8tZXNRS29COS1mc1FMWUJ3RFNDQTBJZ0dFUUFUSUNpZ0k2QW9CQWdBb0QtZ3NDQ0FHQURBSFFGUUdBRndHeUZ4d0tHaElVY0hWaUxURTNNRFV4T1RVMU56a3hNelUyTnpRWTE2Z1dcXHgyNnNpZ2hcXHgzZFFQQVBkUEg1c3ZZXFx4MjZ1YWNoX21cXHgzZFtVQUNIXVxceDI2Y2lkXFx4M2RDQVFTUEFCeWdRaURpdWQyT0g3R0JCWkJTeHNCQ2wtX3p3Mks3VDFRcXF0UG15YklRYnBuOHo5YWFXSXFWLUo2NDhmeWxuTEs2TFdBNVRCSlcyZVp0eGdCXCIpPC9zY3JpcHQ%2BPGRpdiBjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdJbm5lckNvbnRhaW5lclwiIHN0eWxlPVwibGVmdDowcHg7dG9wOjBweDt3aWR0aDoxMDAlO2hlaWdodDoxMDAlO3Bvc2l0aW9uOmZpeGVkO3BvaW50ZXItZXZlbnRzOm5vbmU7ei1pbmRleDotOTk5OTtcIj48L2Rpdj48ZGl2IHN0eWxlPVwiZGlzcGxheTppbmxpbmVcIiBjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdFbGVtZW50XCIgZGF0YS1nb29nbGUtYXYtY3huPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzc0d5aVlvLTFmMGpfT2ZKeE9TcDlDczdSSnJPd0k4am15aWlzcVlBVnJmWnhlVjVwaTFfSXdEU25VTlBXek1pc2VpcXd6cUdVSF9tUnFfSTJaVW4ySGh6dnlxJmFtcDtzaWc9Q2cwQXJLSlN6QUpDZW9wMGltVnFFQUVcIiBkYXRhLWdvb2dsZS1hdi1hZGs9XCI0NDE4Nzg0MDFcIiBkYXRhLWdvb2dsZS1hdi1tZXRhZGF0YT1cImxhPTAmYW1wO3hkaT0wJmFtcDtcIiBkYXRhLWdvb2dsZS1hdi11ZnMtaW50ZWdyYXRvci1tZXRhZGF0YT1cIkVyd0JDclVCYUhSMGNITTZMeTl3WVdkbFlXUXlMbWR2YjJkc1pYTjVibVJwWTJGMGFXOXVMbU52YlM5d1kzTXZZV04wYVhabGRtbGxkejk0WVdrOVFVdEJUMnB6YzBkNWFWbHZMVEZtTUdwZlQyWktlRTlUY0RsRGN6ZFNTbkpQZDBrNGFtMTVhV2x6Y1ZsQlZuSm1XbmhsVmpWd2FURmZTWGRFVTI1VlRsQlhlazFwYzJWcGNYZDZjVWRWU0Y5dFVuRmZTVEphVlc0eVNHaDZkbmx4Sm5OcFp6MURaekJCY2t0S1UzcEJTa05sYjNBd2FXMVdjVVZCUlJJQUdnQVwiIGRhdGEtZ29vZ2xlLWF2LW92ZXJyaWRlPVwiLTFcIiBkYXRhLWdvb2dsZS1hdi1kbT1cIjJcIiBkYXRhLWdvb2dsZS1hdi1haWQ9XCIwXCIgZGF0YS1nb29nbGUtYXYtbmFpZD1cIjFcIiBkYXRhLWdvb2dsZS1hdi1zbGlmdD1cIlwiIGRhdGEtZ29vZ2&i=5-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
y2pr99zC_tlPHBUOMiODbvqrc6K20GuOHIUk97RQ-ejXQgs6iF649Q==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=xlLWF2LWNwbWF2PVwiXCIgZGF0YS1nb29nbGUtYXYtYnRyPVwiXCIgZGF0YS1nb29nbGUtYXYtaXRwbD1cIjIwXCIgZGF0YS1nb29nbGUtYXYtcnM9XCI0XCIgZGF0YS1nb29nbGUtYXYtZmxhZ3M9XCJbJnF1b3Q7eCUyNzg0NDAnOWVmb3RtKCZhbXA7NzUzMzc0JTJiZWp2Zi8lMjc4NDQ%2BJzl3dXZiJCZhbXA7NTY1MzM%2BIT18dnFjKSEyNzM3OTQmYW1wOzxxcXZiLyU8MTczNTAyMCE9bmVodWAvITM2ND01MDUxITlhYmt7YSgkMTYwMjEwOjMmYW1wOzxjYm90ZisqMDE1MDAzNDolMmJlanZmLyU3MjsxNzYxMyE9ZWZkd2EqJzc2NDYzOzIxJD9lYmtwYiQmYW1wOzAzNjY3MTc%2BKj5iZ2lwZishMz03MTIzNjMlOWFpaHdjKSE3MjAyPDIxNyc5ZWZvdG0oJmFtcDsyMDA2MTs0OCZhbXA7PmBkb3BiLyU8MTcwNzIwMCE9OCgmYW1wOzIwMDU1NzU%2FJmFtcDs%2BYGRvcGIvJTwxNzA2NDI%2FIT18dnFjKSE3MjAxOz01MCc5d3V2YiQmYW1wOzAzNjQxNjU0Kj5iZ2lwZishMz03MzExMDMlOWFpaHdjKSE3MjAwPzA3Myc5ZWZvdG0oJmFtcDsyMDA0PzUxOyZhbXA7PmBkb3BiLyU8MTc%2BNDc0PiE9bmVodWAvITM2NDA2NDEyITlhYmt7YSgkMTY3NzQ1Oz0mYW1wOzxjYm90ZisqMDEyNTQxMzMlMmJlanZmLyU3Mjw0MzQxMiE9ZWZkd2EqJzc2MzI2PjcxJD8zfiZxdW90O11cIiBkYXRhLWNyZWF0aXZlLWxvYWQtbGlzdGVuZXI9XCJcIj48aW1nIHNyYz1cImh0dHBzOi8vYTE0NzQuY2FzYWxlbWVkaWEuY29tL2ltcHJlc3Npb24vdjE%2FYmlkSUQ9OThiZDkyMzktNmY2My00MzhhLWJlOGUtYzFkZDA5ZmNmNTk2JmFtcDt0cmFjZUlEPWNpNzRhaGo1dWIzb2RocThkaWYwJmFtcDtkc3BJRD04NSZhbXA7dXNlcklEPVpJNUZRYkVrWGtlQ1ZKYnlobGR4MFFBQSZhbXA7Y21wcm89MzMmYW1wO2RldmljZVR5cGU9MiZhbXA7ZXhwaXJ5VGltZT0xNjg3MDQ2MDQ2JmFtcDtwcm9maWxlSURzPSZhbXA7YXA9Wkk1RlJnQUlaQkFJYUFCNEFBNXFVWUsxSm03NXUwRXRiQzkxX0EmYW1wO3NpdGVJRD01NTcyNTcmYW1wO2NyZWF0aXZlSUQ9MWI2NmNmYiZhbXA7cHViSUQ9MTg0OTE1JmFtcDtmb3JtYXQ9YmFubmVyJmFtcDtjaGFubmVsPXNpdGVcIiBzdHlsZT1cImRpc3BsYXk6bm9uZVwiIHdpZHRoPVwiMFwiIGhlaWdodD1cIjBcIiBhbHQ9XCJcIiBib3JkZXI9XCIwXCI%2BPGRpdiBzdHlsZT1cInBvc2l0aW9uOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3A6IDBweDsgdmlzaWJpbGl0eTogaGlkZGVuO1wiPjxpbWcgc3JjPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD14YmlkJmFtcDtkYm1fYj1BS0FtZi1CZ3cxZVV0dWQxM2ZWQ08takJONTN4aXFTODE3T0J2ZVpfTzdIVzNySVVlNzNoR3cwaTlUa0lReUN4UTI4Mm1aOXVUcGZSX1pVZzNaWXhpUGxNQjJ1Q3hvOHVYaXZia3FvRHpjYkVHNnRieGZkeGhtY1wiIGJvcmRlcj1cIjBcIiB3aWR0aD1cIjFcIiBoZWlnaHQ9XCIxXCIgYWx0PVwiXCIgc3R5bGU9XCJkaXNwbGF5Om5vbmVcIj48L2Rpdj48aWZyYW1lIHRpdGxlPVwiQmxhbmtcIiBzcmM9XCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC94YmJlL3BpeGVsP2Q9Q0w2UTBBSVF6dmlCMHdJWTFzanR2QUV3QVEmYW1wO3Y9QVBFdWNOV0dwcU5lcjdWbmZVa3JtLTJaalVmdUw0ZldkR05RRGlBZWNVeXI4NzVvNE5HQ2hieUhGN3V2eU9PNHhRZTN2WlZWeHJabDdCbjFRNzIweG12N1hsZzlxWFBzRVFcIiBzdHlsZT1cImRpc3BsYXk6bm9uZVwiIGFyaWEtaGlkZGVuPVwidHJ1ZVwiPjwvaWZyYW1lPjxkaXY%2BPGRpdiBzdHlsZT1cInBvc2l0aW9uOmFic29sdXRlOyBkaXNwbGF5OmJsb2NrO1wiPjxkaXYgY2xhc3M9XCJHb29nbGVBY3RpdmVWaWV3Q2xhc3NcIiBpZD1cIkRmYVZpc2liaWxpdHlJZGVudGlmaWVyXzg3OTgwNDUzN1wiIGFjdGl2ZV92aWV3X2NsYXNzX25hbWU9XCJHb29nbGVBY3RpdmVWaWV3RWxlbWVudFwiIGRhdGEtZ29vZ2xlLWF2LWN4bj1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGNzL2FjdGl2ZXZpZXc%2FeGFpPUFLQU9qc3VHYS1aWUc1RnFsUnl0eUdEbW9VSDVDdnYyelFlTE1HcVBjaFAxd0tuLVVGQmRCYVVPUS1FcDF4YXFnQTd6TVZYOGpmYVViMFpwWEZyVEpZdmQ1VWRhMDRQU2p2Q0x6dGMmYW1wO3NpZz1DZzBBcktKU3pPbTVWY3Z3S2ZTWkVBRVwiIGRhdGEtZ29vZ2xlLWF2LWFkaz1cIjYxNTIyMTk3MlwiIGRhdGEtZ29vZ2xlLWF2LW1ldGFkYXRhPVwibGE9MCZhbXA7XCIgZGF0YS1nb29nbGUtYXYtdWZzLWludGVncmF0b3ItbWV0YWRhdGE9XCJFc01CQ3J3QmFIUjBjSE02THk5d1lXZGxZV1F5TG1kdmIyZHNaWE41Ym1ScFkyRjBhVzl1TG1OdmJTOXdZM012WVdOMGFYWmxkbWxsZHo5NFlXazlRVXRCVDJwemRVZGhMVnBaUnpWR2NXeFNlWFI1UjBSdGIxVklOVU4yZGpKNlVXVk1UVWR4VUdOb1VERjNTMjR0VlVaQ1pFSmhWVTlSTFVWd01YaGhjV2RCTjNwTlZsZzRhbVpoVldJd1duQllSbkpVU2xsMlpEVlZaR0V3TkZCVGFuWkRUSHAwWXlaemFXYzlRMmN3UVhKTFNsTjZUMjAxVm1OMmQwdG1VMXBGUVVVU0FCb0FcIiBkYXRhLWdvb2dsZS1hdi1vdmVycmlkZT1cIi0xXCIgZGF0YS1nb29nbGUtYXYtaW1tZWRpYXRlPVwidHJ1ZVwiIGRhdGEtZ29vZ2xlLWF2LWFpZD1cIjBcIiBkYXRhLWdvb2dsZS1hdi1uYWlkPVwiMVwiIGRhdGEtZ29vZ2xlLWF2LXNsaWZ0PVwiXCIgZGF0YS1nb29nbGUtYXYtY3BtYXY9XCJcIiBkYXRhLWdvb2dsZS1hdi1idHI9XCJcIiBkYXRhLWdvb2dsZS1hdi1pdHBsPVwiMzJcIiBkYXRhLWdvb2dsZS1hdi1ycz1cIjZcIiBkYXRhLWdvb2dsZS1hdi1kbT1cIjJcIiBkYXRhLWdvb2dsZS1hdi1mbGFncz1cIlsmcXVvdDt4JTI3ODQ0MCc5ZWZvdG0oJmFtcDs3NTMzNzQlMmJlanZmLyUyNzg0ND4nOXd1dmIkJmFtcDs1NjUzMz4hPXx2cWMpITI3Mzc5NCZhbXA7PHFxdmIvJTwxNzM1MDIwIT1uZWh1YC8hMzY0PTUwNTEhOWFia3thKCQxNjAyMTA6MyZhbXA7PGNib3RmKyowMTUwMDM0OiUyYmVqdmYvJTcyOzE3NjEzIT1lZmR3YSonNzY0NjM7MjEkP2Via3BiJCZhbXA7MDM2NjcxNz4qPmJnaXBmKyEzPTcxMjM2MyU5YWlod2MpITcyMDI8MjE3JzllZm90bSgmYW1wOzIwMDYxOzQ4JmFtcDs%2BYGRvcGIvJTwxNzA3MjAwIT04KCZhbXA7MjAwNTU3NT8mYW1wOz5gZG9wYi8lPDE3MDY0Mj8hPXx2cWMpITcyMDE7PTUwJzl3dXZiJCZhbXA7MDM2NDE2NTQqPmJnaXBmKyEzPTczMTEwMyU5YWlod2MpITcyMDA%2FMDczJzllZm90bSgmYW1wOzIwMDQ%2FNTE7JmFtcDs%2BYGRvcGIvJTwxNz40NzQ%2BIT1uZWh1YC8hMzY0MDY0MTIhOWFia3thKCQxNjc3NDU7PSZhbXA7PGNib3RmKyowMTI1NDEzMyUyYmVqdmYvJTcyPDQzNDEyIT1lZmR3YSonNzYzMjY%2BNzEkPzN%2BJnF1b3Q7XVwiIGRhdGEtY3JlYXRpdmUtbG9hZC1saXN0ZW5lcj1cIlwiPjxpbWcgc3JjPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1kdjMtcmVuZGVyJmFtcDttc2c9ZmV0Y2gmYW1wO2Nvcj0xMzcyMjk4OTM3ODgyMjIyNzMyMSZhbXA7eD0xMyZhbXA7Y3Q9NzZcIiBib3JkZXI9XCIwXCIgd2lkdGg9XCIxXCIgaGVpZ2h0PVwiMVwiIGFsdD1cIlwiIHN0eWxlPVwiZGlzcGxheTpub25lXCI%2BPHNjcmlwdD4oZnVuY3Rpb24oKSB7dmFyIHUgPSAnaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvZGJtL2FkP2RibV9jPUFLQW1mLUFuODNuQ3dCNG0tOVd1YWxpenF1NDhHUzdyZnczbUVHMTdBVlA3YW5USkhkRjdJMHo0UXplNm9UUzhGMERvend6V0M4RlVsR2NKUXZMUFg1dnJ6WkhUd0o5ZEFpcjlGNWJoeUxadG93ODJPbThScXJQM1dJbjNabFdncXZxLVFacEVBSTlQWXMzU0VKM2U2QnVhZExBRVRJdHdSVnllR3FUQnN2c1RBMWtIVnlhTHhaUSZjcnk9MSZkYm1fZD1BS0FtZi1BcDM4Zk1RNHk4dVZ3U1VLYTdPVGoyd1FLa0RHbjNQUnBxZVhKdC1qdEVfMC1zMjJ1ekhBREpQbXBUTWVPb3J3VVNYNUpsRjFaWnVFc1Z1dm1NS3dHVkNJWlZmRHRUbGZteVRzbHBaMmpIWFMtWVpJT3FGVDZ4NlprX0c5WWJjbFktellRV1ZlakQyOVg3dW0yc3prYVRFb1U4dUhYNTI1OTZqbkxfRUdXRU9qbDVoMXh1X0Y4S190T19lcjlWSlZLTHhRV2ZXdi1JSmJiVzNvQ0pMZ1FhME16czRoN3E5dUZmdHBWdWx6NDdMTEtiZklEaTAwOWRwSDY5Z29qTlpOYkQ1STI1S2h2WFFNOWRobkxyQ2ZoMmZhaTBTTXZZSG10cTNoWHhScXBkZW5NaExoNU5DeHk5VG55bkJ6dmM1ZUt4cWh4VTlPeThJcHZ5VG1CNjZnM1NVSVhvOW5JRXJNUFBpVmZhaGhERlczRlExV3FIRDZqeVBtaFBhbHF1ODNjbVhNa1ZIZEllTURzdGlTMUFEWHdaOEJaNndZc0FoWWRDZFJ4YnplQjk5MTNiQ0tTRkRFLVpHVlNpNFg5c19Qa3BVcXBGU2M0QmMyekFNbl96THByYWVoYmFEbm9lN1hqeklnWmVwdHlBWk9PSFFONDluV2tHTjZGZHIyaUZRaUhIdVY5OEM3dTM3M3gtYmVILWFYc3hscEIwT3FoTjFoSzQ5Z3ZLZE16Q0lOaTh2alNCcUZ2RnlDdlRmVzNXU3p4RDRJUEZHdGRBYkZsV3dqdnBMV3RQSXdIZkFEN2p0ZEthWTRJMVo1RkZhX0RrVlQzNXJkY3ZzaDdKcUdOSXhPLXJ5b1NUeUdLWXpDM0xtMVByWmZuZWF0ZWFZZnJKOWVjWnlsOXFUSUozQkNLVEZ3YzlzVlBPTGlLTWNzWExVNjNxcXVaMDBVc1VVcFJLSVB0dnNCYTZyWFZhQ0N6UXZZQXFFQjZHQUNfVDljS2tmRXQ5T1RzWFJyNW1Kc1VZU3p1aHFlQjI2OWRBeGNRaV94QXBaZ0EyVmNOMHpzajJJYkVoazhUX1p2bk1jT3BJZXBOaEZnVkNJRi15ck90TWRmeWhYQWJwUV9lRGotUnZGajZtenpHSC1SSFFVSTYwLUMyY21IbWdQRFZWYWgtRmtMSUZsV3YtUG03MGpDQ0J4UWJiS05rNlJ4UHV4Q256dlQySUV0bTFBLXJ6TWpTU0tBSWxKV3dud0g5elhxejNPRHRySDBneVB6akJfRUNZZ1I2VDR2WkdzOGJORjhIaTM0YUE1TnAtTGpOM1hVeFllUVV6MmxaVUNSYUVKSWdqdS16bzBKbXZISzN4WTZPMDFjRDR0dF90aG9ObERWN2piZXRwQjBPc3ZpcGZjRG1KRE1hRG9LdzJXOGllLXZJN1hJT1dKcnVoQWprUms3dGRhOVNkbjZMclBhV3dOUUNtS0pUWGpNbzNsbEtHTlV5dzBlVHRWa09LZm13X093dVdXai03aXVZX0tuaklrUzBic0NDQzh3cUVFZWl4X0pNN3BvUHdFQ1JzeV9FM1REaGhDcjA3YnFhTmFMQ0NHdmJnYW14cnV3aHVLRVJZdFduYnMzVS1ROTBlLXNtLTRXV2JhaDRsSHNubUYzWU9Na01RMkJMT05oZXNVaFZvOUNNU1pLNGNCdERpT3ZVZHE2dndPY1o5X21iLVpXRzBmLVExRTdKbkRhc2FIdkxXMU42UjBpVHkwNUp4RkZrY3pwVUVjT3VudXd5YjBtWFFHNFdEdVFURUlhU29OY054QWlvTTJmZnhOVzdQR05XZDRqUkF3aV94QXdaSDdlcUh5dVcyZFYxU0tmVFh2RnNXM1BNcmpVa2h2VWNzTGZ5cDVWcU01Uk8yZm1SRkU3b2k1MzBubUdwQkVTYkZBbEJNck9CVmI4TzhGSndvUTZZMHVwSmhWVmtEYzlKZEJkcmIzNTVaYXAzT2hCYlEyZW1mLUFidFl1VGpSY0U1d2Z4N3gxV2dtVXQ5OFhsZUExbThMQTJvMFpjbl9YUk5OV3ZHQjZBaVFVNWVoUjVlcloxWU4xbTBEcEF6QnVMU2FDN3lyTmhJaFZfcUFOSVAtRTZXRzRyRVF4SUNySTRSa3dSaDQ3eWlPREdkaG91ZVJiRWV3WGtWRWFsYk1iRXpTQzZvWEx6S210bEVRUm90ejZSMXo2SGRWVXhJdkEwUGN2Wjhkb1ZhcXJRZ2p2ZUVpSnJ0aVdyMmItZFVSSlFnbnpzcDRvRDM2TUFxYVI2bk1vcWVtal9YY2hTMVZQV2x4WlVtZ3p5cjBaTXd5ZmpVbldYajByMHFYRGpNZkE0VXJIWVFDb24yX2xZLVZSU1hrbWdFN2p5QXFWQngycTBRNHdSZTU2cXJQRHgzQy1DTFM1ZU84eEJlUUdGemxCTDR3ejlIcUhsOUR5SWVyWFMzM0VHU09VYXB1NFVkak1TN1EySXJjbkdSMERQUTh0NkFNOENSU1Z5UmxwU1ppLTR0RHlSVk1VOXNqOENxa1NkQVJKUEh6czhiTklDZEtJcXB3QWdsM0NVeld4WXBKdWRzdl90cGg4NzVBNEtOUWZlMldsdU9UTm5JNkR4RUN4aW5nX3F3eHZZV1k0ZUI3cWNjQUVEQzA3c0VTdlFhLVZERFdBaEFGQmQxaUVHY2MtZDhxSV9hTW5QVGVneURPX1o4RFpJeDJpRlVLaTBfYm1Db1NzSHdhbDZtR1lF&i=6-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
Ij4nD79pHvSml_g6bODOBRLqzgbUFt0REn34HAL4ZwQvuEVGVOP9Fg==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=QjRHRXFLSnltTmFQR0VnQ2oxQnItM01Qc3VCeFhLQldZU3FUM1gyZVNyMzZ5ZXhuWTBHZ3NNczFWVlZtM0J4bHhwZ1FwSi0xa3NOcmpBWjdPT1Y2bFVrd29WXzd3dFU0T2lRbno1QS1mYlpHc29ZaXFGV3Z1MTZxNVBSNlo3U0RjTVNvNnN2eVljNGl2WjVVSENoNzZVRzU0YzgwUUhxZnBvaDhkbWhGT25jYllOZ24tMUF3cmlwbDhOeXg2TDZYUkY0d0I2OVRrUDh3RVRkUkpSUzhEdUNjbnJjcDZxbFptTzNlTVEyMEw2YTNjeHJuMGRiNUYwajZHckRNTVZjdzJsRjFjcjExRDViUEk3b2w5T0hMVTd3VU11SzlNVkZUTGZtR2EtdXJTaC1zbFVxN0ZaaWdiSk5LZ1BmUXBDX3pWX1VvWGJGWHJMVnRjc3FsMnZEWWxEaXRHQV9CQkthTHVqeUpvUTZmYVQ0WkxsRWEta0xWaE9qRnJaMDAxblVVQkE1ajU3STYtanhFczZZanJHOE1KYXcyNS1CNzg4cjV1dURBT3kzc3EzdERKT3hfSHVXajlqTXFxby1GOTVYRkpwQlk0d3c0RlQ2eUVqY2xSTFRudXpkNTMtX01lRVVKb3FQbnFBVG9yWWhGWE1PdGEyWmV5SDFXMFBEOXQ3WUpEQlIxUW44R21xMEVBaXZpVUNNdmhWMmZ6dmEzZXRyNHF2Yy1RQnVWZi1nYzFYZEcwaUFCNnI0WFhnVl8yRGg0M2VzSHpjUEUyc2VhOTZlakJDblNaeFBhRm5hUlpzZDlKWFZ4R094WkVocWlTS2NrclU4U2JwVDVUczhKYklwZTFtdHA0MUZxaXhfOVVJTjN0NnZnekxNUUVORGREY0ZJaHRsRTVmRHpITEFHeFNUUFBOSjA5Z0FqUmlSSU1xc09rTk4zWGxpb013N0RZdm1aRW5sdlJCMnBHN3pldlE0YWtOZmktRzlKRGJfNFY2TzdjbDB6aHppMk93bDNuT0VRU2VmX2p1NXVidTVCN0tzUEhxMm4zOUhkdzh3dy1pNVozdjhyQm85OXBsMXBOeDJSOV9TMzZQRl84X1RNT2dLeTBXYlBLSzlfTV9LVlZFeUZHMGdIaTVscktVOUprZmNuUzFGakNSekZ2YUE3dE0tY1V6MkNXY0w4ODlwbmk3dHNKazM4Yl9sRTFGaUVObzJxU1NHaU85WVkxRHJzNE93bXc1SndFNFJONm9OXzhaNU50eXpjOGhYaGU5eFZzRFF6YzFqN2ZCbWNVNXJPUEFvWlUwWHBjYXdrYkN3dmlOU2pmVXBkV1ZXSDdhcmUyellGZXpfR1dJY1B2T0hFYUQyR1ktTHVrWm1JdHZ2RE1kdkhYYnNrcW9JQ2pSZFBUM1hTamNlY19ZT2duRGZudWI2dnhGQ1ozSlBUM09vaENkSFNuSkNUMXhwZVJUWW1LVk40UFpuZFpGWFdKSXpWRDRxRSZwcj0xMzpaSTVGUmdBQUFBQWNsMW9DRlNSenJpY05MZTlMSFpJN05pNkNUQSZjaWQ9Q0FRU0tRQnlnUWlEdEtJTUdGMXF6SnZ4UnhLRDBFM3ctbmFRYzNCRUZRZnhadlNmX09TZjNXMG53eDVBR0FFJzt3aW5kb3cuZHYzVXR3ID0ge3U6IHUsdzogZnVuY3Rpb24oKSB7ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgc3JjPVwiJyArIHUgKyAnJmZsYj0xXCI%2BPC9zJyArICdjcmlwdD4nKTt9fTt9KSgpOzwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvZHYzLmpzXCIgZGF0YS1kdjMtY3JlYXRpdmUtZmV0Y2g9XCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9kYm0vYWQ%2FZGJtX2M9QUtBbWYtQW44M25Dd0I0bS05V3VhbGl6cXU0OEdTN3JmdzNtRUcxN0FWUDdhblRKSGRGN0kwejRRemU2b1RTOEYwRG96d3pXQzhGVWxHY0pRdkxQWDV2cnpaSFR3SjlkQWlyOUY1Ymh5TFp0b3c4Mk9tOFJxclAzV0luM1psV2dxdnEtUVpwRUFJOVBZczNTRUozZTZCdWFkTEFFVEl0d1JWeWVHcVRCc3ZzVEExa0hWeWFMeFpRJmFtcDtjcnk9MSZhbXA7ZGJtX2Q9QUtBbWYtQXAzOGZNUTR5OHVWd1NVS2E3T1RqMndRS2tER24zUFJwcWVYSnQtanRFXzAtczIydXpIQURKUG1wVE1lT29yd1VTWDVKbEYxWlp1RXNWdXZtTUt3R1ZDSVpWZkR0VGxmbXlUc2xwWjJqSFhTLVlaSU9xRlQ2eDZaa19HOVliY2xZLXpZUVdWZWpEMjlYN3VtMnN6a2FURW9VOHVIWDUyNTk2am5MX0VHV0VPamw1aDF4dV9GOEtfdE9fZXI5VkpWS0x4UVdmV3YtSUpiYlczb0NKTGdRYTBNenM0aDdxOXVGZnRwVnVsejQ3TExLYmZJRGkwMDlkcEg2OWdvak5aTmJENUkyNUtodlhRTTlkaG5MckNmaDJmYWkwU012WUhtdHEzaFh4UnFwZGVuTWhMaDVOQ3h5OVRueW5CenZjNWVLeHFoeFU5T3k4SXB2eVRtQjY2ZzNTVUlYbzluSUVyTVBQaVZmYWhoREZXM0ZRMVdxSEQ2anlQbWhQYWxxdTgzY21YTWtWSGRJZU1Ec3RpUzFBRFh3WjhCWjZ3WXNBaFlkQ2RSeGJ6ZUI5OTEzYkNLU0ZERS1aR1ZTaTRYOXNfUGtwVXFwRlNjNEJjMnpBTW5fekxwcmFlaGJhRG5vZTdYanpJZ1plcHR5QVpPT0hRTjQ5bldrR042RmRyMmlGUWlISHVWOThDN3UzNzN4LWJlSC1hWHN4bHBCME9xaE4xaEs0OWd2S2RNekNJTmk4dmpTQnFGdkZ5Q3ZUZlczV1N6eEQ0SVBGR3RkQWJGbFd3anZwTFd0UEl3SGZBRDdqdGRLYVk0STFaNUZGYV9Ea1ZUMzVyZGN2c2g3SnFHTkl4Ty1yeW9TVHlHS1l6QzNMbTFQclpmbmVhdGVhWWZySjllY1p5bDlxVElKM0JDS1RGd2M5c1ZQT0xpS01jc1hMVTYzcXF1WjAwVXNVVXBSS0lQdHZzQmE2clhWYUNDelF2WUFxRUI2R0FDX1Q5Y0trZkV0OU9Uc1hScjVtSnNVWVN6dWhxZUIyNjlkQXhjUWlfeEFwWmdBMlZjTjB6c2oySWJFaGs4VF9adm5NY09wSWVwTmhGZ1ZDSUYteXJPdE1kZnloWEFicFFfZURqLVJ2Rmo2bXp6R0gtUkhRVUk2MC1DMmNtSG1nUERWVmFoLUZrTElGbFd2LVBtNzBqQ0NCeFFiYktOazZSeFB1eENuenZUMklFdG0xQS1yek1qU1NLQUlsSld3bndIOXpYcXozT0R0ckgwZ3lQempCX0VDWWdSNlQ0dlpHczhiTkY4SGkzNGFBNU5wLUxqTjNYVXhZZVFVejJsWlVDUmFFSklnanUtem8wSm12SEszeFk2TzAxY0Q0dHRfdGhvTmxEVjdqYmV0cEIwT3N2aXBmY0RtSkRNYURvS3cyVzhpZS12STdYSU9XSnJ1aEFqa1JrN3RkYTlTZG42THJQYVd3TlFDbUtKVFhqTW8zbGxLR05VeXcwZVR0VmtPS2Ztd19Pd3VXV2otN2l1WV9LbmpJa1MwYnNDQ0M4d3FFRWVpeF9KTTdwb1B3RUNSc3lfRTNURGhoQ3IwN2JxYU5hTENDR3ZiZ2FteHJ1d2h1S0VSWXRXbmJzM1UtUTkwZS1zbS00V1diYWg0bEhzbm1GM1lPTWtNUTJCTE9OaGVzVWhWbzlDTVNaSzRjQnREaU92VWRxNnZ3T2NaOV9tYi1aV0cwZi1RMUU3Sm5EYXNhSHZMVzFONlIwaVR5MDVKeEZGa2N6cFVFY091bnV3eWIwbVhRRzRXRHVRVEVJYVNvTmNOeEFpb00yZmZ4Tlc3UEdOV2Q0alJBd2lfeEF3Wkg3ZXFIeXVXMmRWMVNLZlRYdkZzVzNQTXJqVWtodlVjc0xmeXA1VnFNNVJPMmZtUkZFN29pNTMwbm1HcEJFU2JGQWxCTXJPQlZiOE84Rkp3b1E2WTB1cEpoVlZrRGM5SmRCZHJiMzU1WmFwM09oQmJRMmVtZi1BYnRZdVRqUmNFNXdmeDd4MVdnbVV0OThYbGVBMW04TEEybzBaY25fWFJOTld2R0I2QWlRVTVlaFI1ZXJaMVlOMW0wRHBBekJ1TFNhQzd5ck5oSWhWX3FBTklQLUU2V0c0ckVReElDckk0Umt3Umg0N3lpT0RHZGhvdWVSYkVld1hrVkVhbGJNYkV6U0M2b1hMekttdGxFUVJvdHo2UjF6NkhkVlV4SXZBMFBjdlo4ZG9WYXFyUWdqdmVFaUpydGlXcjJiLWRVUkpRZ256c3A0b0QzNk1BcWFSNm5Nb3FlbWpfWGNoUzFWUFdseFpVbWd6eXIwWk13eWZqVW5XWGowcjBxWERqTWZBNFVySFlRQ29uMl9sWS1WUlNYa21nRTdqeUFxVkJ4MnEwUTR3UmU1NnFyUER4M0MtQ0xTNWVPOHhCZVFHRnpsQkw0d3o5SHFIbDlEeUllclhTMzNFR1NPVWFwdTRVZGpNUzdRMklyY25HUjBEUFE4dDZBTThDUlNWeVJscFNaaS00dER5UlZNVTlzajhDcWtTZEFSSlBIenM4Yk5JQ2RLSXFwd0FnbDNDVXpXeFlwSnVkc3ZfdHBoODc1QTRLTlFmZTJXbHVPVE5uSTZEeEVDeGluZ19xd3h2WVdZNGVCN3FjY0FFREMwN3NFU3ZRYS1WRERXQWhBRkJkMWlFR2NjLWQ4cUlfYU1uUFRlZ3lET19aOERaSXgyaUZVS2kwX2JtQ29Tc0h3YWw2bUdZRUI0R0VxS0p5bU5hUEdFZ0NqMUJyLTNNUHN1QnhYS0JXWVNxVDNYMmVTcjM2eWV4blkwR2dzTXMxVlZWbTNCeGx4cGdRcEotMWtzTnJqQVo3T09WNmxVa3dvVl83d3RVNE9pUW56NUEtZmJaR3NvWWlxRld2dTE2cTVQUjZaN1NEY01TbzZzdnlZYzRpdlo1VUhDaDc2VUc1NGM4MFFIcWZwb2g4ZG1oRk9uY2JZTmduLTFBd3JpcGw4Tnl4Nkw2WFJGNHdCNjlUa1A4d0VUZFJKUlM4RHVDY25yY3A2cWxabU8zZU1RMjBMNmEzY3hybjBkYjVGMGo2R3JETU1WY3cybEYxY3IxMUQ1YlBJN29sOU9ITFU3d1VNdUs5TVZGVExmbUdhLXVyU2gtc2xVcTdGWmlnYkpOS2dQZlFwQ196Vl9Vb1hiRlhyTFZ0Y3NxbDJ2RFlsRGl0R0FfQkJLYUx1anlKb1E2ZmFUNFpMbEVhLWtMVmhPakZyWjAwMW5VVUJBNWo1N0k2LWp4RXM2WWpyRzhNSmF3MjUtQjc4OHI1dXVEQU95M3NxM3RESk94X0h1V2o5ak1xcW8tRjk1WEZKcEJZNHd3NEZUNnlFamNsUkxUbnV6ZDUzLV9NZUVVSm9xUG5xQVRvclloRlhNT3RhMlpleUgxVzBQRDl0N1lKREJSMVFuOEdtcTBFQWl2aVVDTXZoVjJmenZhM2V0cjRxdmMtUUJ1VmYtZ2MxWGRHMGlBQjZyNFhYZ1ZfMkRoNDNlc0h6Y1BFMnNlYTk2ZWpCQ25TWnhQYUZuYVJac2Q5SlhWeEdPeFpFaHFpU0tja3JVOFNicFQ1VHM4SmJJcGUxbXRwNDFGcWl4XzlVSU4zdDZ2Z3pMTVFFTkRkRGNGSWh0bEU1ZkR6SExBR3hTVFBQTkowOWdBalJpUklNcXNPa05OM1hsaW9NdzdEWXZtWkVubHZSQjJwRzd6ZXZRNGFrTmZpLUc5SkRiXzRWNk83Y2wwemh6aTJPd2wzbk9FUVNlZl9qdTV1YnU1QjdLc1BIcTJuMzlIZHc4d3ctaTVaM3Y4ckJvOTlwbDFwTngyUjlfUzM2UEZfOF9UTU9nS3kwV2JQS0s5X01fS1ZWRXlGRzBnSGk1bHJLVTlKa2ZjblMxRmpDUnpGdmFBN3RNLWNVejJDV2NMODg5cG5pN3RzSmszOGJfbEUxRmlFTm8ycVNTR2lPOVlZMURyczRPd213NUp3RTRSTjZvTl84WjVOdHl6YzhoWGhlOXhWc0RRemMxajdmQm1jVTVyT1BBb1pVMFhwY2F3a2JDd3ZpTlNqZlVwZFdWV0g3YXJlMnpZRmV6X0dXSWNQdk9IRWFEMkdZLUx1a1ptSXR2dkRNZHZIWGJza3FvSUNqUmRQVDNYU2pjZWNfWU9nbkRmbnViNnZ4RkNaM0pQVDNPb2hDZEhTbkpDVDF4cGVSVFltS1ZONFBabmRaRlhXSkl6VkQ0cUUmYW1wO3ByPTEzOlpJNUZSZ0FBQUFCT3AxU3l0dUlRSnFvYWRFTU0tNmdzdFgtSjJRJmFtcDtjaWQ9Q0FRU0tRQnlnUWlEdEtJTUdGMXF6SnZ4UnhLRDBFM3ctbmFRYzNCRUZRZnhadlNmX09TZjNXMG53eDVBR0FFXCIgZGF0YS1kdjMtd2lkdGg9XCI3MjhcIiBkYXRhLWR2My1oZWlnaHQ9XCI5MFwiIGRhdGEtZHYzLXJlbmRlci1tb2RlPVwic2NyaXB0XCIgZGF0YS1kdjMtbWV0YS1kYXRhPVwiWzEzLDc2LDEzNzIyOTg5Mzc4ODIyMjI3MzIxXVwiIGRhdGEtZHYzLWRvbmU9XCJ0cnVlXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9kYm0vYWQ%2FZGJtX2M9QUtBbWYtQW44M25Dd0I0bS05V3VhbGl6cXU0OEdTN3JmdzNtRUcxN0FWUDdhblRKSGRGN0kwejRRemU2b1RTOEYwRG96d3pXQzhGVWxHY0pRdkxQWDV2cnpaSFR3SjlkQWlyOUY1Ymh5TFp0b3c4Mk9tOFJxclAzV0luM1psV2dxdnEtUVpwRUFJOVBZczNTRUozZTZCdWFkTEFFVEl0d1JWeWVHcVRCc3ZzVEExa0hWeWFMeFpRJmFtcDtjcnk9MSZhbXA7ZGJtX2Q9QUtBbWYtQXAzOGZNUTR5OHVWd1NVS2E3T1RqMndRS2tER24zUFJwcWVYSnQtanRFXzAtczIydXpIQURKUG1wVE1lT29yd1VTWDVKbEYxWlp1RXNWdXZtTUt3R1ZDSVpWZkR0VGxmbXlUc2xwWjJqSFhTLVlaSU9xRlQ2eDZaa19HOVliY2xZLXpZUVdWZWpEMjlYN3VtMnN6a2FURW9VOHVIWDUyNTk2am5MX0VHV0VPamw1aDF4dV9GOEtfdE9fZXI5VkpWS0x4UVdmV3YtSUpiYlczb0NKTGdRYTBNenM0aDdxOXVGZnRwVnVsejQ3TExLYmZJRGkwMDlkcEg2OWdvak5aTmJENUkyNUtodlhRTTlkaG5MckNmaDJmYWkwU012WUhtdHEzaFh4UnFwZGVuTWhMaDVOQ3h5OVRueW5CenZjNWVLeHFoeFU5T3k4SXB2eVRtQjY2ZzNTVUlYbzluSUVyTVBQaVZmYWhoREZXM0ZRMVdxSEQ2anlQbWhQYWxxdTgzY21YTWtWSGRJZU1Ec3RpUzFBRFh3WjhCWjZ3WXNBaFlkQ2RSeGJ6ZUI5OTEzYkNLU0ZERS1aR1ZTaTRYOXNfUGtwVXFwRlNjNEJjMnpBTW5fekxwcmFlaGJhRG5vZTdYanpJZ1plcHR5QVpPT0hRTjQ5bldrR042RmRyMmlGUWlISHVWOThDN3UzNzN4LWJlSC1hWHN4bHBCME&i=7-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
qbtUaYwMc9ogYyf8a2ClSLez_QI2xLN_MJMVBiGOpd7g0B2ENDIsYg==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=9xaE4xaEs0OWd2S2RNekNJTmk4dmpTQnFGdkZ5Q3ZUZlczV1N6eEQ0SVBGR3RkQWJGbFd3anZwTFd0UEl3SGZBRDdqdGRLYVk0STFaNUZGYV9Ea1ZUMzVyZGN2c2g3SnFHTkl4Ty1yeW9TVHlHS1l6QzNMbTFQclpmbmVhdGVhWWZySjllY1p5bDlxVElKM0JDS1RGd2M5c1ZQT0xpS01jc1hMVTYzcXF1WjAwVXNVVXBSS0lQdHZzQmE2clhWYUNDelF2WUFxRUI2R0FDX1Q5Y0trZkV0OU9Uc1hScjVtSnNVWVN6dWhxZUIyNjlkQXhjUWlfeEFwWmdBMlZjTjB6c2oySWJFaGs4VF9adm5NY09wSWVwTmhGZ1ZDSUYteXJPdE1kZnloWEFicFFfZURqLVJ2Rmo2bXp6R0gtUkhRVUk2MC1DMmNtSG1nUERWVmFoLUZrTElGbFd2LVBtNzBqQ0NCeFFiYktOazZSeFB1eENuenZUMklFdG0xQS1yek1qU1NLQUlsSld3bndIOXpYcXozT0R0ckgwZ3lQempCX0VDWWdSNlQ0dlpHczhiTkY4SGkzNGFBNU5wLUxqTjNYVXhZZVFVejJsWlVDUmFFSklnanUtem8wSm12SEszeFk2TzAxY0Q0dHRfdGhvTmxEVjdqYmV0cEIwT3N2aXBmY0RtSkRNYURvS3cyVzhpZS12STdYSU9XSnJ1aEFqa1JrN3RkYTlTZG42THJQYVd3TlFDbUtKVFhqTW8zbGxLR05VeXcwZVR0VmtPS2Ztd19Pd3VXV2otN2l1WV9LbmpJa1MwYnNDQ0M4d3FFRWVpeF9KTTdwb1B3RUNSc3lfRTNURGhoQ3IwN2JxYU5hTENDR3ZiZ2FteHJ1d2h1S0VSWXRXbmJzM1UtUTkwZS1zbS00V1diYWg0bEhzbm1GM1lPTWtNUTJCTE9OaGVzVWhWbzlDTVNaSzRjQnREaU92VWRxNnZ3T2NaOV9tYi1aV0cwZi1RMUU3Sm5EYXNhSHZMVzFONlIwaVR5MDVKeEZGa2N6cFVFY091bnV3eWIwbVhRRzRXRHVRVEVJYVNvTmNOeEFpb00yZmZ4Tlc3UEdOV2Q0alJBd2lfeEF3Wkg3ZXFIeXVXMmRWMVNLZlRYdkZzVzNQTXJqVWtodlVjc0xmeXA1VnFNNVJPMmZtUkZFN29pNTMwbm1HcEJFU2JGQWxCTXJPQlZiOE84Rkp3b1E2WTB1cEpoVlZrRGM5SmRCZHJiMzU1WmFwM09oQmJRMmVtZi1BYnRZdVRqUmNFNXdmeDd4MVdnbVV0OThYbGVBMW04TEEybzBaY25fWFJOTld2R0I2QWlRVTVlaFI1ZXJaMVlOMW0wRHBBekJ1TFNhQzd5ck5oSWhWX3FBTklQLUU2V0c0ckVReElDckk0Umt3Umg0N3lpT0RHZGhvdWVSYkVld1hrVkVhbGJNYkV6U0M2b1hMekttdGxFUVJvdHo2UjF6NkhkVlV4SXZBMFBjdlo4ZG9WYXFyUWdqdmVFaUpydGlXcjJiLWRVUkpRZ256c3A0b0QzNk1BcWFSNm5Nb3FlbWpfWGNoUzFWUFdseFpVbWd6eXIwWk13eWZqVW5XWGowcjBxWERqTWZBNFVySFlRQ29uMl9sWS1WUlNYa21nRTdqeUFxVkJ4MnEwUTR3UmU1NnFyUER4M0MtQ0xTNWVPOHhCZVFHRnpsQkw0d3o5SHFIbDlEeUllclhTMzNFR1NPVWFwdTRVZGpNUzdRMklyY25HUjBEUFE4dDZBTThDUlNWeVJscFNaaS00dER5UlZNVTlzajhDcWtTZEFSSlBIenM4Yk5JQ2RLSXFwd0FnbDNDVXpXeFlwSnVkc3ZfdHBoODc1QTRLTlFmZTJXbHVPVE5uSTZEeEVDeGluZ19xd3h2WVdZNGVCN3FjY0FFREMwN3NFU3ZRYS1WRERXQWhBRkJkMWlFR2NjLWQ4cUlfYU1uUFRlZ3lET19aOERaSXgyaUZVS2kwX2JtQ29Tc0h3YWw2bUdZRUI0R0VxS0p5bU5hUEdFZ0NqMUJyLTNNUHN1QnhYS0JXWVNxVDNYMmVTcjM2eWV4blkwR2dzTXMxVlZWbTNCeGx4cGdRcEotMWtzTnJqQVo3T09WNmxVa3dvVl83d3RVNE9pUW56NUEtZmJaR3NvWWlxRld2dTE2cTVQUjZaN1NEY01TbzZzdnlZYzRpdlo1VUhDaDc2VUc1NGM4MFFIcWZwb2g4ZG1oRk9uY2JZTmduLTFBd3JpcGw4Tnl4Nkw2WFJGNHdCNjlUa1A4d0VUZFJKUlM4RHVDY25yY3A2cWxabU8zZU1RMjBMNmEzY3hybjBkYjVGMGo2R3JETU1WY3cybEYxY3IxMUQ1YlBJN29sOU9ITFU3d1VNdUs5TVZGVExmbUdhLXVyU2gtc2xVcTdGWmlnYkpOS2dQZlFwQ196Vl9Vb1hiRlhyTFZ0Y3NxbDJ2RFlsRGl0R0FfQkJLYUx1anlKb1E2ZmFUNFpMbEVhLWtMVmhPakZyWjAwMW5VVUJBNWo1N0k2LWp4RXM2WWpyRzhNSmF3MjUtQjc4OHI1dXVEQU95M3NxM3RESk94X0h1V2o5ak1xcW8tRjk1WEZKcEJZNHd3NEZUNnlFamNsUkxUbnV6ZDUzLV9NZUVVSm9xUG5xQVRvclloRlhNT3RhMlpleUgxVzBQRDl0N1lKREJSMVFuOEdtcTBFQWl2aVVDTXZoVjJmenZhM2V0cjRxdmMtUUJ1VmYtZ2MxWGRHMGlBQjZyNFhYZ1ZfMkRoNDNlc0h6Y1BFMnNlYTk2ZWpCQ25TWnhQYUZuYVJac2Q5SlhWeEdPeFpFaHFpU0tja3JVOFNicFQ1VHM4SmJJcGUxbXRwNDFGcWl4XzlVSU4zdDZ2Z3pMTVFFTkRkRGNGSWh0bEU1ZkR6SExBR3hTVFBQTkowOWdBalJpUklNcXNPa05OM1hsaW9NdzdEWXZtWkVubHZSQjJwRzd6ZXZRNGFrTmZpLUc5SkRiXzRWNk83Y2wwemh6aTJPd2wzbk9FUVNlZl9qdTV1YnU1QjdLc1BIcTJuMzlIZHc4d3ctaTVaM3Y4ckJvOTlwbDFwTngyUjlfUzM2UEZfOF9UTU9nS3kwV2JQS0s5X01fS1ZWRXlGRzBnSGk1bHJLVTlKa2ZjblMxRmpDUnpGdmFBN3RNLWNVejJDV2NMODg5cG5pN3RzSmszOGJfbEUxRmlFTm8ycVNTR2lPOVlZMURyczRPd213NUp3RTRSTjZvTl84WjVOdHl6YzhoWGhlOXhWc0RRemMxajdmQm1jVTVyT1BBb1pVMFhwY2F3a2JDd3ZpTlNqZlVwZFdWV0g3YXJlMnpZRmV6X0dXSWNQdk9IRWFEMkdZLUx1a1ptSXR2dkRNZHZIWGJza3FvSUNqUmRQVDNYU2pjZWNfWU9nbkRmbnViNnZ4RkNaM0pQVDNPb2hDZEhTbkpDVDF4cGVSVFltS1ZONFBabmRaRlhXSkl6VkQ0cUUmYW1wO3ByPTEzJTNBWkk1RlJnQUFBQUJPcDFTeXR1SVFKcW9hZEVNTS02Z3N0WC1KMlEmYW1wO2NpZD1DQVFTS1FCeWdRaUR0S0lNR0YxcXpKdnhSeEtEMEUzdy1uYVFjM0JFRlFmeFp2U2ZfT1NmM1cwbnd4NUFHQUUmYW1wO2R2M192ZXI9bTIwMjMwMTIzMDIwMSZhbXA7cmZsPWh0dHBzJTNBJTJGJTJGc2ltcGxlZmx5aW5nLmNvbSUyRnR3by11bml0ZWQtYWlybGluZXMtZW1wbG95ZWVzLWNoYXJnaW5nLXN0ZWFsaW5nLW1hcmlqdWFuYS1wYXNzZW5nZXItbHVnZ2FnZSUyRiZhbXA7ZHM9bCZhbXA7eGR0PTEmYW1wO2lpZj0xJmFtcDtjb3I9MTM3MjI5ODkzNzg4MjIyMjgwMDAmYW1wO2Fkaz02MTUyMjE5NzImYW1wO2lkdD0xMzMmYW1wO2NhYz0wJmFtcDtkdGQ9MTRcIj48L3NjcmlwdD48ZGl2IGlkPVwiYWRfdW5pdFwiPjwvZGl2PjxzY3JpcHQgZGF0YS1qYz1cIjExMlwiIGRhdGEtamMtdmVyc2lvbj1cInIyMDIzMDYxNFwiPihmdW5jdGlvbigpe3ZhciBjPS9bJj9dZGJtX2M9KFteICZdKykvO2Z1bmN0aW9uIGQoYSl7cmV0dXJuKGE9Yy5leGVjKGEpKT9hWzFdOm51bGx9ZnVuY3Rpb24gZShhLGIpe3ZhciBuPWY7YT1hLmdldEVsZW1lbnRzQnlUYWdOYW1lKGIpO2ZvcihiPTA7YjxhLmxlbmd0aDsrK2IpaWYoZChhW2JdLnNyYyk9PT1uKXJldHVybiEwO3JldHVybiExfTt2YXIgZz13aW5kb3c7aWYoZy5kdjNVdHcpe3ZhciBoPWcuZHYzVXR3LnUsaz1nLmR2M1V0dy53O2cuZHYzVXR3PXZvaWQgMDt2YXIgbDthOnt2YXIgZj1kKGgpO2lmKCFmfHxlKGRvY3VtZW50LFwic2NyaXB0XCIpfHxlKGRvY3VtZW50LFwiaWZyYW1lXCIpKWw9ITA7ZWxzZXtmb3IodmFyIG09ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImR2My1hc2ZybVwiKSxwPTA7cDxtLmxlbmd0aDsrK3Ape3ZhciBxPW1bcF07aWYocS5jb250ZW50V2luZG93JiZlKHEuY29udGVudFdpbmRvdy5kb2N1bWVudCxcInNjcmlwdFwiKSl7bD0hMDticmVhayBhfX1sPSExfX1sfHxrKCl9O30pLmNhbGwodGhpcyk7PC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiLy9waXhlbC5hZHNhZmVwcm90ZWN0ZWQuY29tL2psb2FkP2FuSWQ9OTI1MTEzJmFtcDthZHZJZD03MTA5NjYzNTAmYW1wO2NhbXBJZD01MTE3ODE2MSZhbXA7cHViSWQ9MTMmYW1wO3BsYWNlbWVudElkPTM5NjA1OTczNCZhbXA7YWRzYWZlX3BhciZhbXA7YnVuZGxlSWQ9JmFtcDtkZWFsSWQ9JmFtcDtiaWR1cmw9aHR0cHM6Ly9zaW1wbGVmbHlpbmcuY29tL3R3by11bml0ZWQtYWlybGluZXMtZW1wbG95ZWVzLWNoYXJnaW5nLXN0ZWFsaW5nLW1hcmlqdWFuYS1wYXNzZW5nZXItbHVnZ2FnZVwiPjwvc2NyaXB0Pjxub3NjcmlwdD48aW1nIHNyYz1cIi8vcGl4ZWwuYWRzYWZlcHJvdGVjdGVkLmNvbS8%2FYW5JZD05MjUxMTMmYWR2SWQ9NzEwOTY2MzUwJmNhbXBJZD01MTE3ODE2MSZwdWJJZD0xMyZwbGFjZW1lbnRJZD0zOTYwNTk3MzQmYWRzYWZlX3BhciZidW5kbGVJZD0mZGVhbElkPSZiaWR1cmw9aHR0cHM6Ly9zaW1wbGVmbHlpbmcuY29tL3R3by11bml0ZWQtYWlybGluZXMtZW1wbG95ZWVzLWNoYXJnaW5nLXN0ZWFsaW5nLW1hcmlqdWFuYS1wYXNzZW5nZXItbHVnZ2FnZVwiIGhlaWdodD1cIjFcIiB3aWR0aD1cIjFcIiBhbHQ9XCJcIj48L25vc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9XCJKYXZhU2NyaXB0MS4xXCIgc3JjPVwiaHR0cHM6Ly9mdy5hZHNhZmVwcm90ZWN0ZWQuY29tL3Jqc3MvYmdkLzEzNjI0ODcvNjk2MzEyNzIveGJiZS9jcmVhdGl2ZS9hZGo%2FcD1BUEV1Y05VeXZ4NTJMMU1lUkRLeXBzOUkzZjJDZVdGNjRXZV81NmxtQmV4dC16M29haFRqRFVFJmFtcDtkPUNva0JBS0FtZi1ETEJ5U0w2dWtqcWhCUEV1aG5vVHYyR3pMTWkwMF9zdm1NUEhnNWpJOEVXOEgxdFR3UXVCaDBVR1AwX3BnOFkxaS1vUnMwS1RiWGJBbWJrSjNwZGN2SS1tX3ZacVhwekRkb0xadWhCSFJnNC1TSVFpWW9ad2VxcERtanVkQmMxb1psRVktaURtc1UyYkJCUW82ZDdMTk9MRTlNWGJMNk14WjB2MTV6a3FHVDAyRldEMFFTNlE4QW9DWl80TmE4bUFPX2NMMFNNdG1USHVrNlYtRS1zUWJRQlRKd2xSLWszX18yQ0xqVGZPeHVGcFdvNGthTWsySjh6ZW8wTmt6X1BraGllNmprdUh4bmRxT2FrRW84WEFuZnBIYVVlcXVZNm5EdEpJaFFfNnI1SmlfN1JhZFVXYXRSajJDYlBiUFY2ZXRXVjlQSUh1UVFkOVBMVzFRcjllVkw2U18tSkxuUkFBbkh5SG5MemNQT25LY04zLUtUU3V0ZXNIbE1aR2gtNjBHZ0NIVjliZlZoNW42UXk3cGdicEdQTTRkQjRtSUVHb0trTTFPQUpabll0LU56WTRJbG9vdkFWeXgybG1lb2NSeEdaUm15R3VRWjViNmEtSDlZSXNxbnFLMlYwYk9Edmtjd2ViZ3F4TGZ5U05PMWI2SEwxUUNCN1pmVXRteEdzT3REU2FfRmFCZ0JaOEpqRjJGVUV2T3ItUVZOWTA4RlNIV3BUR0JtcU4ybDY3MG1rWjN4TExvM3c4aWFDYWRpbUtMRGZ5RmpSVE9GNEZocHZjOEpUYXdZZV9KYUViQzJmMmFWRzQ0T01yQzNhZndDQm5YNWVaeEFIaWQxM19uVEJpbUJfTm5NdEExWTFGNm9rbVZPWG1qZURjZjJYT1BMN0VINXN4c3FoREJWbXIxUXk5cnJ1NWlXVTB5SFNTaUVKVGkyT3VFcnRuYldDckVROWhHdFU0WEN3b1Y5Y1dQSWNweUY0RHZ0TGM4eXpHOGk2M0c4N1N3c2JJOWFuMHh2VWl2WWp0NGlCMkd0RW8xQnNWN3pWRGY4QkpRbzVHWmFsSXpJQS00QTJSODhpdGhUa3F4VzhHU0dLcjlpNU9ZTzVvWFFXM0dySDREMGhVM2s4eGFfOW5NYVdlU21VLXgycHdoVnpBaVB2bWx3NFFHZWE4dS1WY3l6NnBLVHpORGg4UUhmcmFiQU9KVlo0dm5peTBKMXZrZUNpaTk5SjRCTmEtcUJ0cmYxMFc1emxNVC13TGVCSzRHQWNzRFA0UzhiUGFqeW1kWV82dUhCZVN6eHR1N0J2VWhEZEo2Q3hYVjB1cVVUVEFHYzcxY0RnazVtY3FkSFdQMFY3b0g2X3FvU2lHNkFtLUo5dHNWZGdULTc2MHJDUHo3M09EUkpob1dsaFd3dWwtelVHYlZnZy1zVVljNlQ0WjM2bDJ0VHc2WVNvWEV1eDYyRmZQaU9yMnJ2b3U0bFREdlBwRXVsX3YtU2dpb2FBdXZFaTFvNFBDbDViYlhkTVhxZ0dQOE1JVWF6UlZ6Wjk3ZDBia0lNR3dLdWtSLTd5OGRJRzNVYVAyNEJEcnRYaTg1eGJmNlpXai13X0JFbUZXYllnR2themdSNEhyU0xzNW1GajRJZG1KUTgxU1FEUUY1WnVoNDVCQkVzdmFlZnh3WllfTTNyZXQwOTBEbUZlc0dzYlFQbHcwTVJ5aG4zaUl3bVVPTENHWUN2UWI1TnN5YmJiN1JMM0t6andqeWt3bWs3Yms0bnJFSFR1TkVRMEc3U2hGNDdrcUNKbWV2eUREU1V6S3JMUUlNaUp3eHVuZzJxb2NVS3pZTWVyX2Y5OGpfeVFfRXVsRF9qbEtpLUFlR1RnaWxRMUZnUGlBeXc2XzZacnRzWE9tbDhXbFVnQ0hPS0ZHYUFFUlJ2U2RNem9iQW10OTZrUF9Lck51YUFfX1RKbng4aUNOVENRTnhhc2NCaVUxQjVvN2taWDM4Qk91ZzNjZjF4Nmxo&i=8-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
