urlscan.io logo urlscan.io
SecurityTrails logo

nypost.com Open in urlscan Pro
192.0.66.32  Public Scan

Go To Rescan Add Verdict Report
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Submission: On January 29 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 285 IPs in 15 countries across 241 domains to perform 1668 HTTP transactions. The main IP is 192.0.66.32, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is nypost.com. The Cisco Umbrella rank of the primary domain is 9795.
TLS certificate: Issued by R3 on January 24th 2024. Valid for: 3 months.
This is the only time nypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
69 192.0.66.32 2635 (AUTOMATTIC)
11 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:1402:880... 20940 (AKAMAI-ASN1)
6 13.224.214.79 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.224.214.30 16509 (AMAZON-02)
1 151.101.194.217 54113 (FASTLY)
2 2600:9000:25c... 16509 (AMAZON-02)
3 13.224.214.90 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 142.251.163.155 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:1402:880... 20940 (AKAMAI-ASN1)
3 2600:1901:0:6... 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 18.238.11.142 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:25c... 16509 (AMAZON-02)
6 130.211.23.194 396982 (GOOGLE-CL...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
5 13 142.251.16.148 15169 (GOOGLE)
1 18.238.3.58 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 34.36.206.170 396982 (GOOGLE-CL...)
2 5 18.238.4.84 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
8 2001:4860:480... 15169 (GOOGLE)
9 18.238.8.227 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
12 13.224.214.91 16509 (AMAZON-02)
20 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.50 16509 (AMAZON-02)
1 45.79.167.63 63949 (AKAMAI-LI...)
1 151.139.128.10 20446 (STACKPATH...)
38 23.197.185.54 16625 (AKAMAI-AS)
2 4 18.238.4.53 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 13.224.214.58 16509 (AMAZON-02)
1 34.120.253.250 396982 (GOOGLE-CL...)
2 44.206.90.231 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 16 23.56.220.66 16625 (AKAMAI-AS)
1 13.224.214.65 16509 (AMAZON-02)
37 18.238.4.104 16509 (AMAZON-02)
3 13.224.214.23 16509 (AMAZON-02)
1 18.238.4.83 16509 (AMAZON-02)
2 34.110.220.19 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.35 16509 (AMAZON-02)
6 18.238.4.6 16509 (AMAZON-02)
1 3 18.238.4.4 16509 (AMAZON-02)
2 34.102.180.215 396982 (GOOGLE-CL...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 18.209.74.157 14618 (AMAZON-AES)
1 35.241.9.51 396982 (GOOGLE-CL...)
29 49 68.67.179.155 29990 (ASN-APPNEX)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
1 52.205.167.202 14618 (AMAZON-AES)
10 2600:1402:680... 20940 (AKAMAI-ASN1)
1 69.194.241.38 26120 (RHYTHMONE)
8 34.98.72.95 396982 (GOOGLE-CL...)
1 13.224.214.15 16509 (AMAZON-02)
1 35.190.59.101 15169 (GOOGLE)
1 18.238.4.127 16509 (AMAZON-02)
23 18.238.4.87 16509 (AMAZON-02)
8 34.107.254.252 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 3.210.165.134 14618 (AMAZON-AES)
1 2600:9000:20e... 16509 (AMAZON-02)
4 146.75.30.132 54113 (FASTLY)
12 96.46.186.186 7979 (SERVERS-COM)
7 10 34.198.125.227 14618 (AMAZON-AES)
1 2600:9000:20e... 16509 (AMAZON-02)
3 34.120.63.153 396982 (GOOGLE-CL...)
2 141.95.98.65 16276 (OVH)
3 13.224.214.7 16509 (AMAZON-02)
16 18.238.12.225 16509 (AMAZON-02)
2 34.120.117.212 396982 (GOOGLE-CL...)
8 34.236.83.94 14618 (AMAZON-AES)
10 2602:803:c002... 26667 (RUBICONPR...)