Yy4hhggJNdvK23GAqON6pXWErRRgPAEAilJC5DWbsx4UJdPJHvurXQ==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=YnJnckRtRnNtcjExSndvdW1hR0hxTUREb1hGanRkV0gwM1JaNkVkLVF1M19EOWZNOWtSc3hFWmUzVDdRQ1dWR1BDTFQ4aU9jaGdrLUg1VG9LX2R2dTdCdV9Za0Q3RFhEVUg1ZDhKN1Q4ZFhrc3pUa3otU2M1UlBTc2NhQ21HblhKTUQ3N2RhbmNoVmUyYTFFNkRJUWp1YTF0TG8yb3dRdDBaR29fVTJhdnc0M1JObURFV3hiUGtYeXlUV2ZtVlNqd3oxeE1aZUg2X2ZXWkVXVGVPNHJRVXMwbDNyZnJKSm1sZXJBMEZxM2piRjBaVnVjZkJzWW5PdTNPc3I0TUlMUXhHMnpIQUs1cThTaGQ4YWpNNmRIN0lvZy1MNWZiQ195aTRXTi0xdnRmWjRHNVdzbHE1bjRiXzJMX2drRmVGemtLOHZYOE5yN1F4cDVJNjhpZXlzQzg1eDZwbUN6TF9oNzVwUGNBTVBRTGU5RVMyNG1jZXpVRW51dnRnaC1icXN3MllvdGNNeWVqYnBFUTB0d1RrQmlTMXJiVHo1ZHFTMkhNeFZsR2pyWGJoZ3JVUERVUmFMUWFjbWppeTE2aVZvNkpjNE1pdFFZYlhaTThvNmRzSDlsR0hJMmxsUG90RmpDdkVwMlczajNBVUJJVlBadjZyXzJ0ekpDcUxVVlpJdkxTQjNuQWpCZmpCTUVrdEc1VUtiWUdveHFheTNVWHhiaTdFYWN4R3h4eFlyRi1hTkl1V1VEOTBndk9BRFE2dDEzM0FWRS1GbElSZFgtZjg2SmZhYkh1d0tNU0NQbWZsbXhibFRNeGQtQkJZM3d2VERGeHJ4alF0aWUzaUJTa3otWDYwZzlGOVNuT1pBWGIzV0FNS0FVNG5MeEZsLVl6MVAzbGl2Z1NKbEtLSlY0YzlhWVFMLURWUjQza2JETThseURJd0dXZGtoRVhPWmYwWnp3eWpRZnJMb0poaUY5UHRLaFF6emJYeHROWndXVVNjUUcyUS1zV3p2RHhZN3hTUWQtSUtNU2dLRnhkb203UkhRQ09oRTlMZUowQmRkdmVYWlkxZkNfSGNkUVVXS2VSZFlQUmlXam1Jd2VDQzRUaFlYR3pHTTVLaEtUdlRDQWZXX3ZJQmtSLVE2WkRMVkY4b1EzWE1jNTBLbjJ6T01EMGNnU0ItZ3lZb1VXbS1ZSC1CbUFEdEE1VUxxLUhWVHBwOUpYblBZYzRSb2RCOWlOQ2VSVGpHcmdsSjlMR3A3Tl94aUJxNjhNSmFHLXYxMU9kLXRrc1pObTBLcW52dW13TnhTUXUwaHJnMVhRTEhRSGRXdzBaLWgtYU1GTWhQamd3dzVxMjRZWnpNZDUyT0NTeTBYN3FwZy11ZHNjSFl0eTNsZUdBblltYlFURHN0bkF4dmhnWWpDZmdpc014RWZZalNmTWd1cFdkd2l1c1drUmJNU1dYVTRWcllXTktUbjhBemhWNW9nMGJ1RlBSSlNWWEVhLTJaTDVSd2VHaDFNTlVNcHNXYklmV3pPcTBvUGJ5ejNNY3o4ZkNGRm5LMUtWT0ktUUtTRkw1NW1IdTJGRHhKYlByZTE0R0tLQ0Y4VnljT1dTM1lVemI5SnNfQV9kOWY0M2pIdm4tQk9xTnpielZfTEdkSHJYRE5JMHZMQmhoRkNlZG5ackZNOVktQkFVSjBreVNKZ3hqN3FwdnR4Q2lVLXF4eW1OMHNmSDN0LW9mMDhBX3hkeXpHSTdTZkk4a1dEVW9lM3BJMjdqOTNWbXJIMEJvS3Rxc2NHeUlFeTFycWs2YTh3MG9MYTNQeUxRMlg4a3pJdFgxRmlzWjQ1Z2hBcXBkbGNNYUx3Z0VFaWtBY29FSWc3U2lEQmhkYXN5YjhVY1NnOUJOOFBwMmtITndSQlVIOFdiMG5femtuOTF0SjhNZVFCZ0JZQUUmYW1wO2J1bmRsZUlkPSZhbXA7aWFzX2RzcElEPTMmYW1wO2lhc19jYW1wSWQ9MjA0MjYzNjEmYW1wO2lhc19wdWJJZD0xODQ5MTUmYW1wO2lhc19jaGFuSWQ9MTMmYW1wO2lhc19wbGFjZW1lbnRJZD01MTE3ODE2MSZhbXA7YmlkdXJsPWh0dHBzOi8vc2ltcGxlZmx5aW5nLmNvbS90d28tdW5pdGVkLWFpcmxpbmVzLWVtcGxveWVlcy1jaGFyZ2luZy1zdGVhbGluZy1tYXJpanVhbmEtcGFzc2VuZ2VyLWx1Z2dhZ2UmYW1wO2lhc19kZWFsSWQ9JmFtcDthZHNhZmVfcGFyJmFtcDtpYXNfaW1wSWQ9djR%2BfkFCQWpIMGhzcUFPQVJCSVVFdFJNQ2J6ZDlNeFRcIj48L3NjcmlwdD48YSBocmVmPVwiaHR0cHM6Ly9nby5pbnRlZ3JhbGFkcy5jb20vYWQtYmxvY2tpbmctZXhwbGFpbmVyLz91dG1fY2FtcGFpZ249R0xCLWcmYW1wO3V0bV9tZWRpdW09Z2Rpc3BsYXkmYW1wO3V0bV9zb3VyY2U9Z3NpdGVzXCIgdGFyZ2V0PVwiX2JsYW5rXCI%2BPGltZyBzcmM9XCJodHRwczovL3N0YXRpYy5hZHNhZmVwcm90ZWN0ZWQuY29tL0lBU19QYXNzYmFja0Fkc183Mjh4OTAucG5nXCIgd2lkdGg9XCI3MjhcIiBoZWlnaHQ9XCI5MFwiPjwvYT48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBvbmxvYWQ9XCJfX0ludGVncmFsQVNFdmVudExvYWRIYW5kbGVyXzY5YmFhYWQ1YjU2ZWFlYTk0NzM0YjI4OWMyNzM4NjQ3ICZhbXA7JmFtcDsgX19JbnRlZ3JhbEFTRXZlbnRMb2FkSGFuZGxlcl82OWJhYWFkNWI1NmVhZWE5NDczNGIyODljMjczODY0NygpXCIgc3JjPVwiaHR0cHM6Ly9mdy5hZHNhZmVwcm90ZWN0ZWQuY29tL3Jmdy9iZ2QvMTM2MjQ4Ny82OTYzMTI3Mi94YmJlL2NyZWF0aXZlL2Fkaj9wPUFQRXVjTlV5dng1MkwxTWVSREt5cHM5STNmMkNlV0Y2NFdlXzU2bG1CZXh0LXozb2FoVGpEVUUmYW1wO2Q9Q29rQkFLQW1mLURMQnlTTDZ1a2pxaEJQRXVobm9UdjJHekxNaTAwX3N2bU1QSGc1akk4RVc4SDF0VHdRdUJoMFVHUDBfcGc4WTFpLW9SczBLVGJYYkFtYmtKM3BkY3ZJLW1fdlpxWHB6RGRvTFp1aEJIUmc0LVNJUWlZb1p3ZXFwRG1qdWRCYzFvWmxFWS1pRG1zVTJiQkJRbzZkN0xOT0xFOU1YYkw2TXhaMHYxNXprcUdUMDJGV0QwUVM2UThBb0NaXzROYThtQU9fY0wwU010bVRIdWs2Vi1FLXNRYlFCVEp3bFItazNfXzJDTGpUZk94dUZwV280a2FNazJKOHplbzBOa3pfUGtoaWU2amt1SHhuZHFPYWtFbzhYQW5mcEhhVWVxdVk2bkR0SkloUV82cjVKaV83UmFkVVdhdFJqMkNiUGJQVjZldFdWOVBJSHVRUWQ5UExXMVFyOWVWTDZTXy1KTG5SQUFuSHlIbkx6Y1BPbktjTjMtS1RTdXRlc0hsTVpHaC02MEdnQ0hWOWJmVmg1bjZReTdwZ2JwR1BNNGRCNG1JRUdvS2tNMU9BSlpuWXQtTnpZNElsb292QVZ5eDJsbWVvY1J4R1pSbXlHdVFaNWI2YS1IOVlJc3FucUsyVjBiT0R2a2N3ZWJncXhMZnlTTk8xYjZITDFRQ0I3WmZVdG14R3NPdERTYV9GYUJnQlo4SmpGMkZVRXZPci1RVk5ZMDhGU0hXcFRHQm1xTjJsNjcwbWtaM3hMTG8zdzhpYUNhZGltS0xEZnlGalJUT0Y0RmhwdmM4SlRhd1llX0phRWJDMmYyYVZHNDRPTXJDM2Fmd0NCblg1ZVp4QUhpZDEzX25UQmltQl9Obk10QTFZMUY2b2ttVk9YbWplRGNmMlhPUEw3RUg1c3hzcWhEQlZtcjFReTlycnU1aVdVMHlIU1NpRUpUaTJPdUVydG5iV0NyRVE5aEd0VTRYQ3dvVjljV1BJY3B5RjREdnRMYzh5ekc4aTYzRzg3U3dzYkk5YW4weHZVaXZZanQ0aUIyR3RFbzFCc1Y3elZEZjhCSlFvNUdaYWxJeklBLTRBMlI4OGl0aFRrcXhXOEdTR0tyOWk1T1lPNW9YUVczR3JINEQwaFUzazh4YV85bk1hV2VTbVUteDJwd2hWekFpUHZtbHc0UUdlYTh1LVZjeXo2cEtUek5EaDhRSGZyYWJBT0pWWjR2bml5MEoxdmtlQ2lpOTlKNEJOYS1xQnRyZjEwVzV6bE1ULXdMZUJLNEdBY3NEUDRTOGJQYWp5bWRZXzZ1SEJlU3p4dHU3QnZVaERkSjZDeFhWMHVxVVRUQUdjNzFjRGdrNW1jcWRIV1AwVjdvSDZfcW9TaUc2QW0tSjl0c1ZkZ1QtNzYwckNQejczT0RSSmhvV2xoV3d1bC16VUdiVmdnLXNVWWM2VDRaMzZsMnRUdzZZU29YRXV4NjJGZlBpT3IycnZvdTRsVER2UHBFdWxfdi1TZ2lvYUF1dkVpMW80UENsNWJiWGRNWHFnR1A4TUlVYXpSVnpaOTdkMGJrSU1Hd0t1a1ItN3k4ZElHM1VhUDI0QkRydFhpODV4YmY2WldqLXdfQkVtRldiWWdHa2F6Z1I0SHJTTHM1bUZqNElkbUpRODFTUURRRjVadWg0NUJCRXN2YWVmeHdaWV9NM3JldDA5MERtRmVzR3NiUVBsdzBNUnlobjNpSXdtVU9MQ0dZQ3ZRYjVOc3liYmI3UkwzS3pqd2p5a3dtazdiazRuckVIVHVORVEwRzdTaEY0N2txQ0ptZXZ5RERTVXpLckxRSU1pSnd4dW5nMnFvY1VLellNZXJfZjk4al95UV9FdWxEX2psS2ktQWVHVGdpbFExRmdQaUF5dzZfNlpydHNYT21sOFdsVWdDSE9LRkdhQUVSUnZTZE16b2JBbXQ5NmtQX0tyTnVhQV9fVEpueDhpQ05UQ1FOeGFzY0JpVTFCNW83a1pYMzhCT3VnM2NmMXg2bGhicmdyRG1Gc21yMTFKd291bWFHSHFNRERvWEZqdGRXSDAzUlo2RWQtUXUzX0Q5Zk05a1JzeEVaZTNUN1FDV1ZHUENMVDhpT2NoZ2stSDVUb0tfZHZ1N0J1X1lrRDdEWERVSDVkOEo3VDhkWGtzelRrei1TYzVSUFNzY2FDbUduWEpNRDc3ZGFuY2hWZTJhMUU2RElRanVhMXRMbzJvd1F0MFpHb19VMmF2dzQzUk5tREVXeGJQa1h5eVRXZm1WU2p3ejF4TVplSDZfZldaRVdUZU80clFVczBsM3JmckpKbWxlckEwRnEzamJGMFpWdWNmQnNZbk91M09zcjRNSUxReEcyekhBSzVxOFNoZDhhak02ZEg3SW9nLUw1ZmJDX3lpNFdOLTF2dGZaNEc1V3NscTVuNGJfMkxfZ2tGZUZ6a0s4dlg4TnI3UXhwNUk2OGlleXNDODV4NnBtQ3pMX2g3NXBQY0FNUFFMZTlFUzI0bWNlelVFbnV2dGdoLWJxc3cyWW90Y015ZWpicEVRMHR3VGtCaVMxcmJUejVkcVMySE14VmxHanJYYmhnclVQRFVSYUxRYWNtaml5MTZpVm82SmM0TWl0UVliWFpNOG82ZHNIOWxHSEkybGxQb3RGakN2RXAyVzNqM0FVQklWUFp2NnJfMnR6SkNxTFVWWkl2TFNCM25BakJmakJNRWt0RzVVS2JZR294cWF5M1VYeGJpN0VhY3hHeHh4WXJGLWFOSXVXVUQ5MGd2T0FEUTZ0MTMzQVZFLUZsSVJkWC1mODZKZmFiSHV3S01TQ1BtZmxteGJsVE14ZC1CQlkzd3ZUREZ4cnhqUXRpZTNpQlNrei1YNjBnOUY5U25PWkFYYjNXQU1LQVU0bkx4RmwtWXoxUDNsaXZnU0psS0tKVjRjOWFZUUwtRFZSNDNrYkRNOGx5REl3R1dka2hFWE9aZjBaend5alFmckxvSmhpRjlQdEtoUXp6Ylh4dE5ad1dVU2NRRzJRLXNXenZEeFk3eFNRZC1JS01TZ0tGeGRvbTdSSFFDT2hFOUxlSjBCZGR2ZVhaWTFmQ19IY2RRVVdLZVJkWVBSaVdqbUl3ZUNDNFRoWVhHekdNNUtoS1R2VENBZldfdklCa1ItUTZaRExWRjhvUTNYTWM1MEtuMnpPTUQwY2dTQi1neVlvVVdtLVlILUJtQUR0QTVVTHEtSFZUcHA5SlhuUFljNFJvZEI5aU5DZVJUakdyZ2xKOUxHcDdOX3hpQnE2OE1KYUctdjExT2QtdGtzWk5tMEtxbnZ1bXdOeFNRdTBocmcxWFFMSFFIZFd3MFotaC1hTUZNaFBqZ3d3NXEyNFlaek1kNTJPQ1N5MFg3cXBnLXVkc2NIWXR5M2xlR0FuWW1iUVREc3RuQXh2aGdZakNmZ2lzTXhFZllqU2ZNZ3VwV2R3aXVzV2tSYk1TV1hVNFZyWVdOS1RuOEF6aFY1b2cwYnVGUFJKU1ZYRWEtMlpMNVJ3ZUdoMU1OVU1wc1diSWZXek9xMG9QYnl6M01jejhmQ0ZGbksxS1ZPSS1RS1NGTDU1bUh1MkZEeEpiUHJlMTRHS0tDRjhWeWNPV1MzWVV6YjlKc19BX2Q5ZjQzakh2bi1CT3FOemJ6Vl9MR2RIclhETkkwdkxCaGhGQ2VkblpyRk05WS1CQVVKMGt5U0pneGo3cXB2dHhDaVUtcXh5bU4wc2ZIM3Qtb2YwOEFfeGR5ekdJN1NmSThrV0RVb2UzcEkyN2o5M1ZtckgwQm9LdHFzY0d5SUV5MXJxazZhOHcwb0xhM1B5TFEyWDhrekl0WDFGaXNaNDVnaEFxcGRsY01hTHdnRUVpa0Fjb0VJZzdTaURCaGRhc3liOFVjU2c5Qk44UHAya0hOd1JCVUg4V2Iwbl96a245MXRKOE1lUUJnQllBRSZhbXA7YnVuZGxlSWQ9JmFtcDtpYXNfZHNwSUQ9MyZhbXA7aWFzX2NhbXBJZD0yMDQyNjM2MSZhbXA7aWFzX3B1YklkPTE4NDkxNSZhbXA7aWFzX2NoYW5JZD0xMyZhbXA7aWFzX3BsYWNlbWVudElkPTUxMTc4MTYxJmFtcDtiaWR1cmw9aHR0cHM6Ly9zaW1wbGVmbHlpbmcuY29tL3R3by11bml0ZWQtYWlybGluZXMtZW1wbG95ZWVzLWNoYXJnaW5nLXN0ZWFsaW5nLW1hcmlqdWFuYS1wYXNzZW5nZXItbHVnZ2FnZSZhbXA7aWFzX2RlYWxJZD0mYW1wO2Fkc2FmZV9wYXImYW1wO2lhc19pbXBJZD12NH5%2BQUJBakgwaHNxQU9BUkJJVUV0Uk1DYnpkOU14VCZhbXA7YWRzYWZlX3VybD1odHRwcyUzQSUyRiUyRnNpbXBsZWZseWluZy5jb20mYW1wO2Fkc2FmZV90eXBlPXkmYW1wO2Fkc2FmZV91cmw9aHR0cHMlM0ElMkYlMkZkODNiMmUzYmM3MWZkOTc0YWYyNGI4M2Y1MTAwZmYwMy5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tJTJGJmFtcDthZHNhZmVfdHlwZT1mJmFtcDthZHNhZmVfdXJsPWh0dHBzJTNBJTJGJTJGc2ltcGxlZmx5aW5nLmNvbSUyRnR3by11bml0ZWQtYWlybGluZXMtZW1wbG95ZWVzLWNoYXJnaW5nLXN0ZWFsaW5nLW1hcmlqdWFuYS1wYXNzZW5nZXItbHVnZ2FnZSUyRiZhbXA7YWRzYWZlX3R5cGU9ZSZhbXA7YWRzYWZlX3VybD1odHRwcyUzQSUyRiUyRmQ4M2IyZTNiYzcxZmQ5NzRhZjI0Yj&i=9-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
VMx-FPDbPm8HNpYgIsTw7Rix0AsG8oFF4A4-WancRKK5utAwoggr_w==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=gzZjUxMDBmZjAzLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20lMkZzYWZlZnJhbWUlMkYxLTAtNDAlMkZodG1sJTJGY29udGFpbmVyLmh0bWwmYW1wO2Fkc2FmZV90eXBlPWQmYW1wO2Fkc2FmZV9qc2luZm89LGlkOjY5YmFhYWQ1LWI1NmUtYWVhOS00NzM0LWIyODljMjczODY0NyxjOmZRZ2pvZyxzbDpvdXRPZlZpZXcsZW06dHJ1ZSxmcjpmYWxzZSx0aGQ6MSxtbjpqc3NlcnZlci1wcmltYXJ5LTZkZDk1NzQ3ZmQtejU0NHAscmc6dmEscHQ6MS01LTE1LHdjOjAuMC4xNjAwLjEyMDAsYWM6TmFOLk5hTi43MjguOTAsYW06aSxjYzpOYU4uTmFOLjcyOC45MCxwaXY6MCxvYnN0OjAsdGg6MCxyZWFzOnIsbXU6MTAwMDAsYnI6YyxicnU6YyxhbjpuLG9hbTowLHNjbTpncnBtMSxtdGltOjMsbW90OjAsYXBwOjAsbWF3OjAsZm06dEh1Nk1tVCsxMSU3QzEyJTdDMTMlN0MxNCU3QzE1JTdDMTYlN0MxNyU3QzE4JTdDMTkxJTdDMTkyJTdDMTkzJTdDMTk0JTdDMTk1JTdDMTk2JTdDMTk3JTdDMTk4JTdDMTk5JTdDMTlhJTdDMTliJTdDMTljJTdDMTlkJTdDMTllJTdDMTlmJTdDMTlnJTdDMTloJTdDMWElN0MxYiU3QzFjMTExJTdDMWMxMjElN0MxYzEyMiU3QzFjMTMlN0MxYzE0JTdDMWMxNSU3QzFjMTYlN0MxYzE3JTdDMWMxOCU3QzFjMTklN0MxYzFhJTdDMWMxYiU3QzFjMWMlN0MxYzFkJTdDMWMxZSU3QzFkJTdDMWUlN0MxZiU3QzFnMSU3QzFnMjElN0MxZzIyJTdDMWczJTdDMWgqLjEzNjI0ODctNjk2MzEyNzIlN0MxaDElN0MxaSU3QzFqJTdDMWslN0MxbCU3QzFtJTdDMW4lN0MxbyU3QzFwJTdDMXElN0MxciU3QzFzJTdDMXQxJTdDMXQyJTdDMXUxJTdDMXUyJTdDMXUzJTdDMXYlN0MxdyxpZE1hcDoxaCoscGw6Q1Y4TC5WRUJvLjBZdEMscm1lYXM6MSxyZW5kOjAscmVuZGRldDpJTUcudXMsZXM6MCxzYzoxLGhhOjEsZmdhZDoxLGZpZjowLGdtbnA6MCxmb3I6MCxiMTE6MCxjbm9kOjEsZ206MSx0dDpyanNzLGV0OjQ5LG9pZDpkOWI3YjhjYS0wZDY4LTExZWUtYjc1YS0zYWJkMzI3MjM3ZWEsdjoxOS44LjQxNyxzcDowLHN0OjAsZndtOjAsd3I6MTYwMC4xMjAwLHNyOjE2MDAuMTIwMCxvdjowXCIgcmVmZXJyZXJwb2xpY3k9XCJuby1yZWZlcnJlci13aGVuLWRvd25ncmFkZVwiPjwvc2NyaXB0Pjxub3NjcmlwdD48QSBIUkVGPVwiaHR0cHM6Ly9iaWQuZy5kb3VibGVjbGljay5uZXQveGJiZS9jcmVhdGl2ZS9qdW1wP3A9QVBFdWNOVXl2eDUyTDFNZVJES3lwczlJM2YyQ2VXRjY0V2VfNTZsbUJleHQtejNvYWhUakRVRSZkPUNva0JBS0FtZi1ETEJ5U0w2dWtqcWhCUEV1aG5vVHYyR3pMTWkwMF9zdm1NUEhnNWpJOEVXOEgxdFR3UXVCaDBVR1AwX3BnOFkxaS1vUnMwS1RiWGJBbWJrSjNwZGN2SS1tX3ZacVhwekRkb0xadWhCSFJnNC1TSVFpWW9ad2VxcERtanVkQmMxb1psRVktaURtc1UyYkJCUW82ZDdMTk9MRTlNWGJMNk14WjB2MTV6a3FHVDAyRldEMFFTNlE4QW9DWl80TmE4bUFPX2NMMFNNdG1USHVrNlYtRS1zUWJRQlRKd2xSLWszX18yQ0xqVGZPeHVGcFdvNGthTWsySjh6ZW8wTmt6X1BraGllNmprdUh4bmRxT2FrRW84WEFuZnBIYVVlcXVZNm5EdEpJaFFfNnI1SmlfN1JhZFVXYXRSajJDYlBiUFY2ZXRXVjlQSUh1UVFkOVBMVzFRcjllVkw2U18tSkxuUkFBbkh5SG5MemNQT25LY04zLUtUU3V0ZXNIbE1aR2gtNjBHZ0NIVjliZlZoNW42UXk3cGdicEdQTTRkQjRtSUVHb0trTTFPQUpabll0LU56WTRJbG9vdkFWeXgybG1lb2NSeEdaUm15R3VRWjViNmEtSDlZSXNxbnFLMlYwYk9Edmtjd2ViZ3F4TGZ5U05PMWI2SEwxUUNCN1pmVXRteEdzT3REU2FfRmFCZ0JaOEpqRjJGVUV2T3ItUVZOWTA4RlNIV3BUR0JtcU4ybDY3MG1rWjN4TExvM3c4aWFDYWRpbUtMRGZ5RmpSVE9GNEZocHZjOEpUYXdZZV9KYUViQzJmMmFWRzQ0T01yQzNhZndDQm5YNWVaeEFIaWQxM19uVEJpbUJfTm5NdEExWTFGNm9rbVZPWG1qZURjZjJYT1BMN0VINXN4c3FoREJWbXIxUXk5cnJ1NWlXVTB5SFNTaUVKVGkyT3VFcnRuYldDckVROWhHdFU0WEN3b1Y5Y1dQSWNweUY0RHZ0TGM4eXpHOGk2M0c4N1N3c2JJOWFuMHh2VWl2WWp0NGlCMkd0RW8xQnNWN3pWRGY4QkpRbzVHWmFsSXpJQS00QTJSODhpdGhUa3F4VzhHU0dLcjlpNU9ZTzVvWFFXM0dySDREMGhVM2s4eGFfOW5NYVdlU21VLXgycHdoVnpBaVB2bWx3NFFHZWE4dS1WY3l6NnBLVHpORGg4UUhmcmFiQU9KVlo0dm5peTBKMXZrZUNpaTk5SjRCTmEtcUJ0cmYxMFc1emxNVC13TGVCSzRHQWNzRFA0UzhiUGFqeW1kWV82dUhCZVN6eHR1N0J2VWhEZEo2Q3hYVjB1cVVUVEFHYzcxY0RnazVtY3FkSFdQMFY3b0g2X3FvU2lHNkFtLUo5dHNWZGdULTc2MHJDUHo3M09EUkpob1dsaFd3dWwtelVHYlZnZy1zVVljNlQ0WjM2bDJ0VHc2WVNvWEV1eDYyRmZQaU9yMnJ2b3U0bFREdlBwRXVsX3YtU2dpb2FBdXZFaTFvNFBDbDViYlhkTVhxZ0dQOE1JVWF6UlZ6Wjk3ZDBia0lNR3dLdWtSLTd5OGRJRzNVYVAyNEJEcnRYaTg1eGJmNlpXai13X0JFbUZXYllnR2themdSNEhyU0xzNW1GajRJZG1KUTgxU1FEUUY1WnVoNDVCQkVzdmFlZnh3WllfTTNyZXQwOTBEbUZlc0dzYlFQbHcwTVJ5aG4zaUl3bVVPTENHWUN2UWI1TnN5YmJiN1JMM0t6andqeWt3bWs3Yms0bnJFSFR1TkVRMEc3U2hGNDdrcUNKbWV2eUREU1V6S3JMUUlNaUp3eHVuZzJxb2NVS3pZTWVyX2Y5OGpfeVFfRXVsRF9qbEtpLUFlR1RnaWxRMUZnUGlBeXc2XzZacnRzWE9tbDhXbFVnQ0hPS0ZHYUFFUlJ2U2RNem9iQW10OTZrUF9Lck51YUFfX1RKbng4aUNOVENRTnhhc2NCaVUxQjVvN2taWDM4Qk91ZzNjZjF4NmxoYnJnckRtRnNtcjExSndvdW1hR0hxTUREb1hGanRkV0gwM1JaNkVkLVF1M19EOWZNOWtSc3hFWmUzVDdRQ1dWR1BDTFQ4aU9jaGdrLUg1VG9LX2R2dTdCdV9Za0Q3RFhEVUg1ZDhKN1Q4ZFhrc3pUa3otU2M1UlBTc2NhQ21HblhKTUQ3N2RhbmNoVmUyYTFFNkRJUWp1YTF0TG8yb3dRdDBaR29fVTJhdnc0M1JObURFV3hiUGtYeXlUV2ZtVlNqd3oxeE1aZUg2X2ZXWkVXVGVPNHJRVXMwbDNyZnJKSm1sZXJBMEZxM2piRjBaVnVjZkJzWW5PdTNPc3I0TUlMUXhHMnpIQUs1cThTaGQ4YWpNNmRIN0lvZy1MNWZiQ195aTRXTi0xdnRmWjRHNVdzbHE1bjRiXzJMX2drRmVGemtLOHZYOE5yN1F4cDVJNjhpZXlzQzg1eDZwbUN6TF9oNzVwUGNBTVBRTGU5RVMyNG1jZXpVRW51dnRnaC1icXN3MllvdGNNeWVqYnBFUTB0d1RrQmlTMXJiVHo1ZHFTMkhNeFZsR2pyWGJoZ3JVUERVUmFMUWFjbWppeTE2aVZvNkpjNE1pdFFZYlhaTThvNmRzSDlsR0hJMmxsUG90RmpDdkVwMlczajNBVUJJVlBadjZyXzJ0ekpDcUxVVlpJdkxTQjNuQWpCZmpCTUVrdEc1VUtiWUdveHFheTNVWHhiaTdFYWN4R3h4eFlyRi1hTkl1V1VEOTBndk9BRFE2dDEzM0FWRS1GbElSZFgtZjg2SmZhYkh1d0tNU0NQbWZsbXhibFRNeGQtQkJZM3d2VERGeHJ4alF0aWUzaUJTa3otWDYwZzlGOVNuT1pBWGIzV0FNS0FVNG5MeEZsLVl6MVAzbGl2Z1NKbEtLSlY0YzlhWVFMLURWUjQza2JETThseURJd0dXZGtoRVhPWmYwWnp3eWpRZnJMb0poaUY5UHRLaFF6emJYeHROWndXVVNjUUcyUS1zV3p2RHhZN3hTUWQtSUtNU2dLRnhkb203UkhRQ09oRTlMZUowQmRkdmVYWlkxZkNfSGNkUVVXS2VSZFlQUmlXam1Jd2VDQzRUaFlYR3pHTTVLaEtUdlRDQWZXX3ZJQmtSLVE2WkRMVkY4b1EzWE1jNTBLbjJ6T01EMGNnU0ItZ3lZb1VXbS1ZSC1CbUFEdEE1VUxxLUhWVHBwOUpYblBZYzRSb2RCOWlOQ2VSVGpHcmdsSjlMR3A3Tl94aUJxNjhNSmFHLXYxMU9kLXRrc1pObTBLcW52dW13TnhTUXUwaHJnMVhRTEhRSGRXdzBaLWgtYU1GTWhQamd3dzVxMjRZWnpNZDUyT0NTeTBYN3FwZy11ZHNjSFl0eTNsZUdBblltYlFURHN0bkF4dmhnWWpDZmdpc014RWZZalNmTWd1cFdkd2l1c1drUmJNU1dYVTRWcllXTktUbjhBemhWNW9nMGJ1RlBSSlNWWEVhLTJaTDVSd2VHaDFNTlVNcHNXYklmV3pPcTBvUGJ5ejNNY3o4ZkNGRm5LMUtWT0ktUUtTRkw1NW1IdTJGRHhKYlByZTE0R0tLQ0Y4VnljT1dTM1lVemI5SnNfQV9kOWY0M2pIdm4tQk9xTnpielZfTEdkSHJYRE5JMHZMQmhoRkNlZG5ackZNOVktQkFVSjBreVNKZ3hqN3FwdnR4Q2lVLXF4eW1OMHNmSDN0LW9mMDhBX3hkeXpHSTdTZkk4a1dEVW9lM3BJMjdqOTNWbXJIMEJvS3Rxc2NHeUlFeTFycWs2YTh3MG9MYTNQeUxRMlg4a3pJdFgxRmlzWjQ1Z2hBcXBkbGNNYUx3Z0VFaWtBY29FSWc3U2lEQmhkYXN5YjhVY1NnOUJOOFBwMmtITndSQlVIOFdiMG5femtuOTF0SjhNZVFCZ0JZQUVcIj48SU1HIFNSQz1cImh0dHBzOi8vZncuYWRzYWZlcHJvdGVjdGVkLmNvbS9yZncvYmdkLzEzNjI0ODcvNjk2MzEyNzEveGJiZS9jcmVhdGl2ZS9hZD9wPUFQRXVjTlV5dng1MkwxTWVSREt5cHM5STNmMkNlV0Y2NFdlXzU2bG1CZXh0LXozb2FoVGpEVUUmZD1Db2tCQUtBbWYtRExCeVNMNnVranFoQlBFdWhub1R2Mkd6TE1pMDBfc3ZtTVBIZzVqSThFVzhIMXRUd1F1QmgwVUdQMF9wZzhZMWktb1JzMEtUYlhiQW1ia0ozcGRjdkktbV92WnFYcHpEZG9MWnVoQkhSZzQtU0lRaVlvWndlcXBEbWp1ZEJjMW9abEVZLWlEbXNVMmJCQlFvNmQ3TE5PTEU5TVhiTDZNeFowdjE1emtxR1QwMkZXRDBRUzZROEFvQ1pfNE5hOG1BT19jTDBTTXRtVEh1azZWLUUtc1FiUUJUSndsUi1rM19fMkNMalRmT3h1RnBXbzRrYU1rMko4emVvME5rel9Qa2hpZTZqa3VIeG5kcU9ha0VvOFhBbmZwSGFVZXF1WTZuRHRKSWhRXzZyNUppXzdSYWRVV2F0UmoyQ2JQYlBWNmV0V1Y5UElIdVFRZDlQTFcxUXI5ZVZMNlNfLUpMblJBQW5IeUhuTHpjUE9uS2NOMy1LVFN1dGVzSGxNWkdoLTYwR2dDSFY5YmZWaDVuNlF5N3BnYnBHUE00ZEI0bUlFR29La00xT0FKWm5ZdC1Oelk0SWxvb3ZBVnl4MmxtZW9jUnhHWlJteUd1UVo1YjZhLUg5WUlzcW5xSzJWMGJPRHZrY3dlYmdxeExmeVNOTzFiNkhMMVFDQjdaZlV0bXhHc090RFNhX0ZhQmdCWjhKakYyRlVFdk9yLVFWTlkwOEZTSFdwVEdCbXFOMmw2NzBta1ozeExMbzN3OGlhQ2FkaW1LTERmeUZqUlRPRjRGaHB2YzhKVGF3WWVfSmFFYkMyZjJhVkc0NE9NckMzYWZ3Q0JuWDVlWnhBSGlkMTNfblRCaW1CX05uTXRBMVkxRjZva21WT1htamVEY2YyWE9QTDdFSDVzeHNxaERCVm1yMVF5OXJydTVpV1UweUhTU2lFSlRpMk91RXJ0bmJXQ3JFUTloR3RVNFhDd29WOWNXUEljcHlGNER2dExjOHl6RzhpNjNHODdTd3NiSTlhbjB4dlVpdllqdDRpQjJHdEVvMUJzVjd6VkRmOEJKUW81R1phbEl6SUEtNEEyUjg4aXRoVGtxeFc4R1NHS3I5aTVPWU81b1hRVzNHckg0RDBoVTNrOHhhXzluTWFXZVNtVS14MnB3aFZ6QWlQdm1sdzRRR2VhOHUtVmN5ejZwS1R6TkRoOFFIZnJhYkFPSlZaNHZuaXkwSjF2a2VDaWk5OUo0Qk5hLXFCdHJmMTBXNXpsTVQtd0xlQks0R0Fjc0RQNFM4YlBhanltZFlfNnVIQmVTenh0dTdCdlVoRGRKNkN4WFYwdXFVVFRBR2M3MWNEZ2s1bWNxZEhXUDBWN29INl9xb1NpRzZBbS1KOXRzVmRnVC03NjByQ1B6NzNPRFJKaG9XbGhXd3VsLXpVR2JWZ2ctc1VZYzZUNFozNmwydFR3NllTb1hFdXg2MkZmUGlPcjJydm91NGxURHZQcEV1bF92LVNnaW9hQXV2RWkxbzRQQ2w1YmJYZE1YcWdHUDhNSVVhelJWelo5N2QwYmtJTUd3S3VrUi03eThkSUczVWFQMjRCRHJ0WGk4NXhiZjZaV2otd19CRW1GV2JZZ0drYXpnUjRIclNMczVtRmo0SWRtSlE4MVNRRFFGNVp1aDQ1QkJFc3ZhZWZ4d1pZX00zcmV0MDkwRG1GZXNHc2JRUGx3ME1SeWhuM2lJd21VT0xDR1lDdlFiNU5zeWJiYjdSTDNLemp3anlrd21rN2JrNG5yRUhUdU5FUTBHN1NoRjQ3a3FDSm1ldnlERFNVektyTFFJTWlKd3h1bmcycW9jVUt6WU1lcl9mOThqX3lRX0V1bERfamxLaS1BZUdUZ2lsUTFGZ1BpQXl3Nl82WnJ0c1hPbWw4V2xVZ0NIT0tGR2FBRVJSdlNkTXpvYkFtdDk2a1BfS3JOdWFBX19USm54OGlDTlRDUU54YXNjQmlVMUI1bzdrWlgzOEJPdWczY2YxeDZsaGJyZ3JEbUZzbXIxMUp3b3VtYUdIcU1ERG9YRmp0ZFdIMDNSWjZFZC1RdTNfRDlmTTlrUnN4RVplM1Q3UUNXVkdQQ0xUOGlPY2hnay1INVRvS19kdnU3QnVfWWtEN0RYRFVINWQ4SjdUOGRYa3N6VGt6LVNjNVJQU3&i=10-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
DQ3Y26s1HuT7t65HUdJMf2s8-lamswXKh5AICZQc5avKM_sJcfayQg==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=NjYUNtR25YSk1ENzdkYW5jaFZlMmExRTZESVFqdWExdExvMm93UXQwWkdvX1UyYXZ3NDNSTm1ERVd4YlBrWHl5VFdmbVZTand6MXhNWmVINl9mV1pFV1RlTzRyUVVzMGwzcmZySkptbGVyQTBGcTNqYkYwWlZ1Y2ZCc1luT3UzT3NyNE1JTFF4RzJ6SEFLNXE4U2hkOGFqTTZkSDdJb2ctTDVmYkNfeWk0V04tMXZ0Zlo0RzVXc2xxNW40Yl8yTF9na0ZlRnprSzh2WDhOcjdReHA1STY4aWV5c0M4NXg2cG1DekxfaDc1cFBjQU1QUUxlOUVTMjRtY2V6VUVudXZ0Z2gtYnFzdzJZb3RjTXllamJwRVEwdHdUa0JpUzFyYlR6NWRxUzJITXhWbEdqclhiaGdyVVBEVVJhTFFhY21qaXkxNmlWbzZKYzRNaXRRWWJYWk04bzZkc0g5bEdISTJsbFBvdEZqQ3ZFcDJXM2ozQVVCSVZQWnY2cl8ydHpKQ3FMVVZaSXZMU0IzbkFqQmZqQk1Fa3RHNVVLYllHb3hxYXkzVVh4Ymk3RWFjeEd4eHhZckYtYU5JdVdVRDkwZ3ZPQURRNnQxMzNBVkUtRmxJUmRYLWY4NkpmYWJIdXdLTVNDUG1mbG14YmxUTXhkLUJCWTN3dlRERnhyeGpRdGllM2lCU2t6LVg2MGc5RjlTbk9aQVhiM1dBTUtBVTRuTHhGbC1ZejFQM2xpdmdTSmxLS0pWNGM5YVlRTC1EVlI0M2tiRE04bHlESXdHV2RraEVYT1pmMFp6d3lqUWZyTG9KaGlGOVB0S2hRenpiWHh0Tlp3V1VTY1FHMlEtc1d6dkR4WTd4U1FkLUlLTVNnS0Z4ZG9tN1JIUUNPaEU5TGVKMEJkZHZlWFpZMWZDX0hjZFFVV0tlUmRZUFJpV2ptSXdlQ0M0VGhZWEd6R001S2hLVHZUQ0FmV192SUJrUi1RNlpETFZGOG9RM1hNYzUwS24yek9NRDBjZ1NCLWd5WW9VV20tWUgtQm1BRHRBNVVMcS1IVlRwcDlKWG5QWWM0Um9kQjlpTkNlUlRqR3JnbEo5TEdwN05feGlCcTY4TUphRy12MTFPZC10a3NaTm0wS3FudnVtd054U1F1MGhyZzFYUUxIUUhkV3cwWi1oLWFNRk1oUGpnd3c1cTI0WVp6TWQ1Mk9DU3kwWDdxcGctdWRzY0hZdHkzbGVHQW5ZbWJRVERzdG5BeHZoZ1lqQ2ZnaXNNeEVmWWpTZk1ndXBXZHdpdXNXa1JiTVNXWFU0VnJZV05LVG44QXpoVjVvZzBidUZQUkpTVlhFYS0yWkw1UndlR2gxTU5VTXBzV2JJZld6T3Ewb1BieXozTWN6OGZDRkZuSzFLVk9JLVFLU0ZMNTVtSHUyRkR4SmJQcmUxNEdLS0NGOFZ5Y09XUzNZVXpiOUpzX0FfZDlmNDNqSHZuLUJPcU56YnpWX0xHZEhyWEROSTB2TEJoaEZDZWRuWnJGTTlZLUJBVUowa3lTSmd4ajdxcHZ0eENpVS1xeHltTjBzZkgzdC1vZjA4QV94ZHl6R0k3U2ZJOGtXRFVvZTNwSTI3ajkzVm1ySDBCb0t0cXNjR3lJRXkxcnFrNmE4dzBvTGEzUHlMUTJYOGt6SXRYMUZpc1o0NWdoQXFwZGxjTWFMd2dFRWlrQWNvRUlnN1NpREJoZGFzeWI4VWNTZzlCTjhQcDJrSE53UkJVSDhXYjBuX3prbjkxdEo4TWVRQmdCWUFFJmJ1bmRsZUlkPSZpYXNfZHNwSUQ9MyZpYXNfY2FtcElkPTIwNDI2MzYxJmlhc19wdWJJZD0xODQ5MTUmaWFzX2NoYW5JZD0xMyZpYXNfcGxhY2VtZW50SWQ9NTExNzgxNjEmYmlkdXJsPWh0dHBzOi8vc2ltcGxlZmx5aW5nLmNvbS90d28tdW5pdGVkLWFpcmxpbmVzLWVtcGxveWVlcy1jaGFyZ2luZy1zdGVhbGluZy1tYXJpanVhbmEtcGFzc2VuZ2VyLWx1Z2dhZ2UmaWFzX2RlYWxJZD0mYWRzYWZlX3BhciZpYXNfaW1wSWQ9djR%2BfkFCQWpIMGhzcUFPQVJCSVVFdFJNQ2J6ZDlNeFRcIiBCT1JERVI9MCBXSURUSD03MjggSEVJR0hUPTkwIEFMVD1cIkFkdmVydGlzZW1lbnRcIj48L0E%2BPC9ub3NjcmlwdD48L2Rpdj48L2Rpdj48L2Rpdj48aWZyYW1lIHdpZHRoPVwiMFwiIGhlaWdodD1cIjBcIiBmcmFtZWJvcmRlcj1cIjBcIiBzY3JvbGxpbmc9XCJub1wiIHNyYz1cImh0dHBzOi8vc3N1bS1zZWMuY2FzYWxlbWVkaWEuY29tL3VzZXJtYXRjaD9peF91bT0xJmFtcDtjYj1odHRwcyUzQSUyRiUyRmpzLXNlYy5pbmRleHd3LmNvbSUyRmh0JTJGaHR3LXBpeGVsLmdpZiUzRiZhbXA7cz0xODQ5MTUmYW1wO3VzX3ByaXZhY3k9JmFtcDtnZHByX2NvbnNlbnQ9JmFtcDtnZHByPTAmYW1wO2dwcD0mYW1wO2dwcF9zaWQ9XCIgc3R5bGU9XCJkaXNwbGF5OiBub25lO1wiIG1hcmdpbmhlaWdodD1cIjBcIiBtYXJnaW53aWR0aD1cIjBcIj48L2lmcmFtZT48L2Rpdj48ZGl2IHN0eWxlPVwicG9zaXRpb246IGFic29sdXRlOyB3aWR0aDogMTAwJTsgb3BhY2l0eTogMDsgaGVpZ2h0OiAxMDAlOyB6LWluZGV4OiAtOTk5OyB0b3A6IDBweDsgbGVmdDogMHB4O1wiPjwvZGl2PjxpZnJhbWUgc3JjPVwiYWJvdXQ6YmxhbmtcIiBjbGFzcz1cIl9udG5yamY3ODI2LWhqXCIgc3R5bGU9XCJ3aWR0aDogMHB4ICFpbXBvcnRhbnQ7IGhlaWdodDogMHB4ICFpbXBvcnRhbnQ7IGJvcmRlcjogMHB4ICFpbXBvcnRhbnQ7IHBvc2l0aW9uOiBhYnNvbHV0ZSAhaW1wb3J0YW50OyB0b3A6IC0xMDAwMHB4ICFpbXBvcnRhbnQ7IGxlZnQ6IC0xMDAwMHB4ICFpbXBvcnRhbnQ7XCI%2BPC9pZnJhbWU%2BPGlmcmFtZSBzcmM9XCIvL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc29kYXIvRW5xel8yMFUuaHRtbFwiIHdpZHRoPVwiMFwiIGhlaWdodD1cIjBcIiBzdHlsZT1cImRpc3BsYXk6IG5vbmU7XCI%2BPC9pZnJhbWU%2BPGRpdiBzdHlsZT1cInBvc2l0aW9uOiBhYnNvbHV0ZTsgd2lkdGg6IDEwMCU7IG9wYWNpdHk6IDA7IGhlaWdodDogMTAwJTsgei1pbmRleDogLTk5OTsgdG9wOiAwcHg7IGxlZnQ6IDBweDtcIj48L2Rpdj48aWZyYW1lIHNyYz1cImFib3V0OmJsYW5rXCIgY2xhc3M9XCJfbnRucmpmNzgyNi1oalwiIHN0eWxlPVwid2lkdGg6IDBweCAhaW1wb3J0YW50OyBoZWlnaHQ6IDBweCAhaW1wb3J0YW50OyBib3JkZXI6IDBweCAhaW1wb3J0YW50OyBwb3NpdGlvbjogYWJzb2x1dGUgIWltcG9ydGFudDsgdG9wOiAtMTAwMDBweCAhaW1wb3J0YW50OyBsZWZ0OiAtMTAwMDBweCAhaW1wb3J0YW50O1wiPjwvaWZyYW1lPjxzY3JpcHQgZGF0YS1qYz1cIjIyXCIgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9qcy9yMjAyMzA2MTQvcjIwMTEwOTE0L2NsaWVudC93aW5kb3dfZm9jdXNfZnkyMDIxLmpzXCIgYXN5bmM9XCJcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyMzA2MTRcIiBkYXRhLWpjcC11cmw9XCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW50ZXJhY3Rpb24vP2FpPUNZZ0ZpUmtXT1pKRElJZmlBb1BNUDBkUzVxQXFlb2FHdVhLSDU2UDZmQThDTnR3RVFBU0FBWU1tR2dJRGNvOFFRZ2dFWFkyRXRjSFZpTFRFM01EVXhPVFUxTnpreE16VTJOelRJQVFuZ0FnQ29Bd0dxQlBBQ1Q5QzhFcFdrNnpPQWlvNkRMVlFfSDFzaF9vOWtGdTgtSjFiOU9mWGxoV2NGRjVRTHd2eTJTVHhoVlpjRmtuMUluS1BFUm9uVVdpMWcwRUwydFcya0dMdFhlajQ5cWM1VkZaTVNDZ3RfWE9RcXc3bW9qZUpTTG1mb3dGUjcwWnJSbWFZRHlEZ0hTakc0dldIZU9WaC1BX1JVTmRXVE9lNElrcGhta3BmcVRVVGgzcHpzMXFKMlMzZWdTNWhFeWw0VXU3TWkzbnlnaXpFUTRvRkZEc2xyaW9MR0pSRnNnZERlNl9JMFNucGJUZjNVRFhWNVBNVEpybldfdEIzeGphY1B2eU5qZER6cFpmRTMxQ1dDRUxCTEFjSkk5M3p2OHcyZnU1aDFXbkt6TVk5Q2xvNFF1TG50LXpFcHRlNDROd1ZSbTV3S0JNZkJiaERCeEdPSnp2RzZETEI2UFlkenBwNFpaWTF6RkJGYzJXOGdoUy1WOHY1TTgtVnNDOHBLZTRmNjVsNjZudENRNkpTQTEteXB3VG1GS05wZ0ZTUFNTSEpuaklwVVZrZHFnX0VHVjFkV2NjZTVKQm50WWE3VTVMMFJRZW53SG9aWUx5ZlNrU1RlTkRjYzZxS3dnTUhzbFY0SlVRQXdWcEdvWTg3Z0JBR0FCdXpGeXN1TDdlalZZNkFHSWFnSHByNGJxQWVXMkJ1b0I2cWJzUUtvQjRPdHNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NBMElnR0VRQVRJQ2lnSTZBb0JBLWdzQ0NBR0FEQUhRRlFHQUZ3RSZhbXA7c2lnaD1HQVRtcTdlM2pNOCZhbXA7Y2lkPUNBUVNQQUJ5Z1FpRGl1ZDJPSDdHQkJaQlN4c0JDbC1fencySzdUMVFxcXRQbXliSVFicG44ejlhYVdJcVYtSjY0OGZ5bG5MSzZMV0E1VEJKVzJlWnR3XCIgZGF0YS1qY3AtZ3dzLWlkPVwiXCIgZGF0YS1qY3AtcWVtLWlkPVwiQ0pDRHY0Uy15XzhDRlhnQWFBZ2RVV29PcFFcIj48L3NjcmlwdD48aWZyYW1lIHRpdGxlPVwiQmxhbmtcIiBzY3JvbGxpbmc9XCJub1wiIGZyYW1lYm9yZGVyPVwiMFwiIGhlaWdodD1cIjBcIiB3aWR0aD1cIjBcIiBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9zL2Nvb2tpZV9wdXNoX29ubG9hZC5odG1sI2FIUjBjSE02THk5ak1TNWhaR1p2Y20wdWJtVjBMM05sY25acGJtY3ZZMjl2YTJsbEwyMWhkR05vTHo5d1lYSjBlVDB4Sm1kdmIyZHNaVjluYVdROVEwRkZVMFZKUTNsUVdtWnBRVFZTUzFkM01GZFJUVWh3V1Y4d0ptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWUm1NV3RIVUhWNlkySTRhRWt0UVZwWlRGWTFZVlJUUkd0R1gyTnFSa3RKVUhrd2RVRlpOa2hqU0VKaFJuaE1NWFJwYTFwME1VSk5hVm80UkRoTWMxWXllSEl0Y2xkaVFreHpTMDVSWW01MldWb3hlWHB3U1ZwU1VEQlljM1EzTUdKaixhSFIwY0hNNkx5OXplVzVqTG5OeWRpNXpkR0ZqYTJGa1lYQjBMbU52YlM5emVXNWpQMjVwWkQweE5UUW1aMjl2WjJ4bFgyZHBaRDFEUVVWVFJVbzBVbVZEV0d0blRHdENSbXQzY0c5eVVUQldkV2NtWjI5dloyeGxYMk4yWlhJOU1TWm5iMjluYkdWZmNIVnphRDFCVkdZeGEwZFFlRU14ZFRCQlJYVk9PVVphZDNoRmFWYzNZbk14V1ZKQmQyOU9MVUpvTVhWZmVUbHFiMGhDVVV0eWRtTlBVbUZCUkU5VlIyTXpZWGxyZFdFM05HOTFjbkJGVmxGUWRsVk1ibUl4VUVNd2VUaFZUMTl3YW5SSGFYQndNVTA9LGFIUjBjSE02THk5emVXNWpMbWR2TG5OdmJtOWlhUzVqYjIwdmRYTV9iRzlqUFdoMGRIQnpKVE5CSlRKR0pUSkdZMjB1Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFFsTWtad2FYaGxiQ1V6Um1kdmIyZHNaVjl1YVdRbE0wUnpiMjV2WW1rbE1qWm5iMjluYkdWZmNIVnphQ1V6UkVGVVpqRnJSMDk1ZFhVd2QzTnBRazlVVWtneVF6ZHRZVTQxZGtSTFoyeE1jMWREVGpnM0xYWk5TWHBoWXpJemJuZExVbEpLYUhCWmRYWkVORGxKTW1kemVWUnBXa3BxZURac1NrWlhjMHAwYjBWb1prdFJOMGxFVkdVNFMzbDFSRmRzYW1JbE1qWm5iMjluYkdWZmFHMGxNMFFsTlVKVlNVUWxOVVFtWjI5dloyeGxYMmRwWkQxRFFVVlRSVTVvTVhjNGJWWlBjVlZpVjBGemJYbzFRMjExWTFFbVoyOXZaMnhsWDJOMlpYSTlNUT09LGFIUjBjSE02THk5aGNDNXNhV3BwZEM1amIyMHZaSE53TDJkdmIyZHNaUzl3YVhobGJHMWhkR05vUDJkdmIyZHNaVjluYVdROVEwRkZVMFZGV1ZJdE1sWXhSbXhyYmxoUExWTjVkMlJRY2pGbkptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWUm1NV3RIVUhKRVRIcGpTMVpVVUZaRlMySlJhemQwUmtNeFdtNVlTRjlZTUV4U1NVNUhabTk0V2tSSVRWRkdORmhoTjFORFQzcFZWRmxXUkVSck5WRmFWMVpxUVU0dFpWRndTSEppWmw5b1kybEZhRGxvWDJ4MVZ6bHJPRTlLWjJkTllnPT0sYUhSMGNITTZMeTl6TG1Ga0xuTnRZV0YwYnk1dVpYUXZZeTl1THk4dkxUOWhaRTVsZEVsdWFYUTlaeVpuYjI5bmJHVmZaMmxrUFVOQlJWTkZRMFZJZVV0TlkwRnVhMGRxU1RoT1RWUXpaazloYnlabmIyOW5iR1ZmWTNabGNqMHhKbWR2YjJkc1pWOXdkWE5vUFVGVVpqRnJSMDVLYmpjNWJGSkxWRkpOWjNWZmQySjVSalJTWW1sSVgxRlhVRGRYU1dWaGNFOWFhVk0zWDBNMldrMWpaMmhVYzJ0UFRqQllZUzFFVW5OQ1dIUkVPVkppVkMxRGVISnhjMGhVYkhWaVduZzBTVVIyYUZoV2NIRTFNR2R6UnpFPSxhSFIwY0hNNkx5OWhaSE11ZVdsbGJHUnRieTVqYjIwdlpYaHdkSE41Ym1NX1oyOXZaMnhsWDJkcFpEMURRVVZUUlVSR2FtSnZPRlU0TjFSdVVUZGhVV05DVm5wVU9UQW1aMjl2WjJ4bFgyTjJaWEk5TVNabmIyOW5iR1ZmY0hWemFEMUJWR1l4YTBkT01sWmFZWEJOVTNaSk5VSnZRblIyUzFkSU5qTklORWN5YlVsQ1JFNUtNbWgxTFdWcGJFeHZOM1oyVGtwd1ZYcFJVWFpZWDJFemFtcHpkSHBDVFZjMGNGZHNRa0pmT0RRNFFucHNiWFE0YlhaRFZqbFNOVzFRZVRaZlJqUT0sYUhSMGNITTZMeTlsWWpJdU0yeHBablF1WTI5dEwyVmlaR0VfYzNsdV&i=11-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
-PchnmZWeB4-i2k5y2J7mbCsslkq4I6Yz098J7acKvVhG3FXJna7Qg==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=l6MHhKbWR2YjJkc1pWOW5hV1E5UTBGRlUwVkxSMjFpUWs5SFFXeFhSMHhXUmw5bWJDMTNaVTFKSm1kdmIyZHNaVjlqZG1WeVBURW1aMjl2WjJ4bFgzQjFjMmc5UVZSbU1XdEhUMjQzZG0wMlNVOHlZVE5SVW14U04wWmZUbU5oWTFoRlVtOXZOa2d4TjBKNWNGYzNYM1JEVTJwNU9WQklaVE5CWmxoak5ETk1NWEZFVGxSV1VXVnFXVFJrY0UxQk1UWmhkWFl0VTFoNFFVbHFZVlpaZFRSUFNEZG9WbFJuZGc9PSxhSFIwY0hNNkx5OWpiUzVuTG1SdmRXSnNaV05zYVdOckxtNWxkQzl3YVhobGJDOWhkSFJ5UDJROVFVaE9SakV6VEc5b01WZGhlVWxIYUhBMWIyTlpjV0ZQZGxrMWFVNUtlRU5EV1Y4ME9FZ3lNR3BKWVhwU2NrTnBUbmRrVlV0TmVtUlZaVlZxVFRSdVlsQTFURXQ1YlhaeE5UQkhXQT09XCIgc3R5bGU9XCJwb3NpdGlvbjphYnNvbHV0ZVwiIGFyaWEtaGlkZGVuPVwidHJ1ZVwiPjwvaWZyYW1lPjxzY3JpcHQgZGF0YS1qYz1cIjIzXCIgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9qcy9yMjAyMzA2MTQvcjIwMTEwOTE0L2NsaWVudC9xc19jbGlja19wcm90ZWN0aW9uX2Z5MjAyMS5qc1wiIGRhdGEtamMtdmVyc2lvbj1cInIyMDIzMDYxNFwiIGRhdGEtamNwLWluaXQtZGF0YT1cIltbW1tudWxsLDUwMCw5OSwyLDksbnVsbCxudWxsLG51bGwsMV1dXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV1cIj48L3NjcmlwdD48ZGl2IHN0eWxlPVwiZGlzcGxheTogbm9uZTsgcG9zaXRpb246IGFic29sdXRlOyB6LWluZGV4OiAyMTQ3NDgzNjQ3OyB3aWR0aDogMTAwJTsgaGVpZ2h0OiAxMDAlOyB0b3A6IDBweDsgbGVmdDogMHB4O1wiPjwvZGl2PjxpbWcgc3JjPVwiLy93d3cuZ29vZ2xlLmNvbS9hZHMvbWVhc3VyZW1lbnQvbD9lYmNpZD1BTGg3Q2FSRGFCYzFwMENOdDQwTjh1MDVwMVpzd3NNcGEtQWRDVFZ2ZWxrZ0ZmYmZaYTZEWS0wa0tzZkRBQmFSOVhScDgxTTNTaUdEcURjcXhscFJUa09adlNicmc1VFRWZ1wiIHN0eWxlPVwiZGlzcGxheTpub25lO1wiIGFsdD1cIlwiPjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZmVmcmFtZS8xLTAtNDAvanMvZXh0LmpzXCI%2BPC9zY3JpcHQ%2BPGRpdiBzdHlsZT1cImJvdHRvbTowO3JpZ2h0OjA7d2lkdGg6NzI4cHg7aGVpZ2h0OjkwcHg7YmFja2dyb3VuZDppbml0aWFsICFpbXBvcnRhbnQ7cG9zaXRpb246YWJzb2x1dGUgIWltcG9ydGFudDttYXgtd2lkdGg6MTAwJSAhaW1wb3J0YW50O21heC1oZWlnaHQ6MTAwJSAhaW1wb3J0YW50O3BvaW50ZXItZXZlbnRzOm5vbmUgIWltcG9ydGFudDtpbWFnZS1yZW5kZXJpbmc6cGl4ZWxhdGVkICFpbXBvcnRhbnQ7ei1pbmRleDoyMTQ3NDgzNjQ3O2JhY2tncm91bmQtaW1hZ2U6dXJsKCdkYXRhOmltYWdlL3BuZztiYXNlNjQsaVZCT1J3MEtHZ29BQUFBTlNVaEVVZ0FBQUNzQUFBQVdCQU1BQUFDcmwzaUFBQUFBQmxCTVZFVUFBQUQrQWNpV21aeldBQUFBQW5SU1RsTUFBcGlkckJRQUFBQjNTVVJCVkJqVGJaRUxEc0FnQ0VPN0czRC8weHF3SDEwMDJiQlpCNjhLdk5lM0YrYXhBbXErRnFwNkt5WGZsS2p4VmY2aGNsZmc1NDd2NkMwUzNDUmFtVUR1ZnFsUzBlWVpIT0dlenJ0QmxLOHBoSUVUVm9WMklPU21OeWxITVBHWmNndjJkcmNFdlU2d2RPUVZkOGh4Mzg3N0xwMnk5d3YyaHdVUzlmNTVGUUFBQUFCSlJVNUVya0pnZ2c9PScpICFpbXBvcnRhbnQ7XCI%2BPC9kaXY%2BPHNjcmlwdCBkYXRhLWpjPVwiMTAzXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjMwNjE0XCIgZGF0YS1qY3AtYmFzZV91cmw9XCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvY29udmVyc2lvbi8%2FYWk9Q1lnRmlSa1dPWkpESUlmaUFvUE1QMGRTNXFBcWVvYUd1WEtINTZQNmZBOENOdHdFUUFTQUFZTW1HZ0lEY284UVFnZ0VYWTJFdGNIVmlMVEUzTURVeE9UVTFOemt4TXpVMk56VElBUW5nQWdDb0F3R3FCUEFDVDlDOEVwV2s2ek9BaW82RExWUV9IMXNoX285a0Z1OC1KMWI5T2ZYbGhXY0ZGNVFMd3Z5MlNUeGhWWmNGa24xSW5LUEVSb25VV2kxZzBFTDJ0VzJrR0x0WGVqNDlxYzVWRlpNU0NndF9YT1Fxdzdtb2plSlNMbWZvd0ZSNzBaclJtYVlEeURnSFNqRzR2V0hlT1ZoLUFfUlVOZFdUT2U0SWtwaG1rcGZxVFVUaDNwenMxcUoyUzNlZ1M1aEV5bDRVdTdNaTNueWdpekVRNG9GRkRzbHJpb0xHSlJGc2dkRGU2X0kwU25wYlRmM1VEWFY1UE1USnJuV190QjN4amFjUHZ5TmpkRHpwWmZFMzFDV0NFTEJMQWNKSTkzenY4dzJmdTVoMVduS3pNWTlDbG80UXVMbnQtekVwdGU0NE53VlJtNXdLQk1mQmJoREJ4R09KenZHNkRMQjZQWWR6cHA0WlpZMXpGQkZjMlc4Z2hTLVY4djVNOC1Wc0M4cEtlNGY2NWw2Nm50Q1E2SlNBMS15cHdUbUZLTnBnRlNQU1NISm5qSXBVVmtkcWdfRUdWMWRXY2NlNUpCbnRZYTdVNUwwUlFlbndIb1pZTHlmU2tTVGVORGNjNnFLd2dNSHNsVjRKVVFBd1ZwR29ZODdnQkFHQUJ1ekZ5c3VMN2VqVlk2QUdJYWdIcHI0YnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRTFlCd0RTQ0EwSWdHRVFBVElDaWdJNkFvQkEtZ3NDQ0FHQURBSFFGUUdBRndFJmFtcDtzaWdoPUdBVG1xN2Uzak04XCIgZGF0YS1qY3AtY3B1X2xhYmVsPVwiaGVhdnlfYWRfaW50ZXJ2ZW50aW9uX2NwdVwiIGRhdGEtamNwLW5ldF9sYWJlbD1cImhlYXZ5X2FkX2ludGVydmVudGlvbl9uZXR3b3JrXCI%2BKGZ1bmN0aW9uKCl7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovICd1c2Ugc3RyaWN0Jzt2YXIgbD10aGlzfHxzZWxmO3ZhciBtLHA7YTp7Zm9yKHZhciBxPVtcIkNMT1NVUkVfRkxBR1NcIl0scj1sLHQ9MDt0PHEubGVuZ3RoO3QrKylpZihyPXJbcVt0XV0sbnVsbD09cil7cD1udWxsO2JyZWFrIGF9cD1yfXZhciB1PXAmJnBbNjEwNDAxMzAxXTttPW51bGwhPXU%2FdTohMTt2YXIgdjtjb25zdCB3PWwubmF2aWdhdG9yO3Y9dz93LnVzZXJBZ2VudERhdGF8fG51bGw6bnVsbDtmdW5jdGlvbiB4KGEpe3JldHVybiBtP3Y%2Fdi5icmFuZHMuc29tZSgoe2JyYW5kOmJ9KT0%2BYiYmLTEhPWIuaW5kZXhPZihhKSk6ITE6ITF9ZnVuY3Rpb24geShhKXt2YXIgYjthOntpZihiPWwubmF2aWdhdG9yKWlmKGI9Yi51c2VyQWdlbnQpYnJlYWsgYTtiPVwiXCJ9cmV0dXJuLTEhPWIuaW5kZXhPZihhKX07ZnVuY3Rpb24geigpe3JldHVybiBtPyEhdiYmMDx2LmJyYW5kcy5sZW5ndGg6ITF9ZnVuY3Rpb24gQSgpe3JldHVybiB6KCk%2FeChcIkNocm9taXVtXCIpOih5KFwiQ2hyb21lXCIpfHx5KFwiQ3JpT1NcIikpJiYhKHooKT8wOnkoXCJFZGdlXCIpKXx8eShcIlNpbGtcIil9OyF5KFwiQW5kcm9pZFwiKXx8QSgpO0EoKTt5KFwiU2FmYXJpXCIpJiYoQSgpfHwoeigpPzA6eShcIkNvYXN0XCIpKXx8KHooKT8wOnkoXCJPcGVyYVwiKSl8fCh6KCk%2FMDp5KFwiRWRnZVwiKSl8fCh6KCk%2FeChcIk1pY3Jvc29mdCBFZGdlXCIpOnkoXCJFZGcvXCIpKXx8eigpJiZ4KFwiT3BlcmFcIikpO2NvbnN0IEI9U3ltYm9sKCk7ZnVuY3Rpb24gQyhhKXtjb25zdCBiPWFbQl18MDsxIT09KGImMSkmJihPYmplY3QuaXNGcm96ZW4oYSkmJihhPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpKSxhW0JdPWJ8MSl9ZnVuY3Rpb24gRCgpe3ZhciBhPVtdO2FbQl18PTE7cmV0dXJuIGF9ZnVuY3Rpb24gRShhKXthPWE%2BPjEwJjEwMjM7cmV0dXJuIDA9PT1hPzUzNjg3MDkxMjphfTt2YXIgRj17fTtmdW5jdGlvbiBHKGEpe3JldHVybiBudWxsIT09YSYmXCJvYmplY3RcIj09PXR5cGVvZiBhJiYhQXJyYXkuaXNBcnJheShhKSYmYS5jb25zdHJ1Y3Rvcj09PU9iamVjdH1sZXQgSDt2YXIgSTtjb25zdCBKPVtdO0pbQl09MjM7ST1PYmplY3QuZnJlZXplKEopO2Z1bmN0aW9uIEsoYSxiLGQpe2E9YS5nO2NvbnN0IGU9YVtCXTtpZihlJjIpdGhyb3cgRXJyb3IoKTthOnt2YXIgYz1FKGUpO2lmKGI%2BPWMpe2xldCBoPWU7aWYoZSYxMjgpYz1hW2EubGVuZ3RoLTFdO2Vsc2V7aWYobnVsbD09ZClicmVhayBhO2M9YVtjKygoZT4%2BOCYxKS0xKV09e307aHw9MTI4fWNbYl09ZDtoJj0tNTEzO2ghPT1lJiYoYVtCXT1oKX1lbHNlIGFbYisoKGU%2BPjgmMSktMSldPWQsZSYxMjgmJihkPWFbYS5sZW5ndGgtMV0sYiBpbiBkJiZkZWxldGUgZFtiXSksZSY1MTImJihhW0JdPWUmLTUxMyl9fTtsZXQgTDtmdW5jdGlvbiBNKGEsYil7cmV0dXJuIE4oYil9ZnVuY3Rpb24gTihhKXtzd2l0Y2godHlwZW9mIGEpe2Nhc2UgXCJudW1iZXJcIjpyZXR1cm4gaXNGaW5pdGUoYSk%2FYTpTdHJpbmcoYSk7Y2FzZSBcImJvb2xlYW5cIjpyZXR1cm4gYT8xOjA7Y2FzZSBcIm9iamVjdFwiOmlmKGEmJiFBcnJheS5pc0FycmF5KGEpJiZudWxsIT1hJiZhIGluc3RhbmNlb2YgVWludDhBcnJheSl7bGV0IGI9XCJcIixkPTA7Y29uc3QgZT1hLmxlbmd0aC0xMDI0MDtmb3IoO2Q8ZTspYis9U3RyaW5nLmZyb21DaGFyQ29kZS5hcHBseShudWxsLGEuc3ViYXJyYXkoZCxkKz0xMDI0MCkpO2IrPVN0cmluZy5mcm9tQ2hhckNvZGUuYXBwbHkobnVsbCxkP2Euc3ViYXJyYXkoZCk6YSk7cmV0dXJuIGJ0b2EoYil9fXJldHVybiBhfTtmdW5jdGlvbiBPKGEsYixkLGUsYyxoKXtpZihudWxsIT1hKXtpZihBcnJheS5pc0FycmF5KGEpKWE9YyYmMD09YS5sZW5ndGgmJihhW0JdfDApJjE%2Fdm9pZCAwOmgmJihhW0JdfDApJjI%2FYTpQKGEsYixkLHZvaWQgMCE9PWUsYyxoKTtlbHNlIGlmKEcoYSkpe2NvbnN0IGc9e307Zm9yKGxldCBmIGluIGEpZ1tmXT1PKGFbZl0sYixkLGUsYyxoKTthPWd9ZWxzZSBhPWIoYSxlKTtyZXR1cm4gYX19ZnVuY3Rpb24gUChhLGIsZCxlLGMsaCl7Y29uc3QgZz1lfHxkP2FbQl18MDowO2U9ZT8hIShnJjE2KTp2b2lkIDA7YT1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChhKTtmb3IobGV0IGY9MDtmPGEubGVuZ3RoO2YrKylhW2ZdPU8oYVtmXSxiLGQsZSxjLGgpO2QmJmQoZyxhKTtyZXR1cm4gYX1mdW5jdGlvbiBRKGEpe3JldHVybiBhLmg9PT1GP2EudG9KU09OKCk6TihhKX07dmFyIFM9Y2xhc3N7Y29uc3RydWN0b3IoKXt2YXIgYT12b2lkIDA7bnVsbD09YSYmKGE9TCk7TD12b2lkIDA7aWYobnVsbD09YSl7dmFyIGI9NDg7YT1bXX1lbHNle2lmKCFBcnJheS5pc0FycmF5KGEpKXRocm93IEVycm9yKCk7Yj1hW0JdfDMyfXRoaXMuZz1hO3ZhciBkPWEsZT1kLmxlbmd0aDtpZihlKXt2YXIgYz1lLTEsaD1kW2NdO2lmKEcoaCkpe2J8PTEyODtlPShiPj44JjEpLTE7Yy09ZTtpZigxMDI0PD1jKXtjPTEwMjMrZTtjb25zdCBnPWQubGVuZ3RoO2ZvcihsZXQgZj1jO2Y8ZztmKyspe2NvbnN0IGs9ZFtmXTtudWxsIT1rJiZrIT09aCYmKGhbZi1lXT1rKX1kLmxlbmd0aD1jKzE7ZFtjXT1oO2M9MTAyM31iPWImLTEwNDc1NTN8KGMmMTAyMyk8PDEwfX1hW0JdPWJ9dG9KU09OKCl7aWYoSCl2YXIgYT1SKHRoaXMsdGhpcy5nLCExKTtlbHNlIGE9UCh0aGlzLmcsUSx2b2lkIDAsdm9pZCAwLCExLCExKSxhPVIodGhpcyxhLCEwKTtyZXR1cm4gYX19OyBTLnByb3RvdHlwZS5oPUY7Uy5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gUih0aGlzLHRoaXMuZywhMSkudG9TdHJpbmcoKX07IGZ1bmN0aW9uIFIoYSxiLGQpe2NvbnN0IGU9YS5jb25zdHJ1Y3Rvci5pO3ZhciBjPUUoKGQ%2FYS5nOmIpW0JdKTtpZihlKXtpZighZCl7Yj1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChiKTt2YXIgaDtpZihiLmxlbmd0aCYmRyhoPWJbYi5sZW5ndGgtMV0pKWZvcih2YXIgZz0wO2c8ZS5sZW5ndGg7ZysrKWlmKGVbZ10%2BPWMpe09iamVjdC5hc3NpZ24oYltiLmxlbmd0aC0xXT17fSxoKTticmVha319Yz1iO2Q9IWQ7aD1hLmdbQl07YT1FKGgpO2g9KGg%2BPjgmMSktMTtsZXQgbjtmb3IoZz0wO2c8ZS5sZW5ndGg7ZysrKXt2YXIgZj1lW2ddO2lmKGY8YSl7Zis9aDt2YXIgaz1jW2ZdO251bGw9PWs%2FY1tmXT1kP0k6RCgpOmQm&i=12-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
Vq83hJB8unNUedwvI4XrJFx8c8DR5PwVhyvmoHzDk6B-wZl3xcw-fA==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=JmshPT1JJiZDKGspfWVsc2V7aWYoIW4pe2xldCBUO2MubGVuZ3RoJiZHKFQ9Y1tjLmxlbmd0aC0xXSk%2Fbj1UOmMucHVzaChuPXt9KX1rPW5bZl07bnVsbD09bltmXT9uW2ZdPWQ%2FSTpEKCk6ZCYmayE9PUkmJkMoayl9fX1yZXR1cm4gYn07dmFyIFU9Y2xhc3MgZXh0ZW5kcyBTe307ZnVuY3Rpb24gVihhPXdpbmRvdyl7cmV0dXJuIGF9O3ZhciBXPS8jfCQvO2NvbnN0IFg9ZnVuY3Rpb24oYSxiPW51bGwpe3JldHVybiBiJiZiLmdldEF0dHJpYnV0ZShcImRhdGEtamNcIik9PT1TdHJpbmcoYSk%2FYjpkb2N1bWVudC5xdWVyeVNlbGVjdG9yKGBbJHtcImRhdGEtamNcIn09XCIke2F9XCJdYCl9KDEwMyxkb2N1bWVudC5jdXJyZW50U2NyaXB0KTtpZihudWxsPT1YKXRocm93IEVycm9yKFwiSlNDIG5vdCBmb3VuZCAxMDNcIik7Y29uc3QgWT17fSxaPVguYXR0cmlidXRlcztmb3IobGV0IGE9Wi5sZW5ndGgtMTswPD1hO2EtLSl7Y29uc3QgYj1aW2FdLm5hbWU7MD09PWIuaW5kZXhPZihcImRhdGEtamNwLVwiKSYmKFlbYi5zdWJzdHJpbmcoOSldPVpbYV0udmFsdWUpfSAoZnVuY3Rpb24oYSxiLGQpe3ZhciBlPXdpbmRvdzthJiZiJiZkJiZlLlJlcG9ydGluZ09ic2VydmVyJiZlLmZldGNoJiYobmV3IGUuUmVwb3J0aW5nT2JzZXJ2ZXIoKGMsaCk9PntjPWNbMF07aWYoXCJIZWF2eUFkSW50ZXJ2ZW50aW9uXCI9PT1jPy5ib2R5Py5pZCl7Yz0wPChjLmJvZHkubWVzc2FnZT8uaW5kZXhPZihcIm5ldHdvcmtcIil8fDApP2Q6Yjt2YXIgZz1hLnNlYXJjaChXKTt2YXIgZjtiOntmb3IoZj0wOzA8PShmPWEuaW5kZXhPZihcImFkX3NpZ25hbHNcIixmKSkmJmY8Zzspe3ZhciBrPWEuY2hhckNvZGVBdChmLTEpO2lmKDM4PT1rfHw2Mz09aylpZihrPWEuY2hhckNvZGVBdChmKzEwKSwha3x8NjE9PWt8fDM4PT1rfHwzNT09aylicmVhayBiO2YrPTExfWY9LTF9aWYoMD5mKWc9bnVsbDtlbHNle2s9YS5pbmRleE9mKFwiJlwiLGYpO2lmKDA%2Ba3x8az5nKWs9ZztnPWRlY29kZVVSSUNvbXBvbmVudChhLnNsaWNlKGYrMTEsLTEhPT1rP2s6MCkucmVwbGFjZSgvXFwrL2csXCIgXCIpKX1pZihnKXtpZihuYXZpZ2F0b3Iuc2VuZEJlYWNvbihcImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQvP2lkPWZsZWRnZV9pbnRlcmFjdGlvbnMmbGFiZWw9XCIrIGMpLGY9ZyxnPW5ldyBVLG51bGwhPWYmJksoZywxLGYpLEsoZywzLFwiXCIpLG51bGwhPWMmJksoZyw2LGMpLG51bGwhPShjPVYobCkuZmVuY2UpKXtmPWMucmVwb3J0RXZlbnQ7YTp7SD0hMDt0cnl7dmFyIG49SlNPTi5zdHJpbmdpZnkoZy50b0pTT04oKSxNKTticmVhayBhfWZpbmFsbHl7SD0hMX1uPXZvaWQgMH1mLmNhbGwoYyx7ZXZlbnRUeXBlOlwiaW50ZXJhY3Rpb25cIixldmVudERhdGE6bixkZXN0aW5hdGlvbjpbXCJidXllclwiXX0pfX1lbHNlIGUuZmV0Y2goYCR7YX0mbGFiZWw9JHtjfWAse2tlZXBhbGl2ZTohMCxtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifSk7aC5kaXNjb25uZWN0KCl9fSx7dHlwZXM6W1wiaW50ZXJ2ZW50aW9uXCJdLGJ1ZmZlcmVkOiEwfSkpLm9ic2VydmUoKX0pKFkuYmFzZV91cmwsWS5jcHVfbGFiZWwsWS5uZXRfbGFiZWwpO30pLmNhbGwodGhpcyk7PC9zY3JpcHQ%2BPHNjcmlwdCBpZD1cImdvb2dsZUFjdGl2ZVZpZXdEaXNwbGF5U2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly93d3cuZ29vZ2xldGFnc2VydmljZXMuY29tL2FjdGl2ZXZpZXcvanMvY3VycmVudC9yeF9saWRhci5qcz9jYWNoZT1yMjAxMTA5MTRcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj5vc2RsZm0oKTs8L3NjcmlwdD5cbiAgXG4gIFxuICBcblxuPC9ib2R5PjwvaHRtbD48IS0tIElGUkFNRSBJTk5FUiBDT05URU5UIC0tPjxpZnJhbWUgdGl0bGU9XCJCbGFua1wiIHNyYz1cImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3hiYmUvcGl4ZWw%2FZD1DTDZRMEFJUXp2aUIwd0lZMXNqdHZBRXdBUSZhbXA7dj1BUEV1Y05XR3BxTmVyN1ZuZlVrcm0tMlpqVWZ1TDRmV2RHTlFEaUFlY1V5cjg3NW80TkdDaGJ5SEY3dXZ5T080eFFlM3ZaVlZ4clpsN0JuMVE3MjB4bXY3WGxnOXFYUHNFUVwiIHN0eWxlPVwiZGlzcGxheTpub25lXCIgYXJpYS1oaWRkZW49XCJ0cnVlXCI%2BbnVsbDwvaWZyYW1lPjxpZnJhbWUgd2lkdGg9XCIwXCIgaGVpZ2h0PVwiMFwiIGZyYW1lYm9yZGVyPVwiMFwiIHNjcm9sbGluZz1cIm5vXCIgc3JjPVwiaHR0cHM6Ly9zc3VtLXNlYy5jYXNhbGVtZWRpYS5jb20vdXNlcm1hdGNoP2l4X3VtPTEmYW1wO2NiPWh0dHBzJTNBJTJGJTJGanMtc2VjLmluZGV4d3cuY29tJTJGaHQlMkZodHctcGl4ZWwuZ2lmJTNGJmFtcDtzPTE4NDkxNSZhbXA7dXNfcHJpdmFjeT0mYW1wO2dkcHJfY29uc2VudD0mYW1wO2dkcHI9MCZhbXA7Z3BwPSZhbXA7Z3BwX3NpZD1cIiBzdHlsZT1cImRpc3BsYXk6IG5vbmU7XCIgbWFyZ2luaGVpZ2h0PVwiMFwiIG1hcmdpbndpZHRoPVwiMFwiPm51bGw8L2lmcmFtZT48aWZyYW1lIHNyYz1cImFib3V0OmJsYW5rXCIgY2xhc3M9XCJfbnRucmpmNzgyNi1oalwiIHN0eWxlPVwid2lkdGg6IDBweCAhaW1wb3J0YW50OyBoZWlnaHQ6IDBweCAhaW1wb3J0YW50OyBib3JkZXI6IDBweCAhaW1wb3J0YW50OyBwb3NpdGlvbjogYWJzb2x1dGUgIWltcG9ydGFudDsgdG9wOiAtMTAwMDBweCAhaW1wb3J0YW50OyBsZWZ0OiAtMTAwMDBweCAhaW1wb3J0YW50O1wiPjxoZWFkPjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9zdGF0aWMuYWRzYWZlcHJvdGVjdGVkLmNvbS9zY2EuMTcuNi4yLmpzXCI%2BPC9zY3JpcHQ%2BPC9oZWFkPjxib2R5IG9ubG9hZD1cInZhciBkID0gZG9jdW1lbnQ7dmFyIHMgPSBkLmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpO2QuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2hlYWQnKVswXS5hcHBlbmRDaGlsZChzKS5zcmM9J2h0dHBzOi8vc3RhdGljLmFkc2FmZXByb3RlY3RlZC5jb20vc2NhLjE3LjYuMi5qcydcIj48L2JvZHk%2BPC9pZnJhbWU%2BPGlmcmFtZSBzcmM9XCIvL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc29kYXIvRW5xel8yMFUuaHRtbFwiIHdpZHRoPVwiMFwiIGhlaWdodD1cIjBcIiBzdHlsZT1cImRpc3BsYXk6IG5vbmU7XCI%2BbnVsbDwvaWZyYW1lPjxpZnJhbWUgc3JjPVwiYWJvdXQ6YmxhbmtcIiBjbGFzcz1cIl9udG5yamY3ODI2LWhqXCIgc3R5bGU9XCJ3aWR0aDogMHB4ICFpbXBvcnRhbnQ7IGhlaWdodDogMHB4ICFpbXBvcnRhbnQ7IGJvcmRlcjogMHB4ICFpbXBvcnRhbnQ7IHBvc2l0aW9uOiBhYnNvbHV0ZSAhaW1wb3J0YW50OyB0b3A6IC0xMDAwMHB4ICFpbXBvcnRhbnQ7IGxlZnQ6IC0xMDAwMHB4ICFpbXBvcnRhbnQ7XCI%2BPGhlYWQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3N0YXRpYy5hZHNhZmVwcm90ZWN0ZWQuY29tL3NjYS4xNy42LjIuanNcIj48L3NjcmlwdD48L2hlYWQ%2BPGJvZHkgb25sb2FkPVwidmFyIGQgPSBkb2N1bWVudDt2YXIgcyA9IGQuY3JlYXRlRWxlbWVudCgnc2NyaXB0Jyk7ZC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnaGVhZCcpWzBdLmFwcGVuZENoaWxkKHMpLnNyYz0naHR0cHM6Ly9zdGF0aWMuYWRzYWZlcHJvdGVjdGVkLmNvbS9zY2EuMTcuNi4yLmpzJ1wiPjwvYm9keT48L2lmcmFtZT48aWZyYW1lIHRpdGxlPVwiQmxhbmtcIiBzY3JvbGxpbmc9XCJub1wiIGZyYW1lYm9yZGVyPVwiMFwiIGhlaWdodD1cIjBcIiB3aWR0aD1cIjBcIiBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9zL2Nvb2tpZV9wdXNoX29ubG9hZC5odG1sI2FIUjBjSE02THk5ak1TNWhaR1p2Y20wdWJtVjBMM05sY25acGJtY3ZZMjl2YTJsbEwyMWhkR05vTHo5d1lYSjBlVDB4Sm1kdmIyZHNaVjluYVdROVEwRkZVMFZKUTNsUVdtWnBRVFZTUzFkM01GZFJUVWh3V1Y4d0ptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWUm1NV3RIVUhWNlkySTRhRWt0UVZwWlRGWTFZVlJUUkd0R1gyTnFSa3RKVUhrd2RVRlpOa2hqU0VKaFJuaE1NWFJwYTFwME1VSk5hVm80UkRoTWMxWXllSEl0Y2xkaVFreHpTMDVSWW01MldWb3hlWHB3U1ZwU1VEQlljM1EzTUdKaixhSFIwY0hNNkx5OXplVzVqTG5OeWRpNXpkR0ZqYTJGa1lYQjBMbU52YlM5emVXNWpQMjVwWkQweE5UUW1aMjl2WjJ4bFgyZHBaRDFEUVVWVFJVbzBVbVZEV0d0blRHdENSbXQzY0c5eVVUQldkV2NtWjI5dloyeGxYMk4yWlhJOU1TWm5iMjluYkdWZmNIVnphRDFCVkdZeGEwZFFlRU14ZFRCQlJYVk9PVVphZDNoRmFWYzNZbk14V1ZKQmQyOU9MVUpvTVhWZmVUbHFiMGhDVVV0eWRtTlBVbUZCUkU5VlIyTXpZWGxyZFdFM05HOTFjbkJGVmxGUWRsVk1ibUl4VUVNd2VUaFZUMTl3YW5SSGFYQndNVTA9LGFIUjBjSE02THk5emVXNWpMbWR2TG5OdmJtOWlhUzVqYjIwdmRYTV9iRzlqUFdoMGRIQnpKVE5CSlRKR0pUSkdZMjB1Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFFsTWtad2FYaGxiQ1V6Um1kdmIyZHNaVjl1YVdRbE0wUnpiMjV2WW1rbE1qWm5iMjluYkdWZmNIVnphQ1V6UkVGVVpqRnJSMDk1ZFhVd2QzTnBRazlVVWtneVF6ZHRZVTQxZGtSTFoyeE1jMWREVGpnM0xYWk5TWHBoWXpJemJuZExVbEpLYUhCWmRYWkVORGxKTW1kemVWUnBXa3BxZURac1NrWlhjMHAwYjBWb1prdFJOMGxFVkdVNFMzbDFSRmRzYW1JbE1qWm5iMjluYkdWZmFHMGxNMFFsTlVKVlNVUWxOVVFtWjI5dloyeGxYMmRwWkQxRFFVVlRSVTVvTVhjNGJWWlBjVlZpVjBGemJYbzFRMjExWTFFbVoyOXZaMnhsWDJOMlpYSTlNUT09LGFIUjBjSE02THk5aGNDNXNhV3BwZEM1amIyMHZaSE53TDJkdmIyZHNaUzl3YVhobGJHMWhkR05vUDJkdmIyZHNaVjluYVdROVEwRkZVMFZGV1ZJdE1sWXhSbXhyYmxoUExWTjVkMlJRY2pGbkptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWUm1NV3RIVUhKRVRIcGpTMVpVVUZaRlMySlJhemQwUmtNeFdtNVlTRjlZTUV4U1NVNUhabTk0V2tSSVRWRkdORmhoTjFORFQzcFZWRmxXUkVSck5WRmFWMVpxUVU0dFpWRndTSEppWmw5b1kybEZhRGxvWDJ4MVZ6bHJPRTlLWjJkTllnPT0sYUhSMGNITTZMeTl6TG1Ga0xuTnRZV0YwYnk1dVpYUXZZeTl1THk4dkxUOWhaRTVsZEVsdWFYUTlaeVpuYjI5bmJHVmZaMmxrUFVOQlJWTkZRMFZJZVV0TlkwRnVhMGRxU1RoT1RWUXpaazloYnlabmIyOW5iR1ZmWTNabGNqMHhKbWR2YjJkc1pWOXdkWE5vUFVGVVpqRnJSMDVLYmpjNWJGSkxWRkpOWjNWZmQySjVSalJTWW1sSVgxRlhVRGRYU1dWaGNFOWFhVk0zWDBNMldrMWpaMmhVYzJ0UFRqQllZUzFFVW5OQ1dIUkVPVkppVkMxRGVISnhjMGhVYkhWaVduZzBTVVIyYUZoV2NIRTFNR2R6UnpFPSxhSFIwY0hNNkx5OWhaSE11ZVdsbGJHUnRieTVqYjIwdlpYaHdkSE41Ym1NX1oyOXZaMnhsWDJkcFpEMURRVVZUUlVSR2FtSnZPRlU0TjFSdVVUZGhVV05DVm5wVU9UQW1aMjl2WjJ4bFgyTjJaWEk5TVNabmIyOW5iR1ZmY0hWemFEMUJWR1l4YTBkT01sWmFZWEJOVTNaSk5VSnZRblIyUzFkSU5qTklORWN5YlVsQ1JFNUtNbWgxTFdWcGJFeHZOM1oyVGtwd1ZYcFJVWFpZWDJFemFtcHpkSHBDVFZjMGNGZHNRa0pmT0RRNFFucHNiWFE0YlhaRFZqbFNOVzFRZVRaZlJqUT0sYUhSMGNITTZMeTlsWWpJdU0yeHBablF1WTI5dEwyVmlaR0VfYzNsdVl6MHhKbWR2YjJkc1pWOW5hV1E5UTBGRlUwVkxSMjFpUWs5SFFXeFhSMHhXUmw5bWJDMTNaVTFKSm1kdmIyZHNaVjlqZG1WeVBURW1aMjl2WjJ4bFgzQjFjMmc5UVZSbU1XdEhUMjQzZG0wMlNVOHlZVE5SVW14U04wWmZUbU5oWTFoRlVtOXZOa2d4TjBKNWNGYzNYM1JEVTJwNU9WQklaVE5CWmxoak5ETk1NWEZFVGxSV1VXVnFXVFJrY0UxQk1UWmhkWFl0VTFoNFFVbHFZVlpaZFRSUFNEZG9WbFJuZGc9PSxhSFIwY0hNNkx5OWpiUzVuTG1SdmRXSnNaV05zYVdOckxtNWxkQzl3YVhobGJDOWhkSFJ5UDJROVFVaE9SakV6VEc5b01WZGhlVWxIYUhBMWIyTlpjV0ZQZGxrMWFVNUtlRU5EV1Y4ME9FZ3lNR3BKWVhwU2NrTnBUbmRrVlV0TmVtUlZaVlZxVF&i=13-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
bNPGF2vTL5-XOmspPBFYkLF9YdkE7vTjZtnDtHcEbhkxWCeviISOOA==
place
valnet-tagan.adlightning.com/ Frame 1F3F 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://valnet-tagan.adlightning.com/place?p=1&d=RSdVlsQTFURXQ1YlhaeE5UQkhXQT09XCIgc3R5bGU9XCJwb3NpdGlvbjphYnNvbHV0ZVwiIGFyaWEtaGlkZGVuPVwidHJ1ZVwiPm51bGw8L2lmcmFtZT4ifQ%3D%3D&i=14-14&t=adltag_lj0nau6a_0oEAD20I19L&r=14f07eb983ebfeca3a4b3db32c528fe&c=valnet&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-90.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bO1XoJ7zIdHTQPKHIHUF2Yw5SedMo.ge
date
Sat, 17 Jun 2023 18:51:56 GMT
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 01:22:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
17748
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
gq9fKYzWt2cIOz9Lo2SAlQX_ZZwTfNS8MymOBD6d6evx9Rlkd_S2dA==
dt
dt.adsafeprotected.com/ Frame 1F3F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1362487&asId=69baaad5-b56e-aea9-4734-b289c2738647&tv=%7Bc:fQgk2t,time:2542,type:e,im:%7Bpci:%7Btdr:2046%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2542,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2536~0%5D,as:%5B2536~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:211,fm:tHu6MiW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C1a%7C1b%7C1c111%7C1c121%7C1c122%7C1c13%7C1c14%7C1c15%7C1c16%7C1c17%7C1c18%7C1c19%7C1c1a%7C1c1b%7C1c1c%7C1c1d%7C1c1e%7C1d%7C1e%7C1f%7C1g1%7C1g2.1362487-69631270%7C1g21%7C1g22%7C1g3%7C1h*.1362487-69631272%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v%7C1w,idMap:1h.134cc399-2d0d-bc26-68f6-acddc0288889.295_925113%7C1h*,rmeas:1,rend:1,renddet:IMG.qs,siq:50,sis:1430%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:48ef:ebc1:9abc:bc76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
init1.js
api.bounceexchange.com/bounce/ 		76 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=529&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAOAdgAYAWAVhoCY7DrNgAvEKczAdwFMAjHKmC8A+qgAmUajIDMmAE68cIADZw0GAoXLkAHvjq7FvGLwVKFUbAENVq1AgDmouAtVQAFsGAAHHACksgCCAXQAYmHhQgC2vqqmqgCejk4AdEggMVHA3CAAtIjCvBL5Nqjujsr5vHGqIEm81UieNgpOqfk4InadMW2oYHA2CDb5vjY4OLzO5vnqTk42TrxRmABuqELAopkgANaovFABpABCYXSqvpdBoQzefoF01CFh1BHvEbHxiSnOGSyX3CuQKRREpXKlQQ1Vq8QaTRw+RabQ6zi6PQc6P6CkGw1G40m01mCnmcEWy1WL0+DDCAGFLgpbm9abTSAARbAgA5HE7nS4SSTM+50fCkUiyOiyQj4GTESh0YjUUhK250BkMTYSYVEMhUWgfRiS2TEU6cvaHMSgECiVSo44wOzTTD8XycTC8PxQADaAF1ML5gHguXVUCMkGIYHanNZ1q0oEA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
a4207e648ea1b4208abb73a9425206c5b969df8c852c8d8fa0fc62da2ab562b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 17 Jun 2023 23:44:12 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
27
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
usync.js
eus.rubiconproject.com/ Frame CC85 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7243dfa6171dbc14cb955125d4d528e5567c4c8b45bb95545d426f0632d2d330