1 34.197.57.64 14618 (AMAZON-AES)
10 63 104.18.36.155 13335 (CLOUDFLAR...)
1 199.250.161.129 26459 (TTD-ASN-01)
2 3.210.107.42 14618 (AMAZON-AES)
8 2620:100:a001... 19750 (AS-CRITEO)
32 104.18.43.178 13335 (CLOUDFLAR...)
1 35.211.242.24 19527 (GOOGLE-2)
4 13.224.214.67 16509 (AMAZON-02)
1 2600:1418:a00... 20940 (AKAMAI-ASN1)
1 34.107.215.30 396982 (GOOGLE-CL...)
1 34.149.80.61 15169 (GOOGLE)
1 34.149.117.55 396982 (GOOGLE-CL...)
28 30 3.33.220.150 16509 (AMAZON-02)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 2 23.39.185.111 16625 (AKAMAI-AS)
31 38 35.211.178.172 15169 (GOOGLE)
11 13 54.160.145.206 14618 (AMAZON-AES)
5 7 216.200.232.253 30419 (MEDIAMATH...)
3 8 44.196.200.15 14618 (AMAZON-AES)
5 7 74.119.119.150 19750 (AS-CRITEO)
37 64.202.112.95 23352 (SERVERCEN...)
8 23.56.221.240 16625 (AKAMAI-AS)
7 13 35.244.154.8 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
2 5 2620:1ec:21::14 8068 (MICROSOFT...)
12 12 70.42.32.223 22075 (AS-OUTBRAIN)
1 34.149.101.235 396982 (GOOGLE-CL...)
1 44.199.33.177 14618 (AMAZON-AES)
5 13.224.214.26 16509 (AMAZON-02)
8 8 35.207.24.140 15169 (GOOGLE)
29 57 142.251.16.157 15169 (GOOGLE)
8 51.222.239.230 16276 (OVH)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 6 3.232.64.79 14618 (AMAZON-AES)
6 8 185.184.8.90 204995 (RTB-HOUSE...)
21 41 69.173.151.100 26667 (RUBICONPR...)
3 16 52.71.57.44 14618 (AMAZON-AES)
2 4 44.235.243.161 16509 (AMAZON-02)
5 5 8.28.7.82 62713 (AS-PUBMATIC)
4 32 104.36.113.107 62713 (AS-PUBMATIC)
3 4 8.28.7.84 62713 (AS-PUBMATIC)
11 24 34.98.64.218 396982 (GOOGLE-CL...)
14 17 34.200.65.202 14618 (AMAZON-AES)
2 54.90.24.244 14618 (AMAZON-AES)
2 2 2600:9000:25c... 16509 (AMAZON-02)
3 5 23.105.14.101 30633 (LEASEWEB-...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
16 16 207.198.113.204 13768 (COGECO-PEER1)
4 4 2620:116:800e... 16509 (AMAZON-02)
15 18 198.148.27.131 19189 (PULSEPOINT)
2 2 35.208.249.213 15169 (GOOGLE)
3 3 82.145.213.8 39832 (NO-OPERA)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 5 52.200.178.187 14618 (AMAZON-AES)
7 16 184.72.185.131 14618 (AMAZON-AES)
2 2 2600:1f18:765... 14618 (AMAZON-AES)
39 40 69.194.240.13 26120 (RHYTHMONE)
6 6 2620:112:f002... 6336 (TURN-US-ASN)
2 37 52.46.130.91 16509 (AMAZON-02)
1 2600:1418:a00... 20940 (AKAMAI-ASN1)
11 13.224.214.108 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1901:0:5... 396982 (GOOGLE-CL...)