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:12 GMT
content-encoding
gzip
last-modified
Sat, 17 Jun 2023 10:05:41 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=37257
content-length
10113
expires
Sun, 18 Jun 2023 10:05:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 447E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJgUlSUWOZLeFB9iAoPMP44WOwA4AAAAAOAHgBAI&bg=!1tWl1YHNAAaGYqkwpmI7ADkAdvg8WixjE80LGmjzeoYks2LWtZWvQbV-FOlVSR5uvdCvPuKvVif3VC1my6LFUZ4F2y-NycbGqBACAAACFVIAAAADaAEHmQMql4v5WDrSlUCMleiJynAGfWMk40VRUwSJygPFVw8CJsI-aLUZ-Cg3gyUtvDRzLw8d6TbO9YReX-mR1NHS19abQjoPE1E8Uj_s2DSVFuEUCDkugRHQm6dH-M9yE6wiCFiZUM4iUiZtcymgcjQr01zSng-V5UaHl9T3PnrNWfnokoe7sOWn333AYZLsvdcCIkY9KyfxZT39gAjCB4svUYrFx5Y-4XNLGlIGcB3CL2SOTmGZnOKKk5qGPt0WRkEwVDfS9e8Q3ZiUJSu_MmmtbC9PCF0IWQzfS-UQBElJ1pNYPx51ZNLCSJuLpmRpMp3ySlpq8cIq3IY6XkiNzXaJWVcVKI_HshEZH-Dvq5GKWRcGLRmr6Z0TBa5Xql8-mH9LYI8CAykZwxg6RpOxo91AWCWh85zkiEosAUdkNrBuwrj4F20htjOlmHNRO6H14Gq6Wk0kYt-zMyP0Mb17ZqpjLoto7OgCdR4lPriybuJA9-G2hZQow1G8LN9KjU_Pb7OLHnN_pGBuYLhVVYFCsQaMTneN5UDdoQZmnoOtcY_VKcgvcaRfpzBNF0TRqF-f_YQ5smKqoXDVQDDEoYcboR_xToTmh80oQhrDWuQlxRp6x29KKMpJk3lSlnPXYQgXCTOVYtOR8HLkhbF16BwmCFevF70aPeESWjMn02jECAgXz3RCh1_32obQauaLWi64JziPeEN3rtYJJCeUkrEStbf1wDlVfEf91ipgDnwXIrRa2VB4-IjdBwYq7pKw1qelDUKK3uqs-e5NAb1Zcy3t2tkUzji69ElWSDOK2OWpQtTAEWw_lCqDE1elyUf_zw9JjgVCACPKZHvB-YLZ37ZYOsI8aztfmw3Dpj8fcy_64n2mJwK-_g9Vu45oNEpw58GOjqfa_Id81I2vd8sVwpbtXvAFS_QCCjT1vZM9CsQaEejnw9A-Y1hdaWCgafPrSXDOKl8UF-kCcQllrjWKdUCKW5Ol12668miwuJ5yaQrFn_YWkAQ02lKPseDYIA6r_UHzLq_1q-QQPuxFYe3UpyDkdVR0eAYcmmfbfI48qRVyD-dr8J3j0pSQQg4WzDhikOcp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A84A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoBitSEWOZID-MfWMsALh5Jy4DwAAAAA4AeAEAg&bg=!paalpvLNAAaGYqkwpmI7ADkAdvg8Wo-fjBy-oXhpSQtZgdPOqR4Z3f5ThUVugBMWfjussotNxBpQ7iPuEx59Zokugw67HHzhzRkCAAACBVIAAAADaAEHmQMVbvGivJWMjlMXa0IrDm1lN9uLOeM70o7JWBkYDD5lys4p0IY6Wnaklst9uNlTgudLPeCX-6oiq-chnNDZ7Alg9oTZ9C1DUE3CGlalBj6qH8yxx8OucmTjoEM0ejK3kFhFm17Sn9pYhhwN1y5n8lPa3W0jtPHty8vEtvJ71a32EEnbt-JBJk2fVAx1YB_i4epsXzPCeMNvClmJFmTx6zW4gY3Z5oQGVsRmVQ7-AcuWMlYwRrPGdcKneOAHnWZ3PL3UYqhd_WZsWI6DQFtnR1pv1kpKguyLXJyCN0yqUSM0IKUSqoeY_gzNDYvhtBJ8WUvfui6u1p5iC10VpWfX-dh6gXFrD49djSGPchnWNuPl4GCBI-Z2c-2SwpXn4s2WFg479FukcdtkP1BRawRnoldO_G2HZw7Zf1GnqIlDa3CraG6VNAn0E64Z35lqiIQnUncKJ1rktnz0qp3nX86mcBo0cLuEBannxQZvOgzx4NoSxXKNMifpQxOEN_8hf9kuwx6dHXZfoq39f7c6e6O-iL1sOq8zH9tX2xCLLa0P9oZVWQ1UMcBWjl_IhAP-uJxst-Pt6zEowFBKnFXlMHTBIIHUncXLltwXt6_oJ5b5rTQ3RK5hBX-WFMIkZnrCs0-_ZacICem2GuMoVn592ISXS_4_pKbFGicHGvEtRtX_7FfrDcMnP4fzoTzJxXOZcv2M-uGd2sUNFPOGbdqe2Kq14bXfKEdAtACjs7hcsudPQGd3pbuwwKGE_WHVmPdhDlKo9gznXwQthpvaDb9ebgl_pYifOEi8I4OnoJY6aLGDACRxtE3QcSP_VS1tgIZVMbwX2P_3P2J1Dbvtu1GdHXLCay2lEev2A7y6L8DykzFJmRk15ceDYe0IzRNkJEZWbfzTj8PwLo9hwVS63ZbM3uGjF06X8Tc31SDTP49equsVprvTUP4IykwrmUyM3cnff6HfhkPMdGWvc_u_mKNSlOkL8sFi2XFiHrSC3f0R3xhjgYxFyHda6oykxLDasHWiHIl5yNJLXILSlFO0-FcNRaqDYdcZyO0WUU_d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Jetex.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/ Frame EF22 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/Jetex.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 17 Jun 2023 23:24:31 GMT
x-content-type-options
nosniff
age
1181
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5259
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 10:36:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jun 2024 23:24:31 GMT
1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/ Frame EF22 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8034152775585628160/1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c842047421b2e92158368142bdadb730906fac66a6445e02a96aa2528d2bb45
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 17 Jun 2023 22:46:47 GMT
x-content-type-options
nosniff
age
3445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85794
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 10:36:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jun 2024 22:46:47 GMT
match
events-ssc.33across.com/ Frame CC85
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&gdpr_consent=undefined&gdpr=0&khaos=LJ0NAQAS-1X-L7LS
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LJ0NAQAS-1X-L7LS&gdpr=0&gdpr_consent=undefined&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LJ0NAQAS-1X-L7LS&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LJ0NAQAS-1X-L7LS&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:11 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LJ0NAQAS-1X-L7LS&ts=1687045452&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
setuid
u.4dex.io/ Frame 8964
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&us_privacy=1---&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D%26us_privacy%3D1---
  • https://u.4dex.io/setuid?bidder=openx&uid=15c9169a-5a3e-4d7c-ba13-53c9f1fdb3fe&us_privacy=1---
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=openx&uid=15c9169a-5a3e-4d7c-ba13-53c9f1fdb3fe&us_privacy=1---
Requested by
Host: u.4dex.io
URL: https://u.4dex.io/usync.html?us_privacy=1---
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.4dex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

date
Sat, 17 Jun 2023 23:44:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://u.4dex.io/setuid?bidder=openx&uid=15c9169a-5a3e-4d7c-ba13-53c9f1fdb3fe&us_privacy=1---
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5EB6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99773
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 17 Jun 2023 23:44:12 GMT
expires
Mon, 19 Jun 2023 03:27:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.44.237.135, 4.7.166.102
x-check-cacheable
YES
x-serial
66383
contextual
contextual-analytics.wunderkind.co/api/ 		137 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&website_id=5553
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
c1e6c17c4c39cb9720a438e7fa49600b1425e8653e669cc7b1bed4588fe76244

Request headers

Accept
*/*
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:12 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
content-type
application/json
creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 19:44:31 GMT
content-encoding
gzip
age
14381
x-guploader-uploadid
ADPycdt34NZKM4PiLna24RRB7yCXpcbxg2McUNxUg7xAStNsrN21uKvxsrCskBVmKBI_iVsWseh4dBQF2O3W_urZtDAJRw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6053
last-modified
Tue, 13 Dec 2022 17:12:22 GMT
server
UploadServer
etag
"54f61bdcbfb6f81427c8a6803f48b02f"
vary
Accept-Encoding
x-goog-generation
1670951542233151
x-goog-hash
crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, etag
cache-control
public,max-age=3600
x-goog-stored-content-length
6053
accept-ranges
bytes
content-type
text/css
visit
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJSXUWRnoXOSZJOTk2AGUUADMUJBAneld3VQAyUAgYJAQ65D6kHC7wKGgKPh40U3QEWCRSHDTISFNhalbjGno6HboILIt+0gBPacZ47P3aSAECAFpYTCgEXgeUEEWeBDAHhCOpAIpwQvwe8TSjTQ0weYEgCBQ4UwaAeWUaIAAVrAUJgUA9ZmBEMjkA9SLA0Gg5jdRj1oH0wAQyZAQARMLocJJVMxmDTxvTGbBmazThydDzuuN4vBINlgOiUDZLGAcJQXEoXAARXkwK4ECIgBAqtU0ai8EC8E3ybbUaiSFylageST0egADnU1FdJS9luooRtoAtNqtnNdLmY6nokeo6gjHs8fpNdWAkEtcmMofDkejIRNKAIaeMrETNtIpkLJpWaw2WxuN0OxzqZwuVyyNzuj2er3en2+mDBAIswNBfwhUJhcIRSJRaKaWJxeIJRIwSFJ5MpGDrwZL1BQG2oVuL-uowFMwELklzNqDB-TJpvV+oSAr24PO-iKYvqjDEaju0fEAPumDyXjuaDxM+wbpi4ACcj5tlBRaPqQn6IZmv45u+KBHJ8aCYPuVqqtotphqoLiqKBt7bMaAbnohR4mihqZod+WZ-gemqPpIpHkVUiFESawB0VRDGlqhVHodm-6cTuOjSK6ZQVjRJ7CYeyHiSGrEYdJGqqrpO6qXexqcZqHTwMgczYNANiZEIyA4OkmQ5GZiCoBgVnAMgECshyBRFCUZSMBUcguRZ7kwBYKCQHUBBIFkOAqPwQhSDy5luVgMC8AgoDxAgkCnKYhpZWAEQyqYHRSnC2TINAkJgFcmCeUg8K8DgPIYAQ0BXM8kBIKcVxZTgACq1QdB1XUED1fUDQgcjDdUxhjQgnXddgfW4jkw0vC1NSQFFvxLZ1fTQj5tABIddIICdmAbYatBAk0vAoBd8RQCKeAgNhIAXaYBBwoiM04JUzDcS9rLMv22CAyIi1ZAQg08gItg9Ag5o4C6rTamjknsbG6jxh0WU5ajrV2g6Touu6nrevQHSzBgoAIAI2MdIgACOsBYLlaM8vE4QZcyOT-UcHJaVJMYlBV-PYCgpggE13mYDge1oCFRMgLlOC8Kzk1IJrSM2B0lm4GlQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NhMAtsOhAGboCeMAdmADoAxgHsm9XPBEBaZLxi4IAE2kgYGPhELSILdCK4Qt0odhCowfMNMKKQ6K9KbmYAK2QheIaaEKEI-BCo0ujIYGDgEPQAZKCQsAiIQsi2YlAuIABGbISYxADsAEIFACKxkQlIoiIA1nCMAF4QmAAsAAyk5fFwVZ4i8kL2OPhEZJS09Ix6HNxWwmISUrLyiipqGrzGuqwGRtqm5pb8NnYOx86obh5ePiB+AZDBoeGRMaIsSSyYbdHvwIi4ITsTAARl+Yn+KWAoK60B6iE8phEqEQ7BEciUiBBAA58gA2fEgmFxOGJRHYZGo9G8TE4-H40gwpgiJTNH7wCCZRiKGBKTAAVkFnVg3N5oLxuLaLX50qo7RaLSoeOirNgQggYpB+XypCopDxIMF2MV2P5+VNsMqmui-gAjsgAurrUIHAF8MwtLgQF8QRL8lKZfy5Xifi64LwvcAYFAgox+pgvWBOqqYOrMEobejUGmOZlopEI5gUkEgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=bouncex&bsw_custom_parameter=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2989%26partner_device_id%3D%5BMM_UUID%5D%26pt%3Dfe9cb3d0-e4b5-4631-9e63-ec...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=d895648e-4544-4600-8aa4-c61d989f4bad&pt=fe9cb3d0-e4b5-4631-9e63-ec4871293ac8%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsy...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=bouncex&bsw_param=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
Date
Sat, 17 Jun 2023 23:44:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
user-sync
sync.adkernel.com/
Redirect Chain
  • https://cs.admanmedia.com/ff062a454b79198e17a2ec718ec55e04.gif?puid=5553-177323615584285785&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=[GDPR_CONSENT]&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D158481%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=%5BGDPR_CONSENT%5D&partnerID=158481&pmc=1&pr=https%3A%2F%2Fcs.admanmedia.com%2Fb88c93c8e248435bf25dac741904edd1.gif%3Fpuid%3D%24%7BPUBM...
  • https://cs.admanmedia.com/b88c93c8e248435bf25dac741904edd1.gif?puid=${PUBMATIC_UID}
  • https://ap.lijit.com/pixel?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcs.admanmedia.com%2F9e36def72e80a18ff8aef70db891a1e4.gif%3Fpuid%3D%24UID
  • https://cs.admanmedia.com/9e36def72e80a18ff8aef70db891a1e4.gif?puid=G1VwhPZH-q26XH-aR1uPMNQ8
  • https://u.openx.net/w/1.0/cm?id=ce0642e2-639c-4d10-8c5d-e263dddf6c33&r=https%3A%2F%2Fcs.admanmedia.com%2Fsync%2Fopenx%3Fpuid%3D
  • https://cs.admanmedia.com/sync/openx?puid=e70be68e-fe43-43f6-b73a-077195491572
  • https://ssp.disqus.com/redirectuser?r=https://cs.admanmedia.com/7df8d99918d2854384fc4c2d197ec3ff.gif?puid=$UID&redir=[RED]&partner=acuityads
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-a8f84e92-87fb-31c9-9a25-b4d50b950c3a&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...
  • https://ssp.disqus.com/match?bidder=34&buyeruid=E38C30D9BA97405BB79CACF9A2C6426C&r=Cid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpraHR0cHM6Ly9jcy5hZG1hbm1lZGlhLmNvbS83ZGY4ZD...
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-a8f84e92-87fb-31c9-9a25-b4d50b950c3a&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DC...
  • https://ssp.disqus.com/match?bidder=31&buyeruid=ac3481f5-27e9-43e4-8b0c-ae0f5b9ff547&r=Cid1YS1hOGY4NGU5Mi04N2ZiLTMxYzktOWEyNS1iNGQ1MGI5NTBjM2EQ____________ASpraHR0cHM6Ly9jcy5hZG1hbm1lZGlhLmNvbS83ZG...
  • https://cs.admanmedia.com/7df8d99918d2854384fc4c2d197ec3ff.gif?puid=ua-a8f84e92-87fb-31c9-9a25-b4d50b950c3a
  • https://sync.adkernel.com/user-sync?dsp=89&t=image&uid=3118d3d7-86f2-4522-88f1-c91fd797c74c
42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=89&t=image&uid=3118d3d7-86f2-4522-88f1-c91fd797c74c
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:15 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:15 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://sync.adkernel.com/user-sync?dsp=89&t=image&uid=3118d3d7-86f2-4522-88f1-c91fd797c74c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
article_view
events.bouncex.net/track.gif/ 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgLkmeBeAKgdwPYFIBMADAKoB2EYcAJgYQIIQgwSlwDOtAogLYAOM2AJ5x2tAMIALUAHMW02gHUKE2gGVKwZqXlEAsqAgArAK7BSwWgDEQ2brQAKwNmzja4IWgBlj06cGlwAGSgkLCIxkyoEmBgvBwAzHQElslsEHzwAGYwgnIAdFC2yWA4ALTG5JRUpcCMWuylcBlCImylUFIgstqlbBpa0qXcBiZmwKW8Ti5uIKUwPn4BycHg0PAI6f5wUTFxuInJqWDAoQCMeWkZcNm52psBbAVF+JY4IFS8IOwcL5i87dhSJQgcljPxsMAqD9LER8PFkoQAGygyrUGp1FgNABG2DgclKAHYABwE0oATlK0hAxjyhl4cGkK1C614xixVBO21h8VKSNKpwJ6Dh+zohEIIvwpwAWky1ogqOwoCAILxIIDUABJMC0CA-QhfXjYcDUWhgKTaohmuC0NgdJrWoggMy0TJG2jCUCPWVhBDAYxmo2obwAaycamwxgAXsBvesXFA1aRUAwmJjaAA5OCYNixxAwMzSUwBVCuXMIfN9bjYKiobm8xH8wXCxJiiXSsvBuCCN5Q1C4ACsACEBwARQJVhWoQiBTBwLFpSgQGv9lfxQIAN11FCXqFOiJJhAALP3j-hD0fD-hEYEFZuoHiawKCfE4YjTiuiZeif3if3ApMAk3LMd1OQIXAAR2MVx7x3fBAlgCBXBidJ2GOPhd33AkjxPfsz2feDmCQ4BeAgdd3DSdVjmkNdb2gbYqDAiMQHvVBZyxYIAiBVBjBcEAgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A76 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=848875565007&version=m202301230201&ct=76&x=96&cor=982565726295363500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AEDC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37057424&p=160060&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
428f969204339d0121f6c1486af912de9bb435709a00f945e5ff36955f386ab9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 11:40:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame BEEA
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=2952587125
  • https://sync.1rx.io/usersync3/mediamathtest/1508/d895648e-4544-4600-8aa4-c61d989f4bad?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sat, 17 Jun 2023 23:44:12 GMT
ETag
RX4d7ac79ab44643dd8b2a532c94803b95005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 97AA
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 17 Jun 2023 23:44:13 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame DED3
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lyW0iXyVCByl3Sl1TUWOZA
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lyW0iXyVCByl3Sl1TUWOZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 23:44:13 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lyW0iXyVCByl3Sl1TUWOZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame FD54 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 17 Jun 2023 23:44:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame EC61
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e78eeacd-32ca-4f3a-ad54-4da47a4de1b2
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e78eeacd-32ca-4f3a-ad54-4da47a4de1b2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 17 Jun 2023 22:02:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 17 Jun 2023 23:44:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e78eeacd-32ca-4f3a-ad54-4da47a4de1b2
strict-transport-security
max-age=15724800; includeSubDomains
cookiesync
core.iprom.net/ Frame 7C00 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 17 Jun 2023 23:44:13 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-94c961227ff9@version_1.554
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame AC7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 17 Jun 2023 23:44:13 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 4F83
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7403318521853444473&uid=Q740331852185344...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7403318521853444473
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7403318521853444473
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Jun 2023 23:44:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=78791
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sat, 17 Jun 2023 23:44:13 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7403318521853444473
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
setuid
pbs.nextmillmedia.com/ Frame 3293
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A1A1E2756F36417A842BBECC019687AF&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157577&pr=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3DC9FE2...
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
86 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-39.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Sat, 17 Jun 2023 23:44:12 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 17 Jun 2023 23:44:12 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sd
us-u.openx.net/w/1.0/ Frame AEDC 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame AEDC 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.150.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-150-230.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2023 23:44:12 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame AEDC 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.51.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-51-4.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 17 Jun 2023 23:44:12 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame AEDC 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.67.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-67-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sat, 17 Jun 2023 23:44:12 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
dd17fa00-0d68-11ee-a6dd-060b98226699
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-05950a25676c39193
c
ids.cdnwidget.com/ 		470 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=236177092&GCS2=ZDE3MWIxYzgtNzA2OC00MmY4LWJlYmMtMjExN2Y2NDhjMGIyLmxvY2Fs&pe=false&wsid=5553&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A5553%2C%22loadID%22%3A%229dBVqJ99kVCbHeG%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A5%2C%22IDStageStart%22%3A5%2C%22obsReqdata%22%3A230%2C%22obsReqpage%22%3A235%2C%22obsReqview%22%3A236%2C%22netComplete%22%3A404%2C%22IDStagePrefire%22%3A404%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A177323615584285785%2C%22visitid%22%3A1687045452404426%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_75b47138b6892356b3673aaacdf8c6b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.191.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.191.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2eea9dff0f37c7bb671a56c7fdcda418e863f8e94ae6c6cd91c49e3bc4165275

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F3F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4493853757973&version=m202301230201&ct=76&x=13&cor=13722989378822228000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
graph
idr.cdnwidget.com/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idr.cdnwidget.com/graph?cookieID=2RM26LHrzQocMxAuXOfqMrmnJOi&deviceID=2RM1gDbiXLgqFTE0JosmTsH6GK4&bxdid=177323615584285785&bxvid=1687045452404426&bxwid=5553&gm=false&apikey=2^HIykD&loadID=9dBVqJ99kVCbHeG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 17 Jun 2023 23:44:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
id_sync
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2RM1gDbiXLgqFTE0JosmTsH6GK4&source=web&agent=cjs&deviceid=177323615584285785&visitid=1687045452404426&websiteid=5553&pageviewid=1&sequenceid=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:14 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
setuid
u.4dex.io/ Frame 8964
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26us_privacy%3D1---%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=sovrn&us_privacy=1---&uid=G1VwhPZH-q26XH-aR1uPMNQ8
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=sovrn&us_privacy=1---&uid=G1VwhPZH-q26XH-aR1uPMNQ8
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.4dex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:14 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Sat, 17 Jun 2023 23:44:14 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://u.4dex.io/setuid?bidder=sovrn&us_privacy=1---&uid=G1VwhPZH-q26XH-aR1uPMNQ8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame AE54 		631 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24266880&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dpba%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
16743312e32a12390a579ad736b3ac6a867de0a8a2f8a687e448448a2e452a45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 17 Jun 2023 23:44:13 GMT
content-length
631
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 7DC3 		631 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11263897&p=156538&s=156538&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
16743312e32a12390a579ad736b3ac6a867de0a8a2f8a687e448448a2e452a45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 17 Jun 2023 23:44:13 GMT
content-length
631
content-type
text/html; charset=UTF-8
cksync.php
contextual.media.net/ Frame 9FF6 		61 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=pba&refUrl=&vid=70454493413300470441523937000V10&ovsid=C9FE2347-10FF-4ABA-8761-C084B8379398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dpba%26refUrl%3D%26vid%3D70454493413300470441523937000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
61
content-type
image/gif
date
Sat, 17 Jun 2023 23:44:14 GMT
expires
Sat, 17 Jun 2023 23:44:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
396846.gif
idsync.rlcdn.com/ Frame AE54
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=cc056d69-4011-49d4-a9c3-ee1d13e4dbce
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=cc056d69-4011-49d4-a9c3-ee1d13e4dbce
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:14 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 17 Jun 2023 23:44:14 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=cc056d69-4011-49d4-a9c3-ee1d13e4dbce
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=C9FE2347-10FF-4ABA-8761-C084B8379398/gdpr=0/ Frame AE54 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=C9FE2347-10FF-4ABA-8761-C084B8379398/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.28.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-28-63.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.166
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame AE54 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
bpi.rtactivate.com/tag/ Frame AE54 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.156.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-156-95.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:14 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame 7DC3
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJgZE_n34Tg0THm9Kxs9gh8&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJgZE_n34Tg0THm9Kxs9gh8&google_cver=1
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3828859388
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:14 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJgZE_n34Tg0THm9Kxs9gh8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=C9FE2347-10FF-4ABA-8761-C084B8379398/gdpr=0/ Frame 7DC3 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=C9FE2347-10FF-4ABA-8761-C084B8379398/gdpr=0/gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.28.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-28-63.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.47.6
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 7DC3 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
bpi.rtactivate.com/tag/ Frame 7DC3 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.156.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-156-95.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:14 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 62C7 		0
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=C9FE2347-10FF-4ABA-8761-C084B8379398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 17 Jun 2023 23:44:13 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
setuid
u.4dex.io/ Frame 8964
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26us_privacy%3D1---%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&us_privacy=1---&uid=6163557896886539984
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&us_privacy=1---&uid=6163557896886539984
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.4dex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:14 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Sat, 17 Jun 2023 23:44:14 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
136956e7-8625-44d8-b302-976f4a3d7e32
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=appnexus&us_privacy=1---&uid=6163557896886539984
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=TRIPLELIFT1&ol=600688035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BQToISVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-ltsW7OXurwpsfw%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57M19aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&id=1&ii=4&f=0&j=&t=1687045448920&de=493892093721&cu=1687045448920&m=5646&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6114&le=1&lf=785&lg=1&lh=369&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A884%3A884%3A3381%3A845&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5428&cd=67&ah=5428&am=67&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11453%3A216274%3Aundefined%3A10&bo=5989&bd=simpleflying.com&gw=triplelift879988051105&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=711&zMoatTactic=undefined&zMoatPixelParams=aid%3A18788414406413937260552%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&jm=1&tc=0&fs=203695&na=1127149935&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.156.48 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-156-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 17 Jun 2023 23:44:14 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame AEDC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160060&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 22:00:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
contextual.media.net/ Frame CF4A 		61 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3300470441523937000V10&type=pba&refUrl=&vid=70454514443300470441523937000V10&ovsid=C9FE2347-10FF-4ABA-8761-C084B8379398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3300470441523937000V10%26type%3Dpba%26refUrl%3D%26vid%3D70454514443300470441523937000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
61
content-type
image/gif
date
Sat, 17 Jun 2023 23:44:14 GMT
expires
Sat, 17 Jun 2023 23:44:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
eligible
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwHYCkAmAwgVgByZYYBsAZAgPYQBOAxgKZKgKkQCOSAjOfQOYC29KHDAwQyUrWD8ADsBi9YILnhTE13YLyFwkAKxb8KIRgAZSAd3oAjBPHpikOZwGZSANxh24jzsVWmACw4wRiBQYEkpCaeDL4oKC4YLsSczniReDgoWaRy2p70Fr48bBBCccputAA2MDo+gghw0jJc-ihBIdk4nHiSdTrAMjDu9NR2FFBILbxuMTAMSCDkFABmIo4YAEoAspy8ACLWMAAaADK8bABiACoAoqYAUhQI-LcIABLEAOIA0oFSAALYDUcBbPYkc6fagALwAihRaLsAB4AQQgpwA8ms2LtqPwoE8sTAgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwBYBMBSNBhArARi2wDYUAyBAewgCcBjAUyVATIgEcl8KGBzAWwZQ4YGCGRk6wfgAdgMXrBBcAHAHZiGgMxlgvIXCQArVv0ogmABjIB3BgCME8BmKS53OgG4wncV-mJ1SxRcELQUYPRiMgtvRn81NS00LWJ8dxV0FVw1bLI5fW8GG38edggheOVyOgAbGAM-QQQ4aRkuQLVg0JzcNDRJeoNgGRhPBhonSigkVt4dWJhGJBAKSgAzEVc0ACUAWXxeABF7GAANABledgAxABUAUUsAKUoEfjuEAAliAHEAaXIAAtgDRwNt9mhiBcvjQAF4ARUodD2AA8AIIQM4AeXW7D2NH4UGe2JgQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwBYDsBSATAYQKwAM2OAbAMwBkCA9hAE4DGApkqAhRAI5ICMVTAcwC2TKHDAwQyCg2BCADsBgDYIJFgI8CADjJ4KwAaLhIAVuyHUQLAhQDuTAEYJ4TSUjyfKANxgu47jwk2mgEKHjhWChhKFgkFNa+zIFoaGRYZCQ8ntqx2nho+RSKRr5MdoH8nBCiyWr6DAA2MMYBIghwcvK8waHh4Wh4WA3NxsDyMN5MdC7UUEidApSJMMxIIFTUAGbi7lgASgCyPAIAIo4wABoAMgKcAGIAKgCiBABS1AhCjwgAEiQAcQA0igKAALYB0cB7I5xa6-OgALwAitQGIcAB4AQQglwA8ltOIc6EIoG88TAgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
video
ssp.wknd.ai/acuity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.wknd.ai/acuity/video
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://simpleflying.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,authorization
access-control-allow-methods
OPTIONS,POST,GET
access-control-allow-origin
https://simpleflying.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 17 Jun 2023 23:44:17 GMT
server
istio-envoy
via
1.1 google
banner
ssp.wknd.ai/acuity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.wknd.ai/acuity/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://simpleflying.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,authorization
access-control-allow-methods
OPTIONS,POST,GET
access-control-allow-origin
https://simpleflying.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 17 Jun 2023 23:44:17 GMT
server
istio-envoy
via
1.1 google
publishertag.js
static.criteo.net/js/ld/ 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-1f8af"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 23:44:17 GMT
cygnus
as-sec.casalemedia.com/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1687045457625&s=847529&r=%7B%22id%22%3A%221687045457%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22banner%22%3A%7B%22w%22%3A1920%2C%22h%22%3A480%7D%7D%2C%7B%22id%22%3A%223%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%2C%22domain%22%3A%22simpleflying.com%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22simpleflying.com%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%22%2C%22ip%22%3A%2238.132.118.71%22%2C%22js%22%3A1%2C%22language%22%3A%22EN%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5553%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225553%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565a39dbfa33304dbaa59c3ef78ffd52da093eaf27f3fa192910681b056c8e1c

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn4AN9cL7LA%2Bz%2FGXwEWhZq3xOSLf%2B541KdvXMvdXcrfdnM%2BQI%2BBxXWS1l%2FtJ9zbpQHA40WM7w%2Bw%2FhLmBw%2BVvy0AnoBjQc8%2FnRRO%2F5kjq82aq5lMTQBLcVM01KGtjVWrypqK0UmzEA5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28decc13da17-MIA
alt-svc
h3=":443"; ma=86400
expires
0
cygnus
as-sec.casalemedia.com/ 		534 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1687045457626&s=847529&r=%7B%22id%22%3A%221687045457%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A4%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%2C%22domain%22%3A%22simpleflying.com%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22simpleflying.com%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%22%2C%22ip%22%3A%2238.132.118.71%22%2C%22js%22%3A1%2C%22language%22%3A%22EN%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5553%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225553%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4cf460b50db7f80b87c471b092c210d35308e7830b1316a12742a078d9346e4

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gDj%2Bs9wwldoHJotiYouWOoUmqMvJg6QWAOGvvFHS%2BQMePzVA%2B4YUfEUlKwdSfgrlrDq%2FN09JEMs6oMRbJr5oe4Pz6Gd4WyEucX3Zrz5ArSWNwGu2bnt1GrIiEKlz5y%2FpEkJ52fGm4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28decc14da17-MIA
alt-svc
h3=":443"; ma=86400
expires
0
cygnus
as-sec.casalemedia.com/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1687045457628&s=847529&r=%7B%22id%22%3A%221687045457%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A550%7D%7D%2C%7B%22id%22%3A%226%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%2C%22domain%22%3A%22simpleflying.com%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22simpleflying.com%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%22%2C%22ip%22%3A%2238.132.118.71%22%2C%22js%22%3A1%2C%22language%22%3A%22EN%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5553%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225553%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee5dd2f2ea09360721b85b23cbde97fc9d61224f2ada771cc19129f0f8b6359

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD8sMvndhNyl1N5p80nh1mQ9Id8jyxYzpxlv0g9FPMgXvRiV1JikLd%2FwKMpQrPQRkzHY7BmsLhi7fcEr6C9QyoKXrUBhEncwLD5mur%2FLeYUTlegLpR%2F1KlVLp8w5vZKJ5yvkqJZPoJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28decc15da17-MIA
alt-svc
h3=":443"; ma=86400
expires
0
cygnus
as-sec.casalemedia.com/ 		534 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1687045457628&s=847529&r=%7B%22id%22%3A%221687045457%22%2C%22imp%22%3A%5B%7B%22id%22%3A%225%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A4%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%2C%22domain%22%3A%22simpleflying.com%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22simpleflying.com%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%22%2C%22ip%22%3A%2238.132.118.71%22%2C%22js%22%3A1%2C%22language%22%3A%22EN%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5553%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225553%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca9c2e422507f88e194e05ddfeb3397aec8b859b85499ec3bfd643fc69c52e5c

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4USwOSdNYZUlTiESBelRDqNDI6Dh6kk5jk72gpdrrRZM1dDXP%2BFfzVvEEo0EruTnqvtJO2jdDvEenzn%2B97limNRSNSJ9MJ6Z%2B%2FDKrYfEEITyfdtFKoydBS2Q1XlMbqCseZXT0mE3utA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28decc16da17-MIA
alt-svc
h3=":443"; ma=86400
expires
0
cygnus
as-sec.casalemedia.com/ 		32 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1687045457629&s=847529&r=%7B%22id%22%3A%221687045457%22%2C%22imp%22%3A%5B%7B%22id%22%3A%227%22%2C%22banner%22%3A%7B%22w%22%3A720%2C%22h%22%3A480%7D%7D%2C%7B%22id%22%3A%229%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%2C%22domain%22%3A%22simpleflying.com%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22simpleflying.com%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%22%2C%22ip%22%3A%2238.132.118.71%22%2C%22js%22%3A1%2C%22language%22%3A%22EN%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5553%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225553%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d9bd49e56900fa936158ab993b4f75aabcf983166385f54832772612c4dd44