4 52.44.212.230 14618 (AMAZON-AES)
17 23.197.184.187 16625 (AKAMAI-AS)
9 18.238.4.26 16509 (AMAZON-02)
38 23.48.9.103 16625 (AKAMAI-AS)
9 46 52.223.22.214 16509 (AMAZON-02)
6 16 2600:1f18:4e9... 14618 (AMAZON-AES)
1 100.21.192.180 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
5 5 199.38.167.131 54312 (ROCKETFUEL)
6 2620:100:a001::4 19750 (AS-CRITEO)
2 3 192.132.33.67 18568 (BIDTELLECT)
40 35.172.99.217 14618 (AMAZON-AES)
1 1 198.24.162.123 19437 (SS-ASH)
6 6 54.161.249.158 14618 (AMAZON-AES)
7 8 169.197.150.7 398989 (DEEPINTENT)
22 22 2606:ae80:145... 25751 (VALUECLICK)
6 6 168.119.72.236 24940 (HETZNER-AS)
11 12 185.167.164.49 198622 (ADFORM)
1 1 211.120.53.203 4694 (IDCF IDC ...)
14 14 23.32.172.185 16625 (AKAMAI-AS)
3 50 172.64.146.152 13335 (CLOUDFLAR...)
15 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
26 2607:f8b0:400... 15169 (GOOGLE)
1 2602:803:c002... 26667 (RUBICONPR...)
4 9 216.22.16.72 30633 (LEASEWEB-...)
1 1 45.137.176.88 60350 (VP)
5 7 52.209.41.250 16509 (AMAZON-02)
6 8.28.7.81 62713 (AS-PUBMATIC)
1 2 69.20.43.192 27357 (RACKSPACE)
1 2 34.149.254.212 396982 (GOOGLE-CL...)
2 174.138.64.21 14061 (DIGITALOC...)
1 34.111.8.32 396982 (GOOGLE-CL...)
5 5 8.43.72.97 26667 (RUBICONPR...)
8 2404:6800:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 54.210.6.32 14618 (AMAZON-AES)
1 34.107.165.188 396982 (GOOGLE-CL...)
15 23.48.8.28 16625 (AKAMAI-AS)
6 104.18.38.76 13335 (CLOUDFLAR...)
5 23.197.184.175 16625 (AKAMAI-AS)
2 2 216.219.92.22 19318 (IS-AS-1)
8 12 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
6 6 35.236.220.17 396982 (GOOGLE-CL...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1408:540... 20940 (AKAMAI-ASN1)
3 4 34.202.222.101 14618 (AMAZON-AES)
1 52.95.125.22 16509 (AMAZON-02)
14 14 54.147.37.155 14618 (AMAZON-AES)
12 16 147.28.129.37 54825 (PACKET)
1 23.45.13.146 20940 (AKAMAI-ASN1)
2 2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:25c... 16509 (AMAZON-02)
1 141.226.124.48 200478 (TABOOLA-AS)
1 3 2600:9000:20e... 16509 (AMAZON-02)
3 35.211.206.254 15169 (GOOGLE)
1 35.211.85.235 15169 (GOOGLE)
1 2620:100:a001::2 19750 (AS-CRITEO)
3 7 2620:100:a001::c 19750 (AS-CRITEO)
7 7 54.197.121.110 14618 (AMAZON-AES)
2 2 52.44.150.160 14618 (AMAZON-AES)
1 34.199.73.116 14618 (AMAZON-AES)
1 173.0.146.7 7979 (SERVERS-COM)
10 24 162.19.138.119 16276 (OVH)
11 104.18.41.104 13335 (CLOUDFLAR...)
3 2600:9000:203... 16509 (AMAZON-02)
8 45.133.44.4 39572 (ADVANCEDH...)
1 1 172.105.221.240 63949 (AKAMAI-LI...)
1 1 159.203.145.121 14061 (DIGITALOC...)
1 1 34.201.194.207 14618 (AMAZON-AES)
5 5 20.127.253.7 8075 (MICROSOFT...)
2 141.226.224.48 200478 (TABOOLA-AS)
2 2 2606:4700:1::... 13335 (CLOUDFLAR...)