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGXaK5z2cIilwU1HAe6gFLnBpD%2BwMgEN3fF4LlWEhfyCUKIrVF2XQG4OrKy4RebgmUWpHMD%2FsMH9BwqB5Zw%2BE%2FYOs%2FkV7blFyPTx0fX1KiQXPWNiWmjswJAz10OXWHP%2BEKRN7Sve5sI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28decc19da17-MIA
alt-svc
h3=":443"; ma=86400
expires
0
cygnus
as-sec.casalemedia.com/ 		534 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1687045457630&s=847529&r=%7B%22id%22%3A%221687045457%22%2C%22imp%22%3A%5B%7B%22id%22%3A%228%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%2C%22domain%22%3A%22simpleflying.com%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22simpleflying.com%22%2C%22name%22%3A%22Valnet%20%7C%20Simple%20Flying%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%22%2C%22ip%22%3A%2238.132.118.71%22%2C%22js%22%3A1%2C%22language%22%3A%22EN%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5553%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225553%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401c3e134c71ce4b4d5aa3cd1827f689e273b7f2141fbb1d37d718eeb64450b3

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CWuTE3uSp4OoOq7TmJ3wkOWnD5rYqfIXJZmMdZmFiFgrGoFKLC4OUVk8oY26%2FSnZeIovO6yF7A5IblVFHvmeXhc5xC8J48L6tu%2F98abhlrrRth5Jt%2F0whnJ847mm70vYPPxRPbHVmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://simpleflying.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d8f28decc1cda17-MIA
alt-svc
h3=":443"; ma=86400
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1107598c5792c7b132af234ca42eff9e284b4765e66bfbc56ad4e3f4a3472403

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ad_page
ssp.behave.com/ 		20 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.behave.com/ad_page
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sat, 17 Jun 2023 23:44:17 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simpleflying.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
video
ssp.wknd.ai/acuity/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wknd.ai/acuity/video
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
x-envoy-upstream-service-time
22
access-control-allow-credentials
true
server
istio-envoy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
banner
ssp.wknd.ai/acuity/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wknd.ai/acuity/banner
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://simpleflying.com
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
x-envoy-upstream-service-time
15
access-control-allow-credentials
true
server
istio-envoy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8AjAzgdwGSkrMB9ZAlhDLgQCbwCMArAMwBM6YMAjgK4zIS4QEC2nCCD7AqANgAcAdgAMAFmoKpY2lPTIA9mzABjGPBBlk6mAHMBUbuWTx0O4aAKmo5KtLHLK6EKZiX4AFbGfBpk+jLoqDAoRDCu1Am06ABuBIS8FJSSsgoK9HLycvRi6GGpeq6UUlIMtGI01BJFEtRSLZg+MKkwqJUm7H4VFCU6ADYEfhC8AlwO4tLyiq3KEnbjkyDABMlwhBpQ8EKmSWUEevBk6hoAZlYU9ABKALKUpgAiiAQAGgAypiwAMQAKgBRGQAKQ0yD4QOQAAkxABxADScnQAAtwGRSPdnsUfnCwAAvACKGh0TwAHgBBNhfADy1xYTzAfCg4PpBCAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCclA7AEwDMNaYMAjgK4x4Q4QEpuEECmDwAjADYAHDQAMAFgCsympIZ00eAPYcwAYxjwQZPFpgBzQVF7k88NPpGgCFqOQmzJa8WhAWYG3gAKzMUbTIjOTQAdxgkQmIPJRSGNAA3AkSPKVlFFSU6BUUFOkk0SMzDHJoaDQZJcRTpUuklGjaMfxhMmBic805A6opmfQAbAkCIfkEeZwkZeWVVDvKJqZsQYAJ0uEJtKHhhCzTKgkN4Mi1tADNbCjoAJQBZcQsAESQCAA0AGQsbAAYgAVACicgAUto8CgQXgABKSADiAGkFGgABbgMikR6vMp-BFgABeAEVtPoXgAPACCHB+AHlbmwXmAUFBIYyCEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCclA7AEwDMNaYMAjgK4x4Q4QEpuEECmDwAjADYAHDQAMAFgCsympIaS0eAPYcwAYxjwQZPFpgBzQVF7k88NPpGgCFqOXh054udIZK0EAsYG3gAKzMUbTIjOTQAdxgkQmIPJXSGNAA3AhSPKVlFFSU6BUUFOk0YnMN8mhoGRklxdOkK6SUaDowgmByYePzzThDaimlHABsCEIh+QR5nCRl5ZVUOzX1p2ZBgAiy4Qm0oeGELTOqCQ3gyLW0AM1sKOgAlAFlxCwARJAIADQAMhY2AAxAAqAFE5AApbR4FBgvAACUkAHEANIKNAAC3AZFIz3elQBSLAAC8AIrafRvAAeAEEOH8APL3NhvMAoKDQ5kEIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCclA7AEwDMNaYMAjgK4x4Q4QEpuEECmDwAjADYAHDQAMAFgCsympIYK0eAPYcwAYxjwQZPFpgBzQVF7k88NPpGgCFqOQmzJahmhAWYG3gAKzMUbTIjOTQAdxgkQmIPJRTfADcCRI8pWUUVJToFRQU6STRIjMNsmhoGRklxFOkS6SUaVox-GAyYGOzzTkCqikpHABsCQIh+QR5nCRl5ZVVpSTpxyZsQYAI0uEJtKHhhC18KgkN4Mi1tADNbCjoAJQBZcQsAESQCAA0AGQsbAAYgAVACicgAUto8CgQXgABKSADiAGlNAALcBkUiPV6lP4IsAALwAitp9C8AB4AQQ4PwA8rc2C8wCgoJCGQQgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvARgBwHYBs+GAZCgKYQA2A9gJ5inwAuaYIAzowBakgpEBOpAI4BXUh1IpEvRCPjRGbNADdUpKiR4Vk6AKwYMAJgAMhgMx4AkgA1zxzSG3xwpNADkAgkQj9owVwCcAHQWxmFEICLAjNBUSPAiYABGpPyYEVJyCjpouljeIPyM8Klo0PBkAB4FRSX8iGwKpDlYACw4uoYBAsJiHIgx9BzgEJh4uMatulP4hnhEbFQi-P5ovGwLpLD0TDpKRKCQMAiomLgEeMQgsAzMAFYbYFRkaPYA7qRJjYykp7r-ZiIqm+pww4xwk2mnVak1ac00qn8oJwODM5ku-zahiwuhwOIKN1UpDeoM2ogYSPQGHswAo0Fug3EjBGYwmUxmuF0BzptxAEGgylSjTiaGZsEBZERrj4iwAZowcoYAEoAWQwsAAIkloNYADKwIQAMQAKgBRYwAKSobDAxrYAAk8ABxADSrSInEKUlOypVc119v4AC8AIpUYAqyoeETWADysqEKv4YHgFtj0CAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8IDGBXAlhAngMlJWYA+gM4YyFoAm8AcgILZgwCOKMxEhEaAtuxCB7B4ARgBsADgDsABgAsAVkVSxAZgCc2YgHsUYJDESViWmAHM+UTlWLxsSQaDRmoVeACYZImRNULsIGYwVvAAViY82pSGMtgA7jAARqQQMG4KGarYAG5oKW7i0vJKCu5y8nLuYtjRuQYFUlKq7qpiIhkSlRIKUt24gTC5MHEFpqzB9dQiIvYANmjBENx8HI6ikrKKytIScwtWIMBo2XCk2lDwAmZZtWgG8JRa2gBm1tTuAEoAsiJmACKJNAADQAMmZmAAxAAqAFEZAApbTEHhQ4gACTEAHEANJybAAC3AlAo72+VRBaLAAC8AIraJBfAAedBQQIA8s9mF8wDwoPC2WggA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCclA7AEwDMNaYMAjgK4x4Q4QEpuEECmDwAjADYAHDQAMAFgCsympIYM0AYxGgCAcyikK42ZLWayMYABsA9gE9BUCPAJQAZjBhkW7Ljw+OCBkOBxQRHhUcnIAHpIxaFYgNsbwCZR0coxKAAoAqgBC4iVJMCk4UCIw8AByAIIYYARaNeJyAHRKCYkgHFr8dkZQHChIcBJoIWERvOTpCmh4dhxgrfAheEsw+s5zZFHauiAGESZmFlP6MC7wAFZbKHZW8HJoAO4wSITE80r-mgAbgQfvMpLJFColHQFIoFHRJGVga0wTQaAxGJJxP9pPDpEoaPiMCBrsCYO8wdtODcUSY6NobAQbhB+IIeLoJDJ5MpVNIiVpGcyQMACIC4IQhvBhPpLDBkTVfMsPPt4HQAEoAWXE+gAIkgCAANAAy+jYADEACoAUTkACk7HgUBa8AAJSQAcQA0osABbgULzdUahFGl1gABeAEU7FoNbF6hwDQB5DxsDVgFBQW1JghAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8IDGBXAlhAngMlJWYA+gM4YyFoAm8AcgILZgwCOKMxEhEaAtuxCB7B4ARgBsADgDsABgAsAVkVSxAZgCc2YgHsUYJDESViWmAHM+UTlWLxsSQaDRmoVeACYZImRNULsIGYwVvAAViY82pSGMtgA7jAARqQQMG4KGarYAG5oKW7i0vJKCu5y8nLuYtjRuQYFUlKq7qpiIhkSlRIKUt24gTC5MHEFpqzB9dQiWUgANmjBENx8HI6ikrKKyhLS9vOLIMBo2XCk2lDwAmZZtWgG8JRa2gBm1tTuAEoAsiJmACKJNAADQAMmZmAAxAAqAFEZAApbTEHhQ4gACTEAHEANJybAAC3AlAo72+VRBaLAAC8AIraJBfAAedBQQIA8s9mF8wDwoPC2WggA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvAJgAwEYsA4BmAVgDIUBTCAGwHsBPMC+AFzVoDcKAnake0twoBHAK4UAziwopEIWaPjQWEtB1QVa5CiGrJ0xHDmwZCANgCSADVNZtuxPHAU0AOQCCpCN2jAXATgA6cyxQ0hBRYBZoWiR4UTAAIx40HHCFJRZ9NGI7KG4WeBToeEoADy8QAqLuRAllCmz8ABYAdmIMf0ERcSlEaKYpcAhUs3xWrGbiKdazQjsJWlFuPzR5CVIJClgmVn1VUlBIGARUTFwCEnDYZjYAKw2wWko0OwB3CkT66TPiP8JSOpvmccGMJlMphhmpNmhgzNp1H4Qa1WoRTGYcH8Whh8MRWrjKjd1BQ3iDNj1mEj0DhmodqNBbgNJCxhqNxpNpnj8PgusB6bcQBBoFxuPVYmgWbAAZRES4UJtaAAzLJnDAAJQAsjhYAARRLQKwAGVgwgAYgAVACiWAAUrQJGBzRIABJmADiAGlaQALKqyVWauGG53cABeAEVaMANWV3KIrAB5RXCDXcMDwG0J6BAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCclA7AEwDMNaYMAjgK4x4Q4QEpuEECmDwAjADYAHDQAMAFgCsympIbi0eAPYcwAYxjwQZPFpgBzQVF7k88NPpGgCFqOQmzJazSAswbeAArMxRtMiM5NAB3GCRCYg8lZIY0ADcCBI8pWUUVJToFRQU6STQIjMNsmhoGRklxZOkS6SUaVow-GAyYaOzzTgCqikbHABsCAIh+QR5nCRl5ZVVpSk19CamQYAI0uEJtKHhhC1SKgkN4Mi1tADNbCjoAJQBZcQsAESQCAA0AGQsbAAYgAVACicgAUto8CgQXgABKSADiAGkFGgABbgMikR6vUp-BFgABeAEVtPoXgAPACCHB+AHlbmwXmAUFBIYyCEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvARgBwHYBs+AzAGQoCmEANgPYCeYZ8ALmtPAGZlkrEBOZARwCuZAM5NuiECkRD40JqLQA3VGWqkyISsnQBWDBgBMABiOE8ASQAa5k5u2J44MmgByAQWIRe0YK4BOADoLEzDiECFgJmhqJHghMAAjMl5MCJk5BV00A28QXiZ4VNZ4cgAPfMLi3kRRBTIcrAAWHD0jAL5BEXFEGIZxcAhMPFwTZr0J-CMsYlFqIV5-NGlRObJYBmZdJWJQSBgEVExcAjwSEFhGFgArNbBqcjR7AHcyJPqJY70fklVP44YUY4caTdrNcbNIx4TSqfyAnA4QjmPAYH4tGZ6HBYPT5K6qMgvQHrYSMeHoIF7SjQa79MRMIYjMYTKZYAJGKk05ggCDQZSpepxNAM2Akchw1w8ebsJg5IwAJQAshhYAARJLQawAGVgAgAYgAVACiJgAUtRRGADaIABJ4ADiAGlmsQABYFGTHBWK6Fam28ABeAEVqMBFeUPEJrAB5dgCRW8MDwU3R6BAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvARgBwHYBs+AzAGQoCmEANgPYCeYZ8ALmtPAGZlkrEBOZARwCuZAM5NuiECkRD40JqLQBOAAyqAHnnWkyISsnQBWDBgBMhACwBJABqEd5fYnjgyaAHIBBYhF7RgdwxCADp1cOIQIWAmaGokeCEwACMyXkxImTkFQzQ8S18QXiZ4NNZ4cg1C4tLeRFEFMlysSxwjM2U+QRFxRFiGcXAITDxcVUsjCfwzLGJRaiFeQLRpUTmyWAZmQyViUEgYBFRMXAI8EhBYRhYAKzWwanI0VWIAdzJkholjo1+SADdoF9jhhRjhxpN2pZxpYzHhdIDAiCcDhCBY8Bhfi0ZkYcFgjIUroCyK8QethIwkegMDg9pRoNd+mImEMRmMJlM1C9gPTriAINB-mkGvE0CzYCRyIj3Dx5uwmLkzAAlACyGFgABFktBbAAZWACABiABUAKKqABS1FEYGNogAEngAOIAaQKAAsijJjsqVXDdfbeAAvACK1GAKo0XiEtgA8uwBCreGB4BbY9AgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCclA7AEwDMNaYMAjgK4x4Q4QEpuEECmDwAjADYAHDQAMAFgCsympIZK0eAPYcwAYxjwQZPFpgBzQVF7k88NPpGgCFqOXh054udI1oQCxgbeAArMxRtMiM5NAB3GCRCYg8lNIY0ADcCZI8pWUUVJToFRQU6STRo7MM8mhoGRklxNOly6SUaDoxAmGyYOLzzTmDainFpRwAbAmCIfkEeZwkZeWVVSjlNfRm5kGACTLhCbSh4YQsM6oJDeDItbQAzWwo6ACUAWXELABEkAgAGgAZCxsABiABUAKJyABS2jwKAheAAEpIAOIAaQUaAAFuAyKRXp8KkCUWAAF4ARW0+g+AA8AIIcAEAeUebA+YBQUFhrIIQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 491E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=simpleflying.com&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 23:44:17 GMT
server
Kestrel
server-processing-duration-in-ticks
605006
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=58599192570
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Jun 2023 23:44:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
cdb
bidder.criteo.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=95223064382
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=80815003785
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=58923810589
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=50268538565
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=12869752313
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Jun 2023 23:44:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=78947286950
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=62097274576
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvARgBwHYBs+GAZCgKYQA2A9gJ5inwAuaYIAzowBakgpEBOpAI4BXUh1IpEvRCPjRGbTAE4ATAAYAHgBYs6kjwrJ0AVlUbVAZjwBJABp51ygyCPxwpNADkAgkQj80MCeGJYAdOqRkUQgIsCM0FRI8CJgAEak-JgxUnIKxmg4-iD8jPCZaNDwZJrFpeX8iGwKpAVY2jhmzoKi4oyICfQc4BCYeLjq2iZT+KomRGxUIvzBaLxsC6Sw9EzGSkSgkDAIqJi4BHjEILAMzABWG2BUZGj6AO6kac2MpKcm-5YiAA3aDfU4YcY4SbTMzaSbaVR4Awg4LgnA4SxWS7-dqqLAmHD44o3EGkN7gza9eCo9AYZzACjQW6DPojMYTKYzZSWeYMplMEAQaBAzLNJJoRjXQFkFGePiLABm-VOqgASgBZDCwAAiaWgdgAMrAhAAxAAqAFF1AApKhsMBmtgACTwAHEANLaIicEpSFUaxEGp38ABeAEUqMB1ZofCI7AB5BVCdX8MDwa3x6BAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvAJgAwEYsA4BmAVgDIUBTCAGwHsBPMC+AFzVoDcKAnake0twoBHAK4UAziwopEIWaPjQWEtAE4sWAB4A2TeQohqydMRw4MhACwBJABqF9lI4njgKaAHIBBUhG7QwB44hAB0mhGkIKLALNC0SPCiYABGPGg4UQpKLCZoOoR+INws8OnQ8JRaRSVl3IgSyhR5+FYA7MQYaoIi4lKIcUxS4BAZOvhtWFbE0206XaQStKLcQWjyEosUsEysJqqkoJAwCKiYuAQkUbDMbABWm2C0lGhYpADuFCmN0mfE-4UONAfmccONJtNphgrFMrBgdAYgUFQW02oRLDocP9Whh8MQ2niijcgRR3qCtmJmMj0NhDtRoLdBpIWCMxhMpjN8Wo9HSGawQBBoFxuI0EmgWbBCpQkR4UItaAAzXJnDAAJQAsjhYAARFLQOwAGVgwgAYgAVACiWAAUrQJGAzRIABI6ADiAGkrKQABbFWQqjXwg1O7gALwAirRgOqtN5RHYAPIK4Tq7hgeDWhPQIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sid
mug.criteo.com/ Frame 491E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=simpleflying.com&sn=ChromeSyncframe&so=3&topUrl=simpleflying.com&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk...
  • https://mug.criteo.com/sid?cpp=PpKqpXxJclYrQjFxUzJNRGxzMHVTOUs1NVpZbG1PRXR3czlaUi9NZXdUMFNubW4zeGFudE9wQ3EvbzZMY3JJd3VtTWV6SHRxZzZ5YTVScmxpbW16SjNaU25jT2w4dDBET3gwRVVRRjNKU3NzZWdoQVFKUitSN2xlL2tjWW...
465 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PpKqpXxJclYrQjFxUzJNRGxzMHVTOUs1NVpZbG1PRXR3czlaUi9NZXdUMFNubW4zeGFudE9wQ3EvbzZMY3JJd3VtTWV6SHRxZzZ5YTVScmxpbW16SjNaU25jT2w4dDBET3gwRVVRRjNKU3NzZWdoQVFKUitSN2xlL2tjWWlkZ3VsZUI0U29ibGw1VDRrUmdhMjQzUktUbDI3MzJaQ0RMaFNCSWM0R1l2S2xxaFVJb3BjZ05uZkQ1SU1BNHpHNGpENENVUERQTWk2R1p6RFhDYjVIWjNmdG51NDk3dExxOUVFRUhURG5LVUdNWFA0M2hLcGFIbDNUVXI0MzZOdnlMQ1NlSExZNFhOYngyUTVhaGw5RVYweUFpcHoySk9Sb2oxb0JZVExGaHFhS0Q5cWVEOD18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9494f3ddb3cc020eb9ee748f06389ada510e2473ec6b92addc3ae61f7f1b853f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1269146
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=PpKqpXxJclYrQjFxUzJNRGxzMHVTOUs1NVpZbG1PRXR3czlaUi9NZXdUMFNubW4zeGFudE9wQ3EvbzZMY3JJd3VtTWV6SHRxZzZ5YTVScmxpbW16SjNaU25jT2w4dDBET3gwRVVRRjNKU3NzZWdoQVFKUitSN2xlL2tjWWlkZ3VsZUI0U29ibGw1VDRrUmdhMjQzUktUbDI3MzJaQ0RMaFNCSWM0R1l2S2xxaFVJb3BjZ05uZkQ1SU1BNHpHNGpENENVUERQTWk2R1p6RFhDYjVIWjNmdG51NDk3dExxOUVFRUhURG5LVUdNWFA0M2hLcGFIbDNUVXI0MzZOdnlMQ1NlSExZNFhOYngyUTVhaGw5RVYweUFpcHoySk9Sb2oxb0JZVExGaHFhS0Q5cWVEOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
504948
content-length
0
expires
0
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 11 Jun 2024 23:44:18 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:44:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 11 Jun 2024 23:44:18 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8PiCIQAFjBAUsYGAEdaMcTAoEZBemiLwAnAHYADAA8ATAFYjcxcvEEIKAeJB9g8AIwA2ABzGALBaBBl4AzD44qIgw8AByAILs0pzkVAlYILSIjhhQBFC0fABGcJ4Z6toQqfBmXlhEGLRg0fAyRPUwAOYCQqm6WIiuoCidUJSefl4hHhmdgsIAVu18GIzw1tQwRSTo4xb7oVgAbig7495+RoGBZv5X-rVJJ9HnBgahZqFeHvs+Dz4WAwAnAgOYnGDUc4dJSCF5UMwzRCcFDzRzOCBDTy+AJBCw+H7WJEooQgYAoI5wEi5eAYzqHRjPGKyBoAMyq4zMACUALIeToAESKKAAGgAZToKABiABUAKJGABSGCIfGlRAAEl4AOIAaX8WAk4HUHJ5tVF6rAAC8AIoYRDckzxWjCgDyLIU3LAfCgCpdKCAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:18 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8PiCIQAFjBAUsYGAEdaMcTAoEZBemiLwAbpUxzFy8QQgoB4kH2DwAjADYAHAHYADABYArD9eOAZmccVEQYeAA5AEF2aU5yKmisEFpECwwoAihaPgAjOAdk9W0IBPhvYKIMWjAw+BkiLCIYAHMBIQTdLEQbUBQWqEoHN0d-e2SWwWEAK0a+DEZ4dyxqGFySdCHvbYCsAw2hpzcvX28AJk8vTzPHWIMww9dXALOAx3tt52vnb1cfnBAkwMMGohyaJkEDyoZzO3U4KCmFisEF6DhcHh8PmcH12iHhUxAwBQejgJAy8BRLV2jHu4VkVQAZqUhmcAEoAWXsLQAIrkUAANAAyLQUADEACoAUXcACkMEQ+OKiAAJRwAcQA0p4sBJwOoWRyboLlWAAF4ARQwiHZAA8orR+QB5BkKdlgPhQGWOlBAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:18 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8DADc4nEDyxgYAR1owi6CgRCr6aIvFGVMM+YuUEIKAcpB9g8AIwA2ABwB2AAwAWAKyendgMwOcVEQYeAA5AEF2GBBOcioIrBBaRFMMKAIoWj4AIzhbRI0oNDj4DxcsIgxaMGD4dSIKmABzASE47SxES1AUJqKqACYXGxcHXw9EpsFhACsGvgxGeHLqGGySdEpSjw9fLF0Nrftndy8PAbd3NwG7KN1go6cnXwHfOxsdh2uHDycfnBAU10MGoR0aCkED0Ge0QnBQ01M5gg3Vsjlcnk8Dg+bk6cOmIGAKHEYBIaXgyKae0Y9xCFAqGAAZhASgMAEoAWRsTQAItkUAANAAyTTkADEACoAURcACkMEQ+OKiAAJOwAcQA0jiABbgVRbNnsm6C5VgABeAEUMIh2QAPcK0fkAeQZcnZYD4UBlTpQQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:18 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8DADc4nEDyxgYAR1owi6CgRCr6aIvADsAJgAMADwAsADgMz5i5QQgoBykH2DwAjADYzOgyYCs-joeAMxmOKiIMPAAcgCC7DAgnORUcVggtIj2GFAEULR8AEZw7ukaUGgp8CY6WEQYtGCR8OpEdTAA5gJCKdpYiM6gKB0VVIZuBmbBfukdgsIAVm18GIzwltQwhSTolPB+B8FYoig7e57evgF+eia+JnoeCSeR5zo6wXrBHm4HZg9mPw6QE4EBzE4wajndoKQSvMYmfqcFDzeyOCCDdxeHz+fxmX5PRDI+YgYAocRgEg5eAYjpHRgvKIUOoYABmECqegASgBZNwdAAihRQAA0ADIdOQAMQAKgBRAwAKQwRD4MqIAAkPABxADSiIAFuBVHtuTzHmKNWAAF4ARQwiB5RlitBFAHlWXIeWA+FBFW6UEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:18 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8VgDMYMCljAwAjrRhF0FAiBX00ReAE4ADLoAeAViO7pchUoIQUApSD7B4ARgBsADgDsugCxG-nq4AzO44qIgw8AByAILsMCCc5FSxWCC0iDYYUARQtHwARnAuaepQaMnwPgBMWEQYtGAR8GpEdTAA5gJCyVpYiA6gKB3lVM5eroFBaR2CwgBWbXwYjPBm1DAFJOiU8CZG0wBuKNu7bl6+-kbVPr41rvHHEWeenkHVQa7OJu417kaef44ECzY4wahndryQTPKjVIz9TgoOY2OwQQYuDzePx+dzfTyI5FCEDAFCHOAkbLwdEdaaMJ6RKT1UQQSrVABKAFlnB0ACIFFAADQAMh1ZAAxAAqAFFdAApDBEPiSogACVcAHEANI+LAAC3AKl2HM51VcwtVYAAXgBFDCITkGGK0QUAeVEsk5YD4UDlrpQQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:18 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Jun 2023 23:44:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8DADc4nEDyxgYAR1owi6CgRCr6aIvACcABj0APAGwGZ8xcoIQUA5SD7B4ARmMAOAOx6ALAFY-HsYAzG44qIgw8AByAILsMCCc5FSxWCC0iDYYUARQtHwARnAuaRpQaMnwwVhEGLRgEfDqRDUwAOYCQsnaWIgOoCht5VQATHrOem5BvmltgsIAVi18GIzweljUMAUk6JTwvodBWKIou-uunj7+viPePt4jxvGnERceHkEjQcbOh26PNy+DxAnAgOanGDUC6tBSCN6jZ6ITgoeY2OwQfoudxePx+Nx-HS9FHzEDAFDiMAkbLwTFtY6MV6RCg1DAAMwglRGACUALLONoAEQKKAAGgAZNpyABiABUAKJ6ABSGCIfFlRAAEsYAOIAaW8WAAFuBVPsebynuLNWAAF4ARQwiF5hhitFFAHk2XJeWA+FAlR6UEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:18 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Jun 2023 23:44:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8VgDMYMCljAwAjrRhF0FAiBX00ReADdKmaXIVKCEFAKUg+weAEYAbAA4A7AAYALAFZPTuwGYHOKiIMPAAcgCC7DAgnORUEVggtIimGFAEULR8AEZwtonqUGhx8B42WEQYtGDB8GpEFTAA5gJCcVpYiJagKE1FVDbOdj6+iU2CwgBWDXwYjPAuWNQw2STolKUeHqO6axv2zu5eHgBMbu5uJ3ZRusH7Tk6+J752NlsOlw4eTl84IOO6GDUfaNeSCO5UE5OTqcFATUzmCDdWyOVyeTwOeyLRCwiYgYAobRwEhpeBIpqjRi3EJSSqiCAlE4AJQAsjYmgARbIoAAaABkmrIAGIAFQAoi4AFIYIh8EVEAASdgA4gBpNxYAAW4BUG2ZLKufIVYAAXgBFDCIFkAD3CtB5AHlRLIWWA+FBJQ6UEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:18 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Jun 2023 23:44:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simpleflying.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8VgDMYMCljAwAjrRhF0FAiBX00ReAE4ADLoAeANn3S5CpQQgoBSkH2DwAjEYAcAdl0AWAKy-3RgDMrjioiDDwAHIAguwwIJzkVDFYILSI1hhQBFC0fABGcM6p6lBoSfBGXlhEGLRg4fBqRDUwAOYCQklaWIj2oChtZVROHkYBgaltgsIAVi18GIzwuljUMPkk6JTwPnuTAG4oWzsuHt5+PgBMXt5eV0ZxR+Gn7u6BV4FGTnuu964+dwAnAgaZHGDUU6teSCF5UK4hRCcFAzay2CD9ZxuTy+XyuFzaXrImYgYAoA5wEhZeAYtqTRjPCJSWqiCAVK4AJQAsk42gARfIoAAaABk2rIAGIAFQAoroAFIYIh8KVEAASRgA4gBpaoAC3AKh2nK5DxFarAAC8AIoYRBcgzRWhCgDyolkXLAfCg8pdKCAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:18 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_selected
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_selected?wklz=IYVwxgLglg9gdgfTiAtgIwKYCcC8BGAMjSgBMBnHAUgFYAhSgdnoCZmUMSpgEIBPABwyVWlAMwBBYc05l+AG2C8pwgMJT+wLBDjZlEqVDgkMAD2XM1rY-Ji92cCHsmsUwMhAAWGYCXOXp3nIIpE5S1KwADMyiAGwAkgAaMREAnH7qWFBgQiL6rHiiAHQRJSXprKCQsIjI6Lq54niqUj4IIHBQEMG+DVIMygwAIjSDBGQwIFjZOD5kBGDAKBpQAOYdJPgAHAwxO4TAKxgOOCBk2AQoMMY4EQQA7hhoZJ0YpDjUH6IEAG5Qz9AbPAxbYRAAs1HBzFBYNBzBiBGMv2ybzwDAYomiMTwH02sM21AY+IIGkOvwwdxRYwwAEcQEdkRtmCl5nIoEcINB2O5Fvx8MCGGCIdQUuFmCy2Q5gPwoN9sM94DgIAcvoishgcCQxjAAGZdN7MABKAFk8CtBsQEgAZFbUgBiABUAKIRABSMDIKHtZAAEjEAOIAaVBBA8mhI3RwhqNcMt3qwAC8AIowMBGkziEAJADy2upRqwKDgLqzUCAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:19 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
e0dd2acd3574679864cd76965aa5dce2.png
assets.bounceexchange.com/assets/uploads/clients/1682/ads/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/1682/ads/e0dd2acd3574679864cd76965aa5dce2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94c3631f006e651412da2380a5079c9168aec4a632ff17f03a23f6aa3cd7ee0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 13:57:06 GMT
age
35233
x-guploader-uploadid
ADPycdusn1G8gj-XrUc8ZANLtEgCX1YuE3fE1UuenL6wkKiduig9Y_IPT_mhVZexmlmv2FFixDcGJI82facEJ7C8DbFjoxsIlyqq
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3706
last-modified
Sat, 03 Aug 2019 00:30:55 GMT
server
UploadServer
etag
"e0dd2acd3574679864cd76965aa5dce2"
x-goog-generation
1564792255352236
x-goog-hash
crc32c=L9PGkw==, md5=4N0qzTV0Z5hkzXaWWqXc4g==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
3706
accept-ranges
bytes
content-type
image/png
bid_selected
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_selected?wklz=IYVwxgLglg9gdgfTiAtgIwKYCcC8BGAMjSgBMBnHAUgFYAhSgdnoCZmUMSpgEIBPABwyVWlAMwBBYc05l+AG2C8pwgMJT+wLBDjZlEqVDgkMAD2XM1rY-Ji92cCHsmtDAMwwdzl6RmByEpE5S1Hh4zKIALACSABqiAAzxXupYUGBCIvqseKIAdIkFyaygkLCIyOi6meJ4qlLAJAggcFAQASRBrABsEcoMACI0-QRkMCBY6TgNZARgwCgaUADmLST4ABwMXVuiBMBLGA44IGTYBCgwxjjxBADuGGhkrRikONTvuwBuUE-Qa3hdTbxCLUEHMCLAiLMLoEYzfdKvPAMBiicJdPDvdZQ9bUBg4ggaA7fDC3REjDAARxAhwRawSszkUEOEGg7DIEHm-HwgIYwNB1AAnNRmAKGUyHMB+FBPtgnvAcBylrs4WkMDgSCMYK42q9mAAlACyeCW-WIMQAMksKQAxAAqAFF4gApGBkFC2sgACS6AHEANIRAgAC00jV1huh5s9WAAXgBFGBgA0mcQgGIAeVcFINWBQcCd6agQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:19 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_selected
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_selected?wklz=IYVwxgLglg9gdgfTiAtgIwKYCcC8BGAMjSgBMBnHAUgFYAhSgdnoCZmUMSpgEIBPABwyVWlAMwBBYc05l+AG2C8pwgMJT+wLBDjZlEqVDgkMAD2XM1rY-Ji92cCHsmsYAN2wKlIi1OPA5CKROUtR4eMyiACwAkgAaogAMCeaWzPxYUGBCIvqseKIAdEnFKVKgkLCIyOi6OeJ4qmUkCCBwUBCBJMGsAGyiygwAIjSDBGQwIFhZOMDkBGDAKBpQAOZtJDjMCXgJAByi1ATAKxgOOCBk2AQoMMY4CQQA7hhoZO0YpDjU36IErlBvaAbPA9XYMBKRaiQ5iRCGRZg9AjGf5ZT54BgMUQRHp4b67eG7agMQkEDQnf4YR5osYYACOIFOqI2okIYDkUFOEGg7DIEEW-HwoPBkMhAE5qCz5uzOcB+FB3Fg3vAcHyVr9kZkMDgSGMYAAzDqfZgAJQAsngVoNiLEADIrWkAMQAKgBRBIAKRgZBQTrIAAkegBxADSkQIAAtNM0jWaETa-VgAF4ARRgYFNJnEIFiAHk9bTTVgUHB3TmoEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:19 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
f3e4aafd19cff480007de81efe7fd790.png
assets.bounceexchange.com/assets/uploads/clients/2045/creatives/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/2045/creatives/f3e4aafd19cff480007de81efe7fd790.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bcff976e7ce876d75d1abf21536efede75952bbbd184120aceacca6847ce680f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 12:34:04 GMT
age
40215
x-guploader-uploadid
ADPycdtxtxdsksuaIEdWvEM0LtaQKEkQ7oXELrXEmHQe1C7-MgnY3n5mWrkae89Ra8n6Q-2Q1XMrzeHsBJ7FKnYFcH6aIXUh8-_B
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4452
last-modified
Sat, 03 Aug 2019 00:33:08 GMT
server
UploadServer
etag
"f3e4aafd19cff480007de81efe7fd790"
x-goog-generation
1564792388924970
x-goog-hash
crc32c=rq2lKg==, md5=8+Sq/RnP9IAAfege/n/XkA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
4452
accept-ranges
bytes
content-type
image/png
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=TRIPLELIFT1&ol=600688035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BQToISVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-ltsW7OXurwpsfw%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57M19aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fsimpleflying.com%2Ftwo-united-airlines-employees-charging-stealing-marijuana-passenger-luggage%2F&id=1&ii=4&f=0&j=&t=1687045448920&de=493892093721&cu=1687045448920&m=15319&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6114&le=1&lf=785&lg=1&lh=369&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A884%3A884%3A3381%3A845&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15101&cd=5428&ah=15101&am=5428&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=11453%3A216274%3Aundefined%3A10&bo=5989&bd=simpleflying.com&gw=triplelift879988051105&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=711&zMoatTactic=undefined&zMoatPixelParams=aid%3A18788414406413937260552%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&jm=1&tc=0&fs=203695&na=618459631&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.156.48 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-156-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2023 23:44:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 17 Jun 2023 23:44:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c3.a-mo.net
URL
https://c3.a-mo.net/b?gdpr=0&gdpr_consent=undefined&us_privacy=1---&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D

Verdicts & Comments Add Verdict or Comment

557 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 boolean| credentialless object| onbeforetoggle object| onscrollend boolean| isInternalTraffic string| VALNET_GLOBAL_FBAPPID string| VALNET_GLOBAL_GOOGLEANALYTICSPROPERTYID string| VALNET_GLOBAL_POSTID string| VALNET_GLOBAL_AUTHOR string| VALNET_GLOBAL_CHANNEL string| VALNET_GLOBAL_VIEW string| VALNET_GLOBAL_EXACTVIEW string| VALNET_GLOBAL_ISPREMIUM string| VALNET_GLOBAL_ENVIRONMENT string| VALNET_GLOBAL_POSTTYPE string| VALNET_GLOBAL_JREDITOR string| VALNET_GLOBAL_SREDITOR string| VALNET_GLOBAL_NUMBERPERPAGE string| VALNET_GLOBAL_ISENGAGEMENTTEST string| VALNET_GLOBAL_DETECTEDDEVICE string| VALNET_GLOBAL_IPADDRESS string| VALNET_GLOBAL_BROWSERUSERAGENT string| VALNET_GLOBAL_LENGTH string| VALNET_GLOBAL_DATEPUBLISHED string| VALNET_GLOBAL_EDITOR string| VALNET_GLOBAL_POSTPAYMENTCATEGORY string| VALNET_GLOBAL_CATEGORY string| VALNET_GLOBAL_TAGS string| VALNET_GLOBAL_ISFACEBOOKBROWSER string| VALNET_GLOBAL_ADS string| VALNET_GLOBAL_AMPTRAFFIC string| VALNET_GLOBAL_TEMPLATE string| VALNET_GLOBAL_TLDRPERMALINK string| VALNET_GLOBAL_TLDRPAGE string| VALNET_GLOBAL_TLDRTOTALNUMPAGE string| VALNET_GLOBAL_TLDRVIEWTYPE boolean| VALNET_GLOBAL_ISADBLOCK string| VALNET_GLOBAL_NETWORKCATEGORY string| VALNET_GLOBAL_CONTENTTYPE string| VALNET_GLOBAL_INTENT string| VALNET_GLOBAL_DATEREPUBLISHED string| VALNET_GLOBAL_LOGGEDINUSER string| VALNET_GLOBAL_CLASSIFICATION string| VALNET_GLOBAL_SUBSCRIPTIONPLAN string| VALNET_GLOBAL_LANG string| VALNET_GLOBAL_SOCIALTAGLINE function| getCookiesStartingWith function| isCookiePresent function| gtag object| dataLayer string| brandName function| sendGa360Event function| sendGa4Event object| arrayOfEmbeds object| arrayOfEmbedScripts object| arrayOfGalleries object| arrayOfExpandedGalleries object| youtubeEmbedCodes string| GoogleAnalyticsObject function| ga function| sendToGoogleAnalytics function| Waypoint object| lazySizesConfig object| lazySizes function| admiral object| googletag function| __tcfapi function| __uspapi object| ID5EspConfig object| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO object| mnet object| apstag object| adsNinjaAmazonInitData object| adUnitBidderConfigs object| adsNinja string| valnet_site_viewType string| valnet_site_view string| valnet_site_campaign string| valnet_site_device boolean| valnet_hideAds string| openwebId string| openwebUrl string| openwebTagList string| openwebArticleId boolean| isPreview string| articlePermalink string| articleFetchAjaxUrl string| articleFetchCurrentPermalink string| articleFetchNextPermalink string| articleFetchExludeIds object| articleFetchWaypointElement number| articleFetchMaximum boolean| newsletterMailingListExpand boolean| newsletterMailingListEmpty string| recaptchaSiteKey string| newsletterPopupContent boolean| newsletterPopupVisibility function| injectNewletterPopup function| showNewsletterPopup function| onSubmitGetCaptchaToken function| addAuSeg function| closeSidemenu function| valnet_sentinel function| LatestBrowseClip function| LazyList function| Glider function| customCarousel string| pixelName function| valnetLoadFooter object| shareModule function| loadGallery function| valnetLoadFooterArticle function| handleDirectoryOpenButtons function| editCurrentDirectoryArticle function| ArticleFetchClip function| r function| Jt object| n function| t function| Splide function| 4dm1r11545242527 object| webVitals object| launchPad object| launchPadConfiguration object| node function| __launchpad object| google_tag_data object| gaplugins object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| _google_rum_ns_ number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| AdsNinjaVideoPlayerEventHelper function| ValstreamLogger function| ValstreamOptions function| ValstreamVideoPlayerOptions function| ValstreamVideoPlayer function| Valstream object| vttjs function| WebVTT function| videojs object| videojsIma function| videojsContribAds function| videojsPlaylist function| AdsNinjaEventRecorder function| AdsNinjaAdsPixelRefresher function| AdsNinjaAuction function| AdsNinjaRailAdZone function| AdsNinjaRefreshingAdZone function| AdsNinjaAdUnit function| AdsNinjaLogger function| AdsNinjaEventHelper function| AdsNinjaUserActivityMonitor object| adsNinjaHeaderBiddingManager function| adsNinjaDynamicallyInjectAllAdZones object| ks8r6X2 function| ks8r6X3 object| xop object| -1ches11og740 object| z64sdvt4xkw function| onYouTubeIframeAPIReady object| gaGlobal object| $vvv function| $vvvInit object| gaData object| auvars function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| closure_lm_874531 object| _aps boolean| apstagLOADED object| UZMlcg2 function| UZMlcg3 function| xblocker object| vWULFv function| vWULFk object| xblacklist object| hadron boolean| __halo_loaded__ function| docReady object| au object| autag object| closure_lm_368899 function| clearImmediate function| setImmediate object| atsdetectionmodule object| atsenvelopemodule object| ats object| signal_decrypted function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| sas object| apntag object| _ADAGIO object| au_seg object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 object| __uid2SecureSignalProvider object| __uid2 function| subscriptionServiceGAReporting string| waypointContextKey function| loadOpenweb function| clickableYTElement object| imgAdded function| makeSingleImageClickableOnLazyLoadedList function| makeGalleryImageClickableOnLazyLoadedList function| onClickToggleExpandanleBlocks function| onClickToggleExtraQuickLinks function| reloadArticleCopyElements object| apscustom string| z string| w string| x object| nmmRefreshCounts object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha object| cnvr_launcher_options object| ID5 function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_na object| sync16576_wa object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_ma function| sync16576_N function| sync16576_O function| sync16576_oa function| sync16576_P function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_Q function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_R function| sync16576_S function| sync16576_ya function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_za function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa object| GoogleGcLKhOms object| conversant object| freewheelssp_cache object| PublisherCommonId object| publink_options object| coreid object| google_image_requests object| regeneratorRuntime object| ox_esp boolean| DFPMessageEnabled object| ONFOCUS number| _tlTagsPending object| googDdmPs object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| DOMlessLLDcallback_56806504 function| __IntegralASAdPush object| bouncex object| webpackChunksmart_tag object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie undefined| $ function| jQuery function| close_bouncex_ad object| criteo_pubtag_137 object| Criteo_137

326 Cookies

Domain/Path Name / Value
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr-exp
Value: "2023-06-18 23:44:03"
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr
Value: 2
.3lift.com/sync Name: sync
Value: CgoIgAIQ4tf63YwxCgoIgQIQzsb63YwxCgoIhwIQv7_63YwxCgkICRC_v_rdjDEKCQhJEM7G-t2MMQoJCAsQv7_63YwxCgoIiwIQ4tf63YwxCgoIjAIQv7_63YwxCgoIzgEQzsb63YwxCgoIjgEQ4tf63YwxCgoIkQIQzsb63YwxCgoIkgIQzsb63YwxCgoIlAIQzsb63YwxCgoI1gEQ4tf63YwxCgkIGxDOxvrdjDEKCgidAhDi1_rdjDEKCgjeARDOxvrdjDEKCQhfEL-_-t2MMQoJCB8Qv7_63YwxCgoIoQEQv7_63YwxCgoI4gEQv7_63YwxCgoI4wEQ4tf63YwxCgoI5gEQv7_63YwxCgoI5wEQ4tf63YwxCgoIrAIQzsb63YwxCgoIrQIQzsb63YwxCgoIsAIQ4tf63YwxCgkIORDi1_rdjDEKCQg6EL-_-t2MMQoKCP8BEOLX-t2MMQ==
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxCzFQ
i6.liadm.com/s Name: _li_ss
Value: CgA
simpleflying.com/ Name: newsletterPopupCount
Value: 0
simpleflying.com/ Name: viewType
Value: direct
.simpleflying.com/ Name: usprivacy
Value: 1---
.casalemedia.com/ Name: CMID
Value: ZI5FQbEkXkeCVJbyhldx0QAA
.casalemedia.com/ Name: CMPS
Value: 033
.casalemedia.com/ Name: CMPRO
Value: 033
.simpleflying.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.simpleflying.com/ Name: _gid
Value: GA1.2.540269172.1687045442
.simpleflying.com/ Name: _gat
Value: 1
.simpleflying.com/ Name: _au_1d
Value: AU1D-0100-001687045442-9N2D0XJT-EIUO
.simpleflying.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE2ODcwNDU0NDIsInR0ZCI6MTY4NzA0NTQ0MiwicHViIjoxNjg3MDQ1NDQyLCJydWIiOjE2ODcwNDU0NDIsInRhcGFkIjoxNjg3MDQ1NDQyLCJhZHgiOjE2ODcwNDU0NDIsImdvbyI6MTY4NzA0NTQ0Miwic29uIjoxNjg3MDQ1NDQyLCJvcGVueCI6MTY4NzA0NTQ0Miwic21hcnQiOjE2ODcwNDU0NDJ9
.tapad.com/ Name: TapAd_TS
Value: 1687045442082
.tapad.com/ Name: TapAd_DID
Value: fe9cb3d0-e4b5-4631-9e63-ec4871293ac8
.adsrvr.org/ Name: TDID
Value: 7ecff58d-29b4-4fea-b0e3-d6c5213016b0
.ad.gt/ Name: au_id
Value: AU1D-0100-001687045442-9N2D0XJT-EIUO
.ad.gt/ Name: g_hosted
Value:
.openx.net/ Name: i
Value: 4a6f2d56-24d1-4043-ac6c-a6064e5889eb|1687045442
.rubiconproject.com/ Name: khaos
Value: LJ0NAQAS-1X-L7LS
.adnxs.com/ Name: uuid2
Value: 6163557896886539984
.go.sonobi.com/ Name: __uis
Value: 548f579a-2e91-4164-a201-9f750b993513
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C9FE2347-10FF-4ABA-8761-C084B8379398
.doubleclick.net/ Name: IDE
Value: AHWqTUmz7TQMPARcWhTpWWfgl-b5CmvzEXm-JDc0xPAt1PNDreW4jQYOXVZuXwLbCEU
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.simpleflying.com/ Name: __gads
Value: ID=811df2a95c6a8ed3-22b1e36c9de10099:T=1687045442:RT=1687045442:S=ALNI_MaCgj9OQU_SMwYIOcSKvTNvR1xsaA
.simpleflying.com/ Name: __gpi
Value: UID=00000c50ec96e9f7:T=1687045442:RT=1687045442:S=ALNI_MYmwckUxR4jaWBeqy490PQukEJ3vg
.smartadserver.com/ Name: pid
Value: 536222003037073419
simpleflying.com/ Name: _lr_geo_location_state
Value: FL
simpleflying.com/ Name: _lr_geo_location
Value: US
.simpleflying.com/ Name: _awl
Value: 2.1687045443.5-4b1df7b4739579a270d67de3e75a50ef-6763652d75732d6561737431-0
.richaudience.com/ Name: pdid
Value: 8d412b32-806f-4149-b836-0zz1687045443
.cootlogix.com/ Name: vdzh5_11f967df
Value: p9C13kM74hrdMLgEFZEG9CRw0ALSluXWcnP154VVIOE0l8fVcna25aeAQZXRZce2FfIXFjCn4HBV4TUXpuGg%3D%3D
.kargo.com/ Name: ktcid
Value: 48105093-d864-0be0-1fe4-a61e37cd65a0
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 530cd4caab635a0890ec8ed9ab2b6c93
.simpleflying.com/ Name: _cc_id
Value: 530cd4caab635a0890ec8ed9ab2b6c93
.simpleflying.com/ Name: panoramaId_expiry
Value: 1687131843330
.criteo.com/ Name: uid
Value: b2669be2-8f34-4b4c-91cc-64d84e02b962
simpleflying.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.simpleflying.com/ Name: _pubcid
Value: d62c0496-47d4-45b0-8890-2d8087a5f7f1
.simpleflying.com/ Name: _ga_FVWZ0RM4DH
Value: GS1.1.1687045443.1.0.1687045443.60.0.0
.simpleflying.com/ Name: _ga
Value: GA1.1.282878327.1687045442
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZI5FQwAAARkr3QAz
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFs98NOo7D4BhBR9Izs_Hj0&KRTB&16514-CAESEFs98NOo7D4BhBR9Izs_Hj0&KRTB&23025-CAESEFs98NOo7D4BhBR9Izs_Hj0&KRTB&23386-CAESEFs98NOo7D4BhBR9Izs_Hj0
.3lift.com/ Name: tluid
Value: 4090118527531875369328
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFuYGJqYmJsaWoKAFw6g9IQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTMxMDUytzS2NDUzFeIz1C01cHF3NzE2j8ysLAMAh4UbOCQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTMxMDUytzS2NDUzFeIz1C01cHF3NzE2j8ysLAMAh4UbOCQAAAA
.teads.tv/ Name: tt_viewer
Value: 514a77cb-5d4b-41e4-8ce0-56eb9c48c0c1
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_d79685b0-0d68-11ee-bd01-12a7adfcdbeb
.deepintent.com/ Name: CDIUSER
Value: di_0bee5e191f1d45d0b18ae
.acuityplatform.com/ Name: auid
Value: 791836713822
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRDJ3aQyUmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUQyd2kMlI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.yahoo.com/ Name: A3
Value: d=AQABBENFjmQCEH7EDX4CeyNhh0hPyMHGCx8FEgEBAQGWj2SYZNxH0iMA_eMAAA&S=AQAAAgNr2shymSv-9Ttd267xF_Q
.mathtag.com/ Name: uuid
Value: d895648e-4544-4600-8aa4-c61d989f4bad
.simpli.fi/ Name: suid
Value: A1A1E2756F36417A842BBECC019687AF
.bidswitch.net/ Name: tuuid
Value: cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
.bidswitch.net/ Name: c
Value: 1687045443
.360yield.com/ Name: tuuid
Value: 56a2a300-4ae3-4782-a3a3-1cd6a81e445a
.360yield.com/ Name: tuuid_lu
Value: 1687045444
.ads.stickyadstv.com/ Name: UID
Value: e754f87de870aa843bf3c6337bf7a4b
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-970314640527939565
.ipredictive.com/ Name: cu
Value: 845f7f5a-0f14-42e4-bdd5-c3403979bb49|1687045444031
.w55c.net/ Name: wfivefivec
Value: su5GORrt1QaFAo5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d.vfmTdBhjoibbIaoGEGkKpq8PD1sqL%2BBhPsAWpYQwFBo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aqvw6C54pW5dT0Uyo7jdufSaEdkc.OzlUPUcSFwqwcpr%2FKOi1fkCX%2FbLx3ZSrf4UhHUPzK6M
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aqvw6C54pW5dT0Uyo7jdufSaEdkc.OzlUPUcSFwqwcpr%2FKOi1fkCX%2FbLx3ZSrf4UhHUPzK6M
.thrtle.com/ Name: mc
Value: eyJpZCI6IjU1NWZlZTRkLTI2MDAtNGZkOS1iNjRhLWJjYjFhZmMyZmJiZSIsImwiOjE2ODcwNDU0NDQwNDMsInQiOjF9
.quantserve.com/ Name: mc
Value: 648e4544-07275-c2e7f-abe51
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6163557896886539984&KRTB&23339-6163557896886539984
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-C9FE2347-10FF-4ABA-8761-C084B8379398&KRTB&23413-C9FE2347-10FF-4ABA-8761-C084B8379398&KRTB&23479-C9FE2347-10FF-4ABA-8761-C084B8379398
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7ecff58d-29b4-4fea-b0e3-d6c5213016b0&KRTB&22918-7ecff58d-29b4-4fea-b0e3-d6c5213016b0&KRTB&23031-7ecff58d-29b4-4fea-b0e3-d6c5213016b0
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-791836713822&KRTB&23428-791836713822
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A1A1E2756F36417A842BBECC019687AF&KRTB&23489-uid:A1A1E2756F36417A842BBECC019687AF
.adgrx.com/ Name: ADGRX_UID
Value: d7a31028-0d68-11ee-bd75-c9ad2a380901
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: jgFQ1i7taklKhSNj6gDbrWb_HrBQvV12nadpA6d4peuJyH8N9hpuUsmaWvdNwz3gSI7KtvwJbuxoIbMdJZZibxLdlV6JbvFw-PJHL0EWglxyrpDalL1a_rdRipBZ-W2aBGgQ9fxGg0WarX5rJXoHpg
.gumgum.com/ Name: vst
Value: u_c0b405d2-1cef-4503-adc7-a92862b037f5
.bidswitch.net/ Name: tuuid_lu
Value: 1687045444
.tribalfusion.com/ Name: ANON_ID
Value: aensIHu4YUdmqcn63goRwL9WjGUhfj73Zc67lJVT5wBXZdAoFdZcXXjbpodgZbJZaZb8bgFylSCAnEiFMDZbwCsvOlFZbSKK
.w55c.net/ Name: matchpubmatic
Value: 5
.turn.com/ Name: uid
Value: 3666460092970085583
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-845f7f5a-0f14-42e4-bdd5-c3403979bb49&KRTB&23011-845f7f5a-0f14-42e4-bdd5-c3403979bb49&KRTB&23355-845f7f5a-0f14-42e4-bdd5-c3403979bb49
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-qvw6C54pW5dT0Uyo7jdufSaEdkc&KRTB&23334-qvw6C54pW5dT0Uyo7jdufSaEdkc&KRTB&23417-qvw6C54pW5dT0Uyo7jdufSaEdkc&KRTB&23426-qvw6C54pW5dT0Uyo7jdufSaEdkc
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX&KRTB&19420-HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX&KRTB&22979-HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX&KRTB&23462-HzvkEh066EMEP-tFHjrxFBtq6xEEbr4SHD435VVX
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-18aa8407-4597-4a2f-8064-3c7ea3b00527&KRTB&23340-18aa8407-4597-4a2f-8064-3c7ea3b00527&KRTB&23498-18aa8407-4597-4a2f-8064-3c7ea3b00527
.amazon-adsystem.com/ Name: ad-id
Value: A6Aoh3kq7kXQgvW1aHHn2yU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:su5GORrt1QaFAo5&KRTB&23421-uid:su5GORrt1QaFAo5
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3666460092970085583&KRTB&23150-3666460092970085583
.sitescout.com/ Name: ssi
Value: 8aceefd2-c637-4307-af94-2fafa8a91421#1687045444170
beacon.lynx.cognitivlabs.com/ Name: UID
Value: b4742099-96eb-4a45-a735-46d9e0827f9c
beacon.lynx.cognitivlabs.com/ Name: ss
Value: K5oIyzovCgorvW3RcFLjn%2BP5g1z0Ad3Kic8kZJJhlNXeoqf6RpXF8lHFiwgwwNcqwZ%2BnWaeRERfcUY3Yc7tDNQ%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAL7wDx_Q0JDgNYTDnRAAAAAAA&KRTB&22713-AAAL7wDx_Q0JDgNYTDnRAAAAAAA&KRTB&22715-AAAL7wDx_Q0JDgNYTDnRAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-d7a31028-0d68-11ee-bd75-c9ad2a380901&KRTB&23275-d7a31028-0d68-11ee-bd75-c9ad2a380901
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553&KRTB&23418-8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553
.mbid.marfeelrev.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiNjE2MzU1Nzg5Njg4NjUzOTk4NCIsImV4cGlyZXMiOiIyMDIzLTA3LTAxVDIzOjQ0OjA0LjMwM1oifSwicnViaWNvbiI6eyJ1aWQiOiJMSjBOQVFBUy0xWC1MN0xTIiwiZXhwaXJlcyI6IjIwMjMtMDctMDFUMjM6NDQ6MDMuNDQxWiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiI1NmEyYTMwMC00YWUzLTQ3ODItYTNhMy0xY2Q2YTgxZTQ0NWEiLCJleHBpcmVzIjoiMjAyMy0wNy0wMVQyMzo0NDowNC4xMzNaIn0sIm9wZW54Ijp7InVpZCI6ImEwMWQ5ZGMwLTM0YzktNGM1ZC05ZDM2LWFlZmJhYjI0Nzg5YiIsImV4cGlyZXMiOiIyMDIzLTA3LTAxVDIzOjQ0OjAzLjA3OVoifX0sImJkYXkiOiIyMDIzLTA2LTE3VDIzOjQ0OjAzLjA3OVoifQ==
.creative-serving.com/ Name: tuuid
Value: 552a321d-0826-4b59-96ba-f8d1f84f917e
.creative-serving.com/ Name: c
Value: 1687045444
.creative-serving.com/ Name: tuuid_lu
Value: 1687045444
.openx.net/ Name: univ_id
Value: 537072971|7ecff58d-29b4-4fea-b0e3-d6c5213016b0|1687045444454857
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 62322737143441971
.go.sonobi.com/ Name: __uir_mm
Value: 62322737143441971
.go.sonobi.com/ Name: __uir_td
Value: 62322737143441971
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 62322737143441971
.mxptint.net/ Name: mxpim
Value: R35CAB_1046EFA05_3DE762AC.1.0000000000000000648E4544
.yieldmo.com/ Name: yieldmo_id
Value: g9b37a07cd086a85825b%7C1687045444474%7C0%7C
.yellowblue.io/ Name: wrvUserID
Value: jQi4urwaCp_s
.postrelease.com/ Name: visitor
Value: 1fe31d52-92ce-45f3-842e-4da051a04de8
.postrelease.com/ Name: status
Value: 1
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CAB_1046EFA05_3DE762AC&KRTB&23092-R35CAB_1046EFA05_3DE762AC
.presage.io/ Name: presage-ssp
Value: %7B%22uuid%22%3A%22a1835b21-9cf1-4bc9-a647-0b951e53e145%22%7D
.contextweb.com/ Name: V
Value: FPMXHM4WgKFW
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 07ef3ddc32be88fa
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
.media.net/ Name: visitor-id
Value: 3300470441523937000V10
.go.sonobi.com/ Name: __uin_td
Value: 7ecff58d-29b4-4fea-b0e3-d6c5213016b0
.minutemedia-prebid.com/ Name: wrvUserID
Value: ACifur6tkp_mm
.adform.net/ Name: uid
Value: 2198261905534825226
.eqads.com/ Name: EQUser
Value: UID=d0c7d144-042d-4580-b6ae-a7c7593f5cfa
.go.sonobi.com/ Name: __uin_mm
Value: d895648e-4544-4600-8aa4-c61d989f4bad
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2198261905534825226&KRTB&23263-2198261905534825226&KRTB&23481-2198261905534825226
.ads.yieldmo.com/ Name: ptran
Value: 6163557896886539984
.ads.yieldmo.com/ Name: ptrt
Value: 7ecff58d-29b4-4fea-b0e3-d6c5213016b0
.ads.yieldmo.com/ Name: ptrc
Value: CAESEMzI6ZN9v-ALfRH5gZSJMYk
.csync.loopme.me/ Name: viewer_token
Value: 4026709a-472c-403a-98f7-b1f09c50ebe6
.go.sonobi.com/ Name: __uin_bw
Value: cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
.ads.yieldmo.com/ Name: ptrrc
Value: LJ0NAQAS-1X-L7LS
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNLOwMDI1NTAx0VEyQuVamKJJQ5SbG1hYmIH4libI8rUAjEAQOg%3D%3D
.lijit.com/ Name: ljt_reader
Value: G1VwhPZH-q26XH-aR1uPMNQ8
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_c6bbe540-764d-42d6-a52d-da3213efb17c
.mfadsrvr.com/ Name: tuuid
Value: bdc7de11-25d2-4be2-916c-1ec105949f96
.mfadsrvr.com/ Name: c
Value: 1687045444
.mfadsrvr.com/ Name: tuuid_lu
Value: 1687045444
match.sharethrough.com/ Name: AWSALBCORS
Value: r/HUCKj0NgLl4680yr0l7CoyO6LRxYO/2BGNO/z17rSBgBDLnp1Gir9P1I7KDZC1+e28YIRwJHWZkEV+R15S/8ug+VnoD+kKu3wQ5CMT3yinzGus+/NU5qCH1HMU
.sharethrough.com/ Name: stx_user_id
Value: 6b596d99-cd6f-44de-8a4e-a9fb40768f85
ads.playground.xyz/ Name: connect.sid
Value: s%3AAb_q7_tK0NUibEZHVqLU8EM63XpG7hDP.kbBF5bqSyXn3Sri6iT1RRW32UQoO3vFSJ9aOHdZIbVs
.mookie1.com/ Name: id
Value: 10594788499390376540
.mookie1.com/ Name: mdata
Value: 1|10594788499390376540|1687045444873
.mookie1.com/ Name: ov
Value: fb3acf94cafa9253c4a3bb77d195acb8
.zemanta.com/ Name: zuid
Value: SH61o9eW3usfInkR2FZ-
.admanmedia.com/ Name: admtr
Value: 3118d3d7-86f2-4522-88f1-c91fd797c74c
.lijit.com/ Name: _ljtrtb_2
Value: A1A1E2756F36417A842BBECC019687AF
.blismedia.com/ Name: b
Value: 648E4544AFB42E977F385A73BLIS
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: bcookie
Value: "v=2&7abc0b76-ac69-47c1-8383-f6c9ffdb27e6"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3034:u=1:x=1:i=1687045445:t=1687131845:v=2:sig=AQFeqAbRFX5KSXgB4AV5pSdh2VC9i42y"
.lijit.com/ Name: _ljtrtb_16
Value: 8aceefd2-c637-4307-af94-2fafa8a91421-648e4544-5553
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-a8f84e92-87fb-31c9-9a25-b4d50b950c3a
.lijit.com/ Name: _ljtrtb_26
Value: cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
.33across.com/ Name: 33x_ps
Value: u%3D212187997041863%3As1%3D1687045445210%3Ats%3D1687045445210
.bidr.io/ Name: bito
Value: AAE2u07JHIsAACA_VdpK4w
.krushmedia.com/ Name: krm_usr
Value: 90c228c1-69f7-4080-b443-2dda30600f56
.krushmedia.com/ Name: krm_r
Value: 470
.lijit.com/ Name: _ljtrtb_85
Value: AAE2u07JHIsAACA_VdpK4w
.bluekai.com/ Name: bku
Value: ikG99WPaMZELCaDU
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005%22%7D
.technoratimedia.com/ Name: tads_uidp_88
Value: 4667893439212644053131
.technoratimedia.com/ Name: tads_uidp_44
Value: LIN6B2YA-G-JA1
.technoratimedia.com/ Name: tads_uidp_46
Value: 2557270057802737191
.technoratimedia.com/ Name: tads_uidp_79
Value: 9d8404e4-5953-4473-903d-941d6d5ada5a
.technoratimedia.com/ Name: tads_uidp_37
Value: 701e4d38-6a0d-3193-a59d-993c69abfe30
.technoratimedia.com/ Name: tads_uidp_48
Value: 2b61f494-7cc8-44b4-82cd-94d5e70e52d8
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAIrvVJP9dURAMOLD5YAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: be295439-4e1f-4204-80f4-7f080085e81b
.technoratimedia.com/ Name: tads_uidp_80
Value: y-BA8BH1RE2uFcFeGyyG7tda_sOd5.4xDf~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZIHXHz6P0Ab3zTIBlIW4vQAA&4440
.technoratimedia.com/ Name: tads_uidp_61
Value: 212182817904688
.technoratimedia.com/ Name: tads_uidp_50
Value: 23b0ebe1-ddd0-4872-929a-f40ef33ba649
.technoratimedia.com/ Name: tads_uidp_62
Value: 3294363559851932000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: GuqHV9BFeHfSQWI4utmhgG5RqLLDREfP
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-66786d26-8c79-4469-ae1d-e8e0a5f2ee3b-005
.technoratimedia.com/ Name: tads_uid
Value: E38C30D9BA97405BB79CACF9A2C6426C
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230612102910+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.adsby.bidtheatre.com/ Name: __kuid
Value: d7c453bc-e8de-4b8c-b326-7da333e29f16.456259445
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 734b1133-0f32-52a9-9676-102ff2f8556a
.betweendigital.com/ Name: ss
Value: 1
.360yield.com/ Name: um
Value: !79,NESCrUqKPUbM49MlHA1-Q9N7-FSUiQEMwaTioanljJgRz0e8bTpoJzyv7Je3tyF6kj.ee7cEiLJV77MV,1694821445
.360yield.com/ Name: umeh
Value: !79,0,1749253445,-1
.smartadserver.com/ Name: csync
Value: 127:AAE2u07JHIsAACA_VdpK4w
.betweendigital.com/ Name: ut
Value: ZI5FRQALu-h1andTSlxfg9omutshPNrOSeimAw==
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAE2u07JHIsAACA_VdpK4w
.lijit.com/ Name: _ljtrtb_92
Value: 6163557896886539984
.pippio.com/ Name: did
Value: wyDNMpp9ZSxmx-pd
.pippio.com/ Name: didts
Value: 1687045446
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMaKuaQGEgYIgr0rEAA=
.linkedin.com/ Name: li_sugr
Value: 1d7c9e26-cd9b-4ab5-9254-471d909bf229
simpleflying.com/ Name: _lr_sampling_rate
Value: 100
.lkqd.net/ Name: lkqdid
Value: E9-M5kh06wI
.lkqd.net/ Name: lkqdidts
Value: 1687045448
.ads.yieldmo.com/ Name: rptr
Value: rc%3D1688254560000%7Cunl%3D1172399%7Cb%3D1172399%7Cc%3D1688254560000%7Ct%3D1688254560000%7Ctapad%3D1172399%7Cbsw%3D1172399%7Cpub%3D1688254560000%7Cdv360%3D1172399%7Can%3D1688254560000
.bing.com/ Name: MUID
Value: 3A595BA6B42D6DC837CB4895B58A6CF0
.c.bing.com/ Name: MR
Value: 0
.aralego.com/ Name: euconsent
Value:
.aralego.com/ Name: sspid
Value: eda34539-d860-3116-b391-ffe0a94fa09f
.lkqd.net/ Name: sr59
Value: 1|CAESEGQDWxbZdlUgBz5JXhv0rGQ|1687045448
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjQwOTAxMTg1Mjc1MzE4NzUzNjkzMjgiLCJleHBpcmVzIjoiMjAyMy0wOS0xNVQyMzo0NDowOFoifX0sImJpcnRoZGF5IjoiMjAyMy0wNi0xN1QyMzo0NDowOFoifQ==
.clickagy.com/ Name: cb
Value: ZI5FSYQBMGhu1Sw-Eq5iSP9A
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2023-06-17 23:44:09"}]
.sportradarserving.com/ Name: zuuid
Value: cffeb3e3-6131-4e23-b554-1c59b3ed9f1a
.sportradarserving.com/ Name: c
Value: 1687045449
.sportradarserving.com/ Name: zuuid_lu
Value: 1687045449
.sync.viewdeos.com/ Name: vmuid
Value: dc3da21bd46fc731
.sync.viewdeos.com/ Name: a305801
Value: eda34539-d860-3116-b391-ffe0a94fa09f
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987Fnp3vHGOH7BgkEJ1CDdnM45XO1JUOIQURtCI260oWwYWdW5IgpI2r2QebUVZQC4TM1
.simpleflying.com/ Name: _ga_6HWFJ4EQLT
Value: GS1.1.1687045441.1.0.1687045449.0.0.0
.richaudience.com/ Name: cmpsync
Value: 1
.w55c.net/ Name: matchmedianet
Value: 5
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1687045449
.ads.yieldmo.com/ Name: ptrb
Value: 9d345672-30c6-4df5-b8fd-70efdd8b93f6
.go.sonobi.com/ Name: HAPLB8S
Value: s8583|ZI5FT
.media.net/ Name: data-rk
Value: 970314640527939565~~8
.prebid.a-mo.net/ Name: __amc
Value: 3_1687045443_1687045449
.media.net/ Name: data-xu
Value: su5GORrt1QaFAo5~~8
.media.net/ Name: data-c
Value: b2669be2-8f34-4b4c-91cc-64d84e02b962~~1
.media.net/ Name: data-c-ts
Value: 1687045449
.media.net/ Name: data-o
Value: 51ef7b90-2656-4554-95f5-1080989028ca~~8
.openx.net/ Name: pd
Value: v2|1687045444.2.2.1|vPvMgakWgy.iKbwhEgKg2.mmuYeSwrf8ke.g6wvwtvJvuwi
.adnxs.com/ Name: anj
Value: dTM7k!M4.gDYRWSF']wIg2C$GqHK>]!]tc-8i_iqf!oN/@E'zz<*Z0Qf0>SOA9KKy_hQ0e[dGs#sHbxn29DGiBx#G[<QG=%9skrhI+`/rI2Fz#A?n#uB-u7wVn68P!!yKWDo?E7).lIy%q)3R4t5=S
.media.net/ Name: data-ttd
Value: 7ecff58d-29b4-4fea-b0e3-d6c5213016b0~~1
.media.net/ Name: data-mf
Value: bdc7de11-25d2-4be2-916c-1ec105949f96~~1
.media.net/ Name: data-so
Value: 548f579a-2e91-4164-a201-9f750b993513~~8
.media.net/ Name: data-g
Value: CAESEIUXUpyAwFrNdEJ57sMddxo~~8
.media.net/ Name: data-mm
Value: d895648e-4544-4600-8aa4-c61d989f4bad~~8
.adnxs.com/ Name: icu
Value: ChgI-qd9EAoYAiACKAIwyYq5pAY4AkACSAIKGQishogBEAoYASABKAEww4q5pAY4AUABSAEQyYq5pAYYAg..
.demdex.net/ Name: demdex
Value: 83128701974786401403422692530526639026
.ads.yieldmo.com/ Name: ptrbsw
Value: cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99
.media.net/ Name: data-co
Value: AAAF03RTt7LY8QNTEbplAAAAAAA~~8
.richaudience.com/ Name: avcid-opx-uid
Value: 7b6e5be5-d568-48c2-ad87-e3d50738d95c
.richaudience.com/ Name: avcid-sov-uid
Value: G1VwhPZH-q26XH-aR1uPMNQ8
.dpm.demdex.net/ Name: dpm
Value: 83128701974786401403422692530526639026
.bluekai.com/ Name: bkdc
Value: phx
.agkn.com/ Name: ab
Value: 0001%3A0qBCh%2BullUcUQgm8DyAfczaZ4auYmiQS
.liadm.com/ Name: lidid
Value: 9ffaf2c1-6a60-4ac0-a1e9-1fcff0445844
.media6degrees.com/ Name: clid
Value: 2rwf8lm01170nluaib0xrmmr000000014o010o01601
.media6degrees.com/ Name: acs
Value: 012020k1rwf8lmxzt10
.ads.yieldmo.com/ Name: ptrunl
Value: RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
simpleflying.com/ Name: _lr_retry_request
Value: true
simpleflying.com/ Name: _lr_env_src_ats
Value: false
.media.net/ Name: data-bs
Value: cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99~~1
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwi40-e42OX3OxAFEhcKCHB1Ym1hdGljEgsI6NP_v9jl9zsQBRIVCgZjYXNhbGUSCwiKyd7G2OX3OxAFEhYKB3J1Ymljb24SCwjiyZ3J2OX3OxAFEhYKB3N2eDl0NTASCwiAsI7p2OX3OxAFGAEgASgCMgsIjMmxru_l9zsQBTgBWgZndW1ndW1gAg..
simpleflying.com/ Name: _pubcid
Value: d62c0496-47d4-45b0-8890-2d8087a5f7f1
.colossusssp.com/ Name: gtm_usr
Value: 3dd238a3-59fc-49b0-981e-793101a995be
.colossusssp.com/ Name: lmg_r
Value: 11
.lijit.com/ Name: _ljtrtb_58
Value: C9FE2347-10FF-4ABA-8761-C084B8379398
.quantserve.com/ Name: d
Value: EKsBEgGgKfijDr34MA
.w55c.net/ Name: matchtriplelift
Value: 5
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1687045451!bidswitch,1687045449!medianet,1687045449!minutemedia,1687045444
.richaudience.com/ Name: avcid-adf-uid
Value: 2198261905534825226
.creativecdn.com/ Name: u
Value: WyR0H1r4W4Pt0NMPdPw3
.creativecdn.com/ Name: ts
Value: 1687045451
.lijit.com/ Name: ljtrtb
Value: eJwVz7lqBDEQBNB%2FUewGHX066xEjfOROjVYziheMcWD231cT1yuo%2Bg85vAZPnvYsxK0wJnHFvG17rTEZq3gLL4F0uWptzwUFUmwN0DcHFU5Qo%2BKmRayYLpt52TF5xPNAOGkOwJsNuPHBYKKjDI00zJZNl9U%2BznMeGQYXASxRoE9DyLPPrt0S5gSMeiIhAhGV1bRrOScuRKJrpzIVM8UVKV2nfM%2B%2FUT7e3n%2Fcq39%2FHfdP%2FAuPJ6qXOWs%3D
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4NzA0NTQ0NDIyOCwiMjQiOjE2ODcwNDU0NTE3MjQsIjQ4IjoxNjg3MDQ1NDQ0ODg1LCIyNiI6MTY4NzA0NTQ0OTEwNCwiMzkiOjE2ODcwNDU0NDQ4ODUsIjciOjE2ODcwNDU0NDQ4ODV9
.tynt.com/ Name: uid
Value: E9mYH2SORUs1+C1CYiq2oQ==
.company-target.com/ Name: tuuid
Value: ea902a8f-d778-4012-805d-a6faa940b707
.company-target.com/ Name: tuuid_lu
Value: 1687045451|ix:0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.smaato.net/ Name: SCM
Value: 2e03aa2e
.smaato.net/ Name: SCMg
Value: 2e03aa2e
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1687045452030%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1687045452030%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1687045452030%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1687045452030%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1687045452030%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1687045452030%7D%5D
.id5-sync.com/ Name: id5
Value: 9f2c2bf6-ed6b-728d-972e-f076780cdc93#1687045444260#4
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2c9z:199v~2c9z:18za~2c9z:191q~2c9z:175w~2c9z:190u~2c9z"
.dotomi.com/ Name: DotomiTest
Value: 7acc145311b01066
.bounceexchange.com/ Name: bounceClientVisit5553c
Value: %7B%22vid%22%3A1687045452404426%2C%22did%22%3A%22177323615584285785%22%7D
.simpleflying.com/ Name: bounceClientVisit5553v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvigJYC2EYApgGZgCeJAdgOYB0AxgPZlEIDuXALQBXJiQRUAJkICGJAE5hmVFEKoUwXelVVCOcWQpbMWQlJNnLWQskZIArEbKayhEWShRVWVBULARFhZZFioiEAAaEAUYECiQEhQAfRYuZO8vEi4mGBorb2ik1IgM1VIcvIKqAF8gA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1l7u|4is.0.CAESEBeag4WAn8dcs4YfWIY2dLo|7TY.0|2N.0.AAAF03RTt7LYLwMom0DnAAAAAAA|3oy.0|8nK.0.1|7bq.0.1|7dN.0.AAE2u07JHIsAACA_VdpK4w
.pubmatic.com/ Name: SyncRTB3
Value: 1688169600%3A250_13_165_204_233_46_104_243_249_178_55_8_234_96_238_7_48_5_231_3_71_81_240_56_54_220_166_99_214_239_21_22_176%7C1687564800%3A223_15_2_38%7C1688256000%3A35%7C1687824000%3A63%7C1689552000%3A224%7C1692144000%3A69
ssp.behave.com/ Name: tuuid
Value: 29a5f522-51eb-4496-b609-33f7a4b33ba7
ssp.behave.com/ Name: c
Value: 1687045452
ssp.behave.com/ Name: tuuid_lu
Value: 1687045452
.rubiconproject.com/ Name: audit
Value: 1|oEYDy882kDkoMursiyAXJ0Wi4QDKZAr3CnKKLWgKprObz16xSA9sXbGM3o2wbTe7LDLxeHpWuDDyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnVkEzJVW+xed4+8vKRgP22LMGSCM2OZ/f8JFMJzv6GZpYPDxny9O7hNPVHjylZIeXMaC6g74J6co446eJCpo9G4JrHenJgWdLQ==
.ctnsnet.com/ Name: cid_8cb09b92b76d4e57bf2162013e39abf4
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005%22%2C%22nxtrdr%22%3Afalse%7D
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7403318521853444473P
.owneriq.net/ Name: pmc
Value: 1
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"2RM26LHrzQocMxAuXOfqMrmnJOi","deviceID":"2RM1gDbiXLgqFTE0JosmTsH6GK4","iv":"","v":""}
.cdnwidget.com/ Name: __adcontext
Value: {"cookieID":"2RM26LHrzQocMxAuXOfqMrmnJOi","deviceID":"2RM1gDbiXLgqFTE0JosmTsH6GK4","iv":"","v":""}
.simpleflying.com/ Name: __idcontext
Value: eyJjb29raWVJRCI6IjJSTTI2TEhyelFvY014QXVYT2ZxTXJtbkpPaSIsImRldmljZUlEIjoiMlJNMWdEYmlYTGdxRlRFMEpvc21Uc0g2R0s0IiwiaXYiOiIiLCJ2IjoiIn0%3D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.bfmio.com/ Name: __187_cid
Value: C9FE2347-10FF-4ABA-8761-C084B8379398
.bfmio.com/ Name: __io_cid
Value: 45c5fd5b059163dc95b992e2e3ea76c2c2aa01c6
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005&KRTB&17107-RX-4d7ac79a-b446-43dd-8b2a-532c94803b95-005
.inmobi.com/ Name: idsp_c
Value: e78eeacd-32ca-4f3a-ad54-4da47a4de1b2
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJjb2xvc3N1cyI6eyJ1aWQiOiJbVUlEXSIsImV4cGlyZXMiOiIyMDIzLTA3LTAxVDIzOjQ0OjExLjM1MjQwNDQ0WiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJDOUZFMjM0Ny0xMEZGLTRBQkEtODc2MS1DMDg0QjgzNzkzOTgiLCJleHBpcmVzIjoiMjAyMy0wNy0wMVQyMzo0NDoxMi45NzM1Mzc1NzlaIn19LCJiZGF5IjoiMjAyMy0wNi0xN1QyMzo0NDoxMS4zNTI0MDA4MjFaIn0=
.lijit.com/ Name: _ljtrtb_80
Value: LJ0NAQAS-1X-L7LS
.c.appier.net/ Name: _auid
Value: lyW0iXyVCByl3Sl1TUWOZA
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-lyW0iXyVCByl3Sl1TUWOZA
.pubmatic.com/ Name: PugT
Value: 1687045453
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
.pubmatic.com/ Name: DPSync3
Value: 1687564800%3A253_248%7C1688169600%3A258_262_201_256_255_260_259_263_261%7C1687996800%3A257
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1687067054447
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4055-2!4055-3!4055
.rlcdn.com/ Name: rlas3
Value: 4VpRxoNLaLSTHFsrBiGRfwBEZPFCtnCZ143eP5yDeDw=
.rlcdn.com/ Name: pxrc
Value: CMaKuaQGEgUI6AcQABIFCOhHEAASBgi66gEQCA==
.media.net/ Name: data-pba
Value: C9FE2347-10FF-4ABA-8761-C084B8379398~~8
ssp.behave.com/ Name: um2
Value: !2,cf6c0ed4-e5fc-4b9c-b6d6-978c3c805c99,456324254
.richaudience.com/ Name: avcid-pmr-uid
Value: C9FE2347-10FF-4ABA-8761-C084B8379398
.richaudience.com/ Name: avcid-pmt-uid
Value: C9FE2347-10FF-4ABA-8761-C084B8379398
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMDYtMTdUMjM6NDQ6MTAuNzM5MzAxNDkyWiIsImFwcG5leHVzIjoiMjAyMy0wNi0xN1QyMzo0NDoxMC43MzkzMjY4MjVaIiwiaW5kZXhleGNoYW5nZSI6IjIwMjMtMDYtMTdUMjM6NDQ6MDMuMTc0MTk4OTM3WiIsIm9wZW54IjoiMjAyMy0wNi0xN1QyMzo0NDoxMC43MzkzMTMxMjlaIiwicHVibWF0aWMiOiIyMDIzLTA2LTE3VDIzOjQ0OjAzLjE3NDE3OTE4NFoiLCJydWJpY29uIjoiMjAyMy0wNi0xN1QyMzo0NDowMy4xNzQxODc3MTRaIiwic292cm4iOiIyMDIzLTA2LTE3VDIzOjQ0OjEwLjczOTMxOTAxOVoiLCJ5YWhvbyI6IjIwMjMtMDYtMTdUMjM6NDQ6MDMuMTc0MTk1MDVaIn0sInVpZHMiOnsiMzNhY3Jvc3MiOnsidWlkIjoiMjEyMTg3OTk3MDQxODYzIiwiZXhwaXJlcyI6IjIwMjMtMDgtMTZUMjM6NDQ6MTIuMjc1MDA0NDU2WiJ9LCJhZGFnaW8iOnsidWlkIjoiNmE0MGMwYmItMzgwNy00YWZjLTlhNmUtZTM2MTYyMDgyMTJiIiwiZXhwaXJlcyI6IjIwMjMtMDgtMTZUMjM6NDQ6MDMuMTcyNTY3NTEzWiJ9LCJhcHBuZXh1cyI6eyJ1aWQiOiI2MTYzNTU3ODk2ODg2NTM5OTg0IiwiZXhwaXJlcyI6IjIwMjMtMDgtMTZUMjM6NDQ6MTQuNTk3MjYwODAxWiJ9LCJpbmRleGV4Y2hhbmdlIjp7InVpZCI6IlpJNUZRYkVrWGtlQ1ZKYnlobGR4MFFBQUFDRUFBQUFCIiwiZXhwaXJlcyI6IjIwMjMtMDgtMTZUMjM6NDQ6MDYuNTI2MTU3MDEzWiJ9LCJvcGVueCI6eyJ1aWQiOiIxNWM5MTY5YS01YTNlLTRkN2MtYmExMy01M2M5ZjFmZGIzZmUiLCJleHBpcmVzIjoiMjAyMy0wOC0xNlQyMzo0NDoxMi41NTIyMzA0OTRaIn0sInB1Ym1hdGljIjp7InVpZCI6IkM5RkUyMzQ3LTEwRkYtNEFCQS04NzYxLUMwODRCODM3OTM5OCIsImV4cGlyZXMiOiIyMDIzLTA4LTE2VDIzOjQ0OjAzLjk0NDA0Nzk3M1oifSwicnViaWNvbiI6eyJ1aWQiOiJMSjBOQVFBUy0xWC1MN0xTIiwiZXhwaXJlcyI6IjIwMjMtMDgtMTZUMjM6NDQ6MDUuNDQ0OTA4OTk0WiJ9LCJzb3ZybiI6eyJ1aWQiOiJHMVZ3aFBaSC1xMjZYSC1hUjF1UE1OUTgiLCJleHBpcmVzIjoiMjAyMy0wOC0xNlQyMzo0NDoxNC40OTIzMzc3NjJaIn19LCJiZGF5IjoiMjAyMy0wNi0xN1QyMzo0NDowMy4xNzI0ODQ2ODdaIn0=
.id5-sync.com/ Name: 3pi
Value: 2#1687045445072#-1666593254#6163557896886539984|3#1687045452216#366884003#d895648e-4544-4600-8aa4-c61d989f4bad|101#1687045454594#-1597236108|1129#1687045452675#-1846368782|203#1687045445717#1418757204#b2669be2-8f34-4b4c-91cc-64d84e02b962|108#1687045446117#-199763167|429#1687045446518#-422039544#C9FE2347-10FF-4ABA-8761-C084B8379398|434#1687045452421#-795019242|441#1687045444745#-1380527727#u_c0b405d2-1cef-4503-adc7-a92862b037f5|1241#1687045451801#-502116625|1242#1687045451529#-502116625|155#1687045450682#-1774759114#AAE2u07JHIsAACA_VdpK4w|1243#1687045453200#-502116625|124#1687045445923#608700381|796#1687045446318#158467554|285#1687045452877#452450217#LJ0NAQAS-1X-L7LS|1246#1687045446831#-502116625|286#1687045449704#-1092123235
.id5-sync.com/ Name: callback
Value:
.pubmatic.com/ Name: SPugT
Value: 1687039210
.richaudience.com/ Name: avcid-id5-uid
Value: ID5-6be3WMtMCu6dut9JyIhogXi-UYuYNOpL1u1EmEW-nA
.technoratimedia.com/ Name: tads_uidp_73
Value: AABYSU7JHIsAAB8Zjx3nMw
.shb-sync.com/ Name: smart_usr
Value: ac3481f5-27e9-43e4-8b0c-ae0f5b9ff547
.shb-sync.com/ Name: smart_r
Value: 32095
.admanmedia.com/ Name: ac_r
Value: CS112|CS166|CS27|CS161|CS24|CS155
.simpleflying.com/ Name: cto_bundle
Value: 0A1gLF9sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFjVG1NNVdnM0VsYjklMkI1amlmQlRUN21RSkNpc3BHUkJXRFd0OVVlbHJhd2RqT2xRRHVnQUVBbVB3MDdERWVsQ1pzbE80RFlSbjF2bCUyQnR3bDhvSDgzbjJ1VVVWRiUyQiUyRndCNExGRU5JT3JSM3B4NE5vakU2RHRJWXM2dWJ1N3FzV2pQZ0lPYUZsaW5VQ1JsNmdLZXlBNnRLbyUzRA