17 96.46.186.182 7979 (SERVERS-COM)
8 9 34.227.234.237 14618 (AMAZON-AES)
5 5 35.214.167.88 15169 (GOOGLE)
5 2a02:6ea0:e20... 60068 (CDN77 _)
2 5 63.251.28.134 26558 (FREEWHEEL)
2 3 80.77.87.166 46636 (NATCOWEB)
3 99.84.191.41 16509 (AMAZON-02)
1 1 35.174.94.173 14618 (AMAZON-AES)
3 3 173.231.184.20 32475 (SINGLEHOP...)
5 6 151.101.194.49 54113 (FASTLY)
2 51.222.241.106 16276 (OVH)
2 3 50.57.31.206 19994 (RACKSPACE)
1 207.246.93.86 20473 (AS-CHOOPA)
2 34.117.228.201 396982 (GOOGLE-CL...)
16 34 67.202.105.24 32748 (STEADFAST)
1 5 67.202.105.34 32748 (STEADFAST)
2 3 35.186.193.173 15169 (GOOGLE)
2 2 34.224.184.64 14618 (AMAZON-AES)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
5 18.235.119.139 14618 (AMAZON-AES)
3 3 54.210.110.53 14618 (AMAZON-AES)
9 9 2607:f350:3:2... 27630 (AS-XFERNET)
1 1 159.203.147.11 14061 (DIGITALOC...)
5 5 172.240.155.68 7979 (SERVERS-COM)
5 162.248.18.34 62713 (AS-PUBMATIC)
14 69.194.240.11 26120 (RHYTHMONE)
3 4 54.146.101.75 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2 34.235.77.155 14618 (AMAZON-AES)
1 2 54.157.86.148 14618 (AMAZON-AES)
1 8 52.23.48.223 14618 (AMAZON-AES)
12 2607:4f00:944... 55081 (24SHELLS)
2 45.133.44.3 39572 (ADVANCEDH...)
1 1 35.211.118.13 19527 (GOOGLE-2)
11 34.117.239.71 396982 (GOOGLE-CL...)
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 44.227.222.152 16509 (AMAZON-02)
1 18.245.124.125 16509 (AMAZON-02)
1 2 38.68.201.140 174 (COGENT-174)
1 18.238.4.65 16509 (AMAZON-02)
1 173.0.146.6 7979 (SERVERS-COM)
2 34.193.95.126 14618 (AMAZON-AES)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 1 172.105.220.23 63949 (AKAMAI-LI...)
2 44.213.144.39 14618 (AMAZON-AES)
1 2 34.199.67.71 14618 (AMAZON-AES)
1 2607:4f00:932::2 55081 (24SHELLS)
6 104.36.115.111 62713 (AS-PUBMATIC)
1 18.238.4.8 16509 (AMAZON-02)
4 23.105.12.131 30633 (LEASEWEB-...)
1 195.244.31.11 63140 (IGUANA-WO...)
1 54.85.156.25 14618 (AMAZON-AES)
2 34.237.83.209 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 23.20.47.211 14618 (AMAZON-AES)
2 3.229.71.61 14618 (AMAZON-AES)
8 173.255.196.113 63949 (AKAMAI-LI...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 23.14.152.251 16625 (AKAMAI-AS)
2 104.18.35.167 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
5 69.173.151.96 26667 (RUBICONPR...)
1 20 172.98.26.246 399668 (E-PLANNING-)
18 23.227.146.18 55081 (24SHELLS)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 1 51.83.220.94 16276 (OVH)
4 4 8.2.110.161 46636 (NATCOWEB)
4 4 23.105.12.142 30633 (LEASEWEB-...)
1 162.55.120.196 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
2 2 184.86.146.172 16625 (AKAMAI-AS)
7 7 146.59.148.16 16276 (OVH)
1 1 134.122.57.34 14061 (DIGITALOC...)
49 172.98.26.245 399668 (E-PLANNING-)
3 8.2.110.17 46636 (NATCOWEB)
6 172.98.26.242 399668 (E-PLANNING-)
8 13 35.227.252.103 15169 (GOOGLE)
3 3 138.197.58.184 14061 (DIGITALOC...)