18 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/valnet/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d895648e-4544-4600-8aa4-c61d989f4bad&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAEw9U7JHIsAACDmGsySkQ
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://tagan.adlightning.com/valnet/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript warning URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Message:
The resource https://launchpad.privacymanager.io/latest/launchpad.bundle.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security warning URL: https://tagan.adlightning.com/valnet/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript warning URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Message:
The resource https://launchpad.privacymanager.io/latest/launchpad.bundle.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=C9FE2347-10FF-4ABA-8761-C084B8379398&gdpr=-1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8034152775585628160/index.html".
network error URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=95223064382
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=58599192570
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=78947286950
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=12869752313
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=80815003785
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=62097274576
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=58923810589
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=PHpd919sV1VHbUtNTSUyQmE4amNMNlolMkI1JTJGSDFRZlMxRTVMWnBUYmV6ZUVSTk82QmM0bkdzUUk0YzRFdnZoR3RobTNRenJUY2Q1QWtuSnp1RGhKYTcwYWpoWUE1bWhmdlRWbyUyQkdDZkVFT3JsZTRmSm1pTiUyQkJwS3RUaiUyQiUyRjQ3MzRRMzJFRXRLZW1LVTQlMkJndkZBdTJJcjBsTCUyQmI3TEclMkZ1b3RUSTlDVGRicGxCY1JoV3lzSSUzRA&cb=50268538565
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://simpleflying.com/two-united-airlines-employees-charging-stealing-marijuana-passenger-luggage/
Message:
The resource https://launchpad.privacymanager.io/latest/launchpad.bundle.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.ad.gt
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a1474.casalemedia.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adtechvideo.s3.amazonaws.com
amazon-tam-match.dotomi.com
ampcid.google.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api.bounceexchange.com
api.rlcdn.com
as-sec.casalemedia.com
assets.bounceexchange.com
ats-wrapper.privacymanager.io
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c21lg-d.media.net
c3.a-mo.net
casale-match.dotomi.com
cdn.adsninja.ca
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
ce.lijit.com
check.analytics.rlcdn.com
childlikeform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual-analytics.wunderkind.co
contextual.media.net
core.iprom.net
crb.kargo.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cs.admanmedia.com
cs.krushmedia.com
cs.lkqd.net
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
d83b2e3bc71fd974af24b83f5100ff03.safeframe.googlesyndication.com
data.cdnbasket.net
de.tynt.com
dis.criteo.com
dis.eu.criteo.com
dmp.adblade.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
events-ssc.33across.com
events.bouncex.net
exchange.cootlogix.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g2.gumgum.com
geo.moatads.com
geo.privacymanager.io
ghb.sync.viewdeos.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.minutemedia-prebid.com
hb.yellowblue.io
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
idr.cdnwidget.com
ids.ad.gt
ids.cdnwidget.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
krk.kargo.com
krk2.kargo.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mbid.marfeelrev.com
medianet-match.dotomi.com
mp.4dex.io
ms-cookie-sync.presage.io
mug.criteo.com
mweb.ck.inmobi.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
p.ad.gt
p.rfihub.com
page.cdnbasket.net
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.nextmillmedia.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.cootlogix.com
prebid.media.net
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
r.bidswitch.net
r.casalemedia.com
report2.hb.brainlyads.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
simpleflying.com
sonata-notifications.taptapnetworks.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.behave.com
ssp.disqus.com
ssp.wknd.ai
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
static1.simpleflyingimages.com
stats.g.doubleclick.net
svastx.moatads.com
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.bfmio.com
sync.colossusssp.com
sync.cootlogix.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.sync.viewdeos.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
tag.bounceexchange.com
tagan.adlightning.com
tags.crwdcntrl.net
targeting.unrulymedia.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
track.adform.net
triplelift-match.dotomi.com
u.4dex.io
u.openx.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
us.shb-sync.com
usersync.gumgum.com
valnet-tagan.adlightning.com
valnetbidder-d.openx.net
video.adsninja.ca
view.cdnbasket.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
c3.a-mo.net
104.127.172.242
104.18.10.47
104.18.25.185
104.36.115.111
104.66.251.81
107.178.254.65
107.20.114.132
107.21.21.236
108.139.29.12
13.32.151.21
139.162.84.221
141.95.98.65
142.251.40.194
143.198.127.82
146.20.128.141
147.28.129.37
148.113.153.86
15.197.193.217
151.101.193.108
151.101.2.49
162.19.138.118
162.210.196.208
162.248.18.32
162.248.18.37
162.55.120.196
167.71.25.23
168.119.146.39
169.197.150.8
173.231.178.116
174.129.148.57
174.137.133.32
178.250.7.11
18.160.18.69
18.160.41.20
18.160.46.100
18.165.97.179
18.165.98.105
18.165.98.81
18.215.8.84
18.67.65.75
18.67.67.228
185.167.164.43
185.184.10.30
188.166.17.21
188.42.34.65
192.132.33.46
192.40.39.223
195.5.165.20
198.148.27.139
199.127.204.142
199.127.204.163
199.38.167.130
20.85.134.6
2001:4860:4802:32::3
207.198.113.90
208.115.232.150
209.204.239.164
209.205.197.154
216.200.232.249
216.22.16.8
23.105.12.151
23.105.12.171
23.192.50.109
23.197.21.62
23.227.139.243
23.23.116.45
23.49.100.28
23.49.101.144
23.52.156.48
23.52.158.180
24.199.80.64
2400:52e0:1a00::940:1
2600:1901:0:d733::1
2600:1f13:800:7780:48ef:ebc1:9abc:bc76
2600:1f18:4e9:5a01:1182:3903:eb81:31e2
2600:1f18:ed:550e:4106:3062:270c:cbbd
2600:9000:2199:b200:a:e047:753:be1
2600:9000:2305:a00:1b:5138:8a40:93a1
2600:9000:24f4:5000:8:48e:53c0:93a1
2600:9000:2501:5a00:17:c484:6380:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:9a9
2606:4700::6810:7eaf
2606:4700::6812:16ea
2606:4700::6812:19ad
2606:4700::6812:372
2606:ae80:1451:17::1370
2606:ae80:1471:15::500
2607:f8b0:4004:c08::9c
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2006
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c454::1
2a04:4e42:600::485
3.216.3.198
3.219.149.83
3.224.103.82
3.227.148.228
3.233.37.172
3.233.84.12
3.234.11.15
34.102.146.192
34.102.163.6
34.102.253.54
34.107.191.194
34.111.113.62
34.111.8.32
34.117.239.71
34.117.4.53
34.120.135.53
34.120.155.137
34.120.232.38
34.120.253.250
34.120.28.40
34.120.63.153
34.133.71.175
34.149.130.207
34.149.40.38
34.196.26.39
34.199.73.116
34.200.65.202
34.202.191.141
34.204.156.95
34.233.113.241
34.235.10.219
34.96.105.8
34.96.70.87
34.96.71.22
34.98.64.218
34.98.72.95
35.172.246.77
35.186.193.173
35.186.253.211
35.190.114.150
35.190.39.111
35.190.60.146
35.190.90.30
35.207.10.239
35.207.24.140
35.208.249.213
35.211.118.13
35.211.178.172
35.211.233.246
35.214.159.67
37.157.5.133
38.68.201.140
44.198.229.175
44.206.150.230
44.209.30.160
50.17.63.122
51.222.39.186
52.201.52.94
52.201.57.82
52.205.64.79
52.206.51.4
52.22.231.91
52.223.22.214
52.44.28.63
52.44.30.82
52.46.128.147
52.5.227.160
52.71.209.114
52.85.151.46
52.85.151.90
52.87.79.114
54.148.98.145
54.198.195.78
54.204.181.100
54.217.67.170
54.227.209.210
54.231.203.145
54.83.38.144
54.84.92.154
54.87.127.173
63.251.28.234
63.251.86.49
64.202.112.159
64.247.192.250
67.202.105.23
67.202.105.31
67.202.105.34
67.220.228.201
68.67.153.61
68.67.160.24
68.67.179.166
69.166.1.12
69.173.151.100
69.90.254.78
72.247.71.192
72.251.238.254
74.119.119.139
74.119.119.150
8.2.110.134
8.2.110.33
8.28.7.81
8.28.7.83
8.28.7.84
8.39.36.141
8.43.72.98
80.77.87.163
99.84.191.112
001c7143a6c3d2e86824f448d12071e8bcf20e0cc1675087a6b1783d054e1ae4
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02a06d10dc9a049eb0f78a5b558d242e379cfa7731264d4fbee1d05760393193
030cc88df99e1877769b6a885ca17d79a241c186f777617a735be6dc9e9bdce1
047da9d629c1818d83304a0b035e69ee3a7473985148a9a3216082088a48ae95
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f7623ff0bd43c0ba65ee22969804220771be5ca8f5d8ce8db672b40b51c1fd
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
10f75f2953cd56db7850c1e154772e46fb7267c7250bc42c13fb1b69b614f2e4
1107598c5792c7b132af234ca42eff9e284b4765e66bfbc56ad4e3f4a3472403
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13140a653582b6df6da1953636778c05c174bc0fe5c7b2e196ded3bb1a2e2f37
14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6
15c12c07eceea30b283cc82fc145e96b4fc32bf9c6eefed18c8828abdff4ce9a
15c8a0708e3db7938bb7d7a63b5c67abad96dde683cccef9b5254e82e203cf62
16743312e32a12390a579ad736b3ac6a867de0a8a2f8a687e448448a2e452a45
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b139e7fdf16269fd2dd01c9791c4945fbe566f4567861a29442f0a80370f305
1b29786450c85484f9210f397a526be2cef7af07425fee5637742b54f92bbcf2
1b983748b07b3685171d73b6a0a4cfcbf1842daf2a925460c70e7b35a5249f8e
1c1d6d25f18060cdd27b27094527ebeb16594cd10718eef8e2f9ceaa10653774
1c43bc3ed5602bfa279dd28ac9167c763af7140200d05ed1c96a6959919388a3
1d735bd8e0a45a5de40b3c85731f14d757650e3d0a134cbff555784bfdec4dff
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
1e7a028bee0fec73901bbbf2a5bcd4652907198034c916ccea3a7693153df269
1ee26762e2224737d899a3a3ff533c0277943862e1183ee8ec5123875f5cb9ba
1f1c75422838aaf1ac06897faeb7af3d942a9b0252c40075f476524d648aa333
1f48b06e70f0e36b95732e7ea7426875d5275ee1e4008ac707b23e4db910a94b
1fd2f32ff8f7faa45f37f017373f5aed9e8fa2592777558dceb6279d2c6b6c1f
232aa4f48d6ad5efb370ad987c477c692acfbf744fdc224843e123f4f85008d7
23c464fadfcd2607817d9557853fe366bf05f55ac80ebe3061b5a5416d9ddb0d
24381a54b3adcd196fa9402abc0a54f704b01c1fb275a15d438c6523b3a32296
2473b2e1fb6a01765f23ce60c544a41d838bd2b0cb00df3b433f941e08a75029
2806dcb5468048c0feef0c94cbcd74d839aff5897f79ef4db82536ddc993cea6
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0a9ee7b7080edc261f2aa8eb0bd25e469b7c3c02e8049a0467df4e11f469d2
2b2af80092bd9e4a81a727c3efdcfa9e2978d1e1c0cb7e3cd51804ea254afe37
2bb1a1bf0620ac9d69bb648983cd9952b1ee41664232d2d06c08a9014fce6427
2c0f1cb0117c7ff7e891f98c7f960bf2a49cdfa95bcbcffe1a7ff36b224e145b
2d90240e11d4b5ffa4eb64b32ce13346c990951dcc5fcbe9b25945b9b5360b2e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eea9dff0f37c7bb671a56c7fdcda418e863f8e94ae6c6cd91c49e3bc4165275
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9
3518ef108c3772a9d0b2f282565edc7574bd4a4ddf330303012114aed3e10800
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
3611e0a7905ba70311c2f8fd2dfa8f8dc271953546fa64afea8a1e54421e5add
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37bc73de113a1face6d3f54a5d6c239d6625807632cac6dcba315a9d81cf141b
399a9a4cddb63b433af744fbcb0688ffc74c19fca89b5a351de59dcc62b4793c
3a804291d56c6f023a893ba3d9a1eb5818d4d4384b60f6b90329fad1af71749e
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fb9329752f11422880d78e6922b2839ed272a995aa1df20c82c09e220ecdbfa
3fbfbc3b37056c5dc22515d23bfd811d3302c5a48d166b505322b65ed35a1ce5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401c3e134c71ce4b4d5aa3cd1827f689e273b7f2141fbb1d37d718eeb64450b3
42469edfcdbd8eca8c081df2f81bad4ece6c63db2745fd5deaa38b308f90709f
428f969204339d0121f6c1486af912de9bb435709a00f945e5ff36955f386ab9
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495e5c6af86d003deb175949e5c3beb0f448d8cca3542ad7256ca3c7b0cb986c
49a88463ce77145af4245e8f83404a26f05b8c61f87303c54cf04556325b4378
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dcda430b932876dbffe534559a285b3276bb26aef30d2d83fce9af1d2a4f1b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fed4306fbb3c49aba1651258c3388897eb4182ed8f99935a477dfdc48d6a816
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d63f01f76aa704e7f3b7e46c89b92514215f6ae5a76bc77cd9f7a106ebd873
5329f3b1120575147174b6eede9cc31b813c236a18fad60dfbec13b0e6dca36e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565a39dbfa33304dbaa59c3ef78ffd52da093eaf27f3fa192910681b056c8e1c
5b376e33cca6f4dd8b2f6ca95c0f15473e820e0b84169ce265586d1a3ee8544b
5d1670012e2ad886c27d24dc4225fe57fd7a6bee70949e34dae2ffb933404ae8
5d4930cebc5a4d22f65666e9f61761a0bf2f84449ba66d7d62104bfb0c013a56
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f7476cf6ad3e30c1ff8dc7d7285fa9b6e4ea0db9b333a5e5b5f71fd08ff93d2
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
6011dd69cbd74c6e590baa552439bd8f1efcdffb20a9404362ef7501fab0c317
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63861ecce4eae93a81022e8e99b3a6d96aa84737231a4eb443f89ed3bd6d44a3
63f0474c935a5ae34bd79cf022a9521b4ba401f40523662a7c2f0dd414e67fdb
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3
656bf6eff58470d2f6e3fff6c57d4470bb353d25906aab0c2c0c83c94d741eff
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
6eb64cf5a801bd8bb2c5908e421c10926404cd3626e73679d9a920f62897f480
70a56d478ee71622f0ac414dfbc5f955d43f7e92034162a8d0b3386cfe9fe27c
70f7ae5fb05d15ce59e917ead35c7a316c1d9a8dd0eaacd036ee704b48eb66e5
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7243dfa6171dbc14cb955125d4d528e5567c4c8b45bb95545d426f0632d2d330
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751fb681f54d257d1e40ec453a64608224a9862491da12791310bdeb0c1d8a2a
760e11f9e1446be6cbe6f17cc745148b482c8b998db6a4936d3288099878292d
76aca20f77589c6a273a3ce797840106e990fba56f7331aebf2056d053ce882f
77c975598e279e2ddc859a389485846aa2d8bcd1476a06a584a4e5c1b402cc7a
7882e41ccb10a00a8c24f07c643f60e5b9fd16ed2dfb17110840694f8ab98dc7
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a30f9b8afe39e954620cd7d542343eb30c5a7e60c3bf8e3a9fffcc5ae1cf92d
7a4a1821040f0a1be976f533b94dc8f118cb4012a98ac05412370fc530e942cf
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7c180b2a6aca0b9b9514d99677e8997f84fb0efbdc8a6f3e534af8ebc1a29a71
7c842047421b2e92158368142bdadb730906fac66a6445e02a96aa2528d2bb45
7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23
7e6f35a09097d95319156542521bbeafec5d5644dc4b5293444f4ec572016d43
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83044a2274d8cd20c9df2195c6d4e063bb24c591f52e757c642f559534e61bbb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83503f4c964c073a8f31f45073af0a649ffabdcb01b30afa073ca69b0df90045
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
846544dc781fa3925d836b6cfb73e2890615fbb060434f1810722760e6e59952
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
85c78612043340f5b4ee5488c8e3bdb6078c55fa2e07a935dbc928972e89cc67
86637d7d1a29206c72744a90391e2694a5837ad53e0be593e2cd27a5a98ad062
86f403d09a415d228d7a73a20f4c082f175f180b7b12ea2e34dec1c2a1973d01
880b18fe2ae242f80df02f22056d97fac4bd37968d0b66fef0f1175786465990
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b5c874d8de272535457ac525053006bede9da3fc07041a160486a6758b38634
8bcd3010c70c56166f62ee901d9c80b42ee5d157044ddf80d16c9e91f7d0fabc
8c0918c9505f3e9e1a402db8a8fd2134d799af574e639a3965a0a28ded8cc0b0
8c155552948d49de92133f2762d6268ec03ebd3520050d483b224e2cf392cf5c
8d174b5f20e9e73243a6ebe216050399a32a93f23a9885c70d6a41188ab926e9
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e20bcf6d02261d20eb66c16a5e09c5aff61008b471d10cd227dd8f3ab1d5a4c
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90a7d5df414c326138d3892bdcb01fd7af8584a82be5a9f9ef5a2d74cb31a815
912745988b37a655bc569256f1da08432377a568a7f7787bd32f0f4ccbf3beb9
91a1369ad08ca0d13ceab5762030af1c6a0213b3d74cea2c241c47cbe880cc75
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9494f3ddb3cc020eb9ee748f06389ada510e2473ec6b92addc3ae61f7f1b853f
94c3631f006e651412da2380a5079c9168aec4a632ff17f03a23f6aa3cd7ee0a
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
97c014e9f3333dbf34e24ac0ab42457fa7fb64973be183b4bfee6af1277c7f33
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07de7d71923147bbb5847e4d122e797fad5dfc306d03554561295529b2018d1
a0a04decb8a1dfc45e0616996165b47ad678a936df61371d87bb2556f02fb8aa
a0d4ac4ccf8e3d5e992cf4bdb480a535693ef5bb594baebc285400fbb68eb231
a18d6dc79720eb4b902a579156c409d85fd6f7dcd486ce3b9386b12c5ea2f3fd
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84
a4207e648ea1b4208abb73a9425206c5b969df8c852c8d8fa0fc62da2ab562b6
a438aafdd1ec78075f147cac89796254171fa2f898803b18324de9613c7cc1c6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cf460b50db7f80b87c471b092c210d35308e7830b1316a12742a078d9346e4
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a55a48946f665bc1c8f4602de633b55c690e509f943dc94c5ffd8c228f611154
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a5cd15052f401e674a9cea67de971c439a14dd45736f8b22d099844b95512930
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a78ec97ed60f1f6d85e8ad89eedf31db5c2a44444146a474412fcffb74e02e21
a836ddb3e998b53d9156ff23584bb76bc077307a4e5a4509c8212967fe670fbd
a86918e433de82e40f81b5b65905e4afeee97734191162498ea315f54329d305
a9bc468c0f4ee843c7c2bcdb2e265a5a00ffef49dfd78f8dbc41a4a8df1d340a
aa1d116834f5ac548a8f31f505c68edb17a2b5483bbf2ae2d488619a5964c315
aa968d3941c6c178a543f63a2f5fc32438588763a35767767e313cdb07ee7dac
ab871cdf4f7984242c220b63570614cd296643e0e2fdff6b96622f5108f16c9b
abe616befb0781a6ea8eef1f7f4bafa2948b6861a6e494bbf17d621bbe0ec8b4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adaa71e1e168ad182c2c902b507e3bc5fa3235104cae2cbfc1137bafa8b55fa9
adb251dee312a3e80f8d52865f17ff8f209e4ea3f098a3327595eafbd2cbd2a6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af037d5bbe80a293a473b05175fee0bb20527405cf6921aaf3035ce1776d5936
af65f0066d59a8ddcc52bf8f0ae23db5790e6e04f96a9a1f12a39ec294877fb8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294430cb745af4f3b3c238014bded2b9789fdc73f0a5a6720a8f2ba2a09e17f
b36c010d5e758ae6c84118f17004459702f01635b232aa2e88a4631ba1841ec2
b4b65a7131f60c0c38ec64e10e7bb5c3b8c8e8ad6f564fef20564f8408c78bdf
b5ad55d1884073f268a1333b7d15e0c7bdbe3c92cc0d59075ac718daff08cc63
b6648cd7091726ccecff94eee73bac8a62bef4360f782e1f1539b56872ff66c6
b7f71305ee3421e1b929c25045ed575e1c03d245fd7f7a452935fbb26011c6b1
b8d00c7ee9dcf7c3356ac8a3d1464442daf6699786098fc0e13301bc79678f53
b8d9bd49e56900fa936158ab993b4f75aabcf983166385f54832772612c4dd44
b8ee96d365ed75fe0e197af1c4f3d844ff5b3f2ab0a257bcef0aad68681969d1
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcff976e7ce876d75d1abf21536efede75952bbbd184120aceacca6847ce680f
bdfa822588f972dc36d07b04c134ab76d9395b2aa835bac35679ec85573f57a7
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586
c0b6b5ff58dc642e2551e71d9ca6ef48fed3e809e9ccd9a8f45af36de1e6900a
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1e6c17c4c39cb9720a438e7fa49600b1425e8653e669cc7b1bed4588fe76244
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3a49a467118bc6047f8313c4c583e226cf347c650c03c12c819ebd48ad8f246
c4a4bddea11c6a11d8577b32c99b290d37435ceebe3e5ca699ce50cf1fa791df
c5f0f8b89053342339a787e886cea85483531b3d0d2e67427a6d7d3727cfbd16
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c6ccf06cb0a453582b11736475b935bf83d84a6d4c53036cd51b27178552002d
c6db6ee13cbd4ea6c78a0cda0b67c6f6e0bf257a30ea465ad28a7772538804f7
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
c6f6d34006257570c88e416a629994167f6a4e90a57d69220a9a3ed6100a8064
c745af262bb234df7cd3686092304300ecd91fcbe667f47b5499e4d1c8aa2473
c75d4722d45ef4e8d39fede2c1376c9f7efbf2b71d8d3defc59beb2ba90783e0
c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0
c98aaf6e543503ad4c8449977d7a4e1d3b6bcca812999bc0f79451fe56838689
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca47dca50b91dd6ce400aa3264eeed5199646d3d87b9b627f5131c1740c72776
ca9c2e422507f88e194e05ddfeb3397aec8b859b85499ec3bfd643fc69c52e5c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cdf01f732af29d4a13c384a2afa26c164bfe4be9ee36c04d7f2bf401f4cbeb8e
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
d557d4c7424daa420829c0601bc94d172e5df238b0385b1df8083c5430c533b0
d5e619c15549a194ce025e230520835287607c18ee49d1b74490e96666dbe212
d73c6fa26e2b7dc8cb5d1bdac31ea36209d58479d001c98cd19b2c225515e204
d80451c4105d3ecd7e2d85aa105dbf480dec92e5aa5a0904144969ef7871c26a
d88eeab426b097a754eec8f9a1aaa20139fa6f0c81e3888d6c05326aeaafda93
da216476827ca4cfdc94d7af2ecc97a11a7337edcbfe9430d379b0cf95f7089d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df89ef26fd73c6f41bcd44e9bc7d8161ba328a788d516fd48a40ee28c16d9967
dfaca3c1c41869a9bdc66c6441a1940bca0f43ee7198ecce5742a01580bb196a
e03d509846c55fbfd54c67ca2b90c81c1b534800c23c6cf5056cdc0115d80161
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e4ec878435c52160eee9f38c62cfbc0389f51b3bbd2e5ca2dfff9df893a3fa06
e4feb275f4004ae990d74f2baa3c0d6afa65e3f69cccce604d7048767bad46a2
e5fbdbd0abe382655a14688d2462c7da24c0d4b740826831ef33c66c0c772c64
e5ff5d1b5be3f8f2547cd933f8d846da2f146e8f6da924ee466589de2b8ad600
e65f806d08bbd60e65c01dce3f3c5e617ad3e7f8ce67887d6ec89f2918a00d01
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e80a0699160dedb6b33215c2a7744e35f1286817467a0e2a710404a6f28beec9
e8743a79d0165c7e0967d542db07a34372a5921b1126903af636fd86bbe805f2
e88120a7af5d794ed12526655b4d0da37498ebbdf092ca95f2cf3244b9096b1e
e8b5aa2140f50b2c3effbf2a1342e846fec18f56927d58b1b7dd99aca1eec775
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
e98e9d3d7d3cc7a67d64da8d658f1f3bf693462000f38e0a220efe15a0aa3667
eb4c1b0c69d89aa2599706b133fd3151bdbe207652024b0187903feffc774de5
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecaf3992ae484295aaab88b2145d0f96e5e4449802fd656ceb5cfd4eb99eed9c
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
ed4b4847c011f22240c3811fc0f85e1f36c720936c503a82037fe8f19656b9f8
ed6e154d55195a678994b763e89227c00f5b491c7950d6cbe2a5ddb239994730
eee5dd2f2ea09360721b85b23cbde97fc9d61224f2ada771cc19129f0f8b6359
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f147b47f56820a785c10c13f77d0c8c763ef3f5b782dd759c26fe782290245fb
f17d3f0c15964206f7333086b43d5c1574d81b07503220af7f3c097654b11c7f
f25988eceea39a30a61f209c355ea08f6925f40fe963ff52cfa2e5f893059021
f4d613a0c9e5f7a2f2a0764f022a66abfaec0109afa344c55c8bec9f75e35335
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f6791bac7efd1272cf12bd2d89ea45a11de4135e34788233a41080d0a98f00f2
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82dfff7e95689b8fb8949b551fb8e3cbe856f6105551abac116704deb1af382
f977366aadaeefc4def7e12eac57a6f31d836fc2c052580d6c00e056fa50dd21
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fa6038e8d9eadac21cff7cf98fb3853255e008775f4fe2bdde3ce3a373bced35
fd07754b1b2cfaf024504d81cdd9382bc5f76815052a6405ff52432fc2087dee
fd62e97ce1efec8f038643c0fa0a54cff911926b8eab345bb14b1514c68e5c3d
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff35b06ac7e5d6c94018d6cd356e3d9d74bdd768a05042144ca390209add0131