8 8 50.17.243.245 14618 (AMAZON-AES)
3 4 3.211.143.64 14618 (AMAZON-AES)
2 2 35.211.233.246 19527 (GOOGLE-2)
3 3 47.253.61.56 45102 (ALIBABA-C...)
2 35.244.193.51 396982 (GOOGLE-CL...)
1 2600:9000:226... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 34.96.71.22 396982 (GOOGLE-CL...)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 1 44.193.151.172 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
12 96.46.186.176 7979 (SERVERS-COM)
3 2600:1f18:61c... 14618 (AMAZON-AES)
1 3.211.60.35 14618 (AMAZON-AES)
3 12 174.137.133.32 27257 (WEBAIR-IN...)
2 2606:ae80:147... 25751 (VALUECLICK)
1 104.37.221.83 393640 (ONLINE-TE...)
4 18.160.18.50 16509 (AMAZON-02)
1 10 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 138.199.41.120 60068 (CDN77 _)
3 3 37.157.2.229 198622 (ADFORM)
1 2620:100:a001... 19750 (AS-CRITEO)
3 18.239.168.123 16509 (AMAZON-02)
3 185.106.140.18 7979 (SERVERS-COM)
1 37.157.2.228 198622 (ADFORM)
1 2600:9000:20e... 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
5 18.233.54.235 14618 (AMAZON-AES)
1 1 213.227.153.221 60781 (LEASEWEB-...)
1 3 23.197.109.53 16625 (AKAMAI-AS)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.149.139.129 15169 (GOOGLE)
5 212.36.83.246 15699 (AS_ADAM A...)
1 1 54.85.76.249 14618 (AMAZON-AES)
3 3 8.2.110.134 46636 (NATCOWEB)
5 74.119.119.139 19750 (AS-CRITEO)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 52.22.68.202 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 1 3.229.234.137 14618 (AMAZON-AES)
1 1 185.184.10.30 203690 (RTB-HOUSE...)
1 8.28.7.105 62713 (AS-PUBMATIC)
1 3.20.160.213 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 52.202.242.121 14618 (AMAZON-AES)
1 1 8.2.110.206 46636 (NATCOWEB)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 1 3.218.153.110 14618 (AMAZON-AES)
1 1 2a04:4e42:400... 54113 (FASTLY)
2 2 143.244.208.184 14061 (DIGITALOC...)
1 8.2.110.113 ()
6 209.192.201.180 ()
1 34.117.77.79 ()
1 13.226.52.66 ()
1668 285
69    192.0.66.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
nypost.com
pagesix.com
11    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2600:1402:8800::1728:cd92 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
6    13.224.214.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-79.phl50.r.cloudfront.net
zephr-v4.nypost.com
1    2600:9000:20ed:9a00:13:af59:7380:93a1 (United States)

ASN16509 (AMAZON-02, US)
pbcs.nypost.com
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
nypost-com.videoplayerhub.com
5    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    13.224.214.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-30.phl50.r.cloudfront.net
ak.sail-horizon.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
2    2600:9000:25c8:5400:e:5a70:ca40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.flipboard.com
3    13.224.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-90.phl50.r.cloudfront.net
launcher.spot.im
t.nypost.com
1    2607:f8b0:4004:c08::54 (Ashburn, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
www.googleadservices.com
2    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2600:1402:8800::1728:cdca (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2600:1901:0:636d::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
meadowlullaby.com
3    2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.238.11.142 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-11-142.phl51.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
3    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:25c8:2200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
6    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
6    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
13    142.251.16.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f148.1e100.net
ad.doubleclick.net
1    18.238.3.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-3-58.phl51.r.cloudfront.net
cdn.parsely.com
5    2607:f8b0:4004:c07::68 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    34.36.206.170 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.206.36.34.bc.googleusercontent.com
nid.nypost.com
5    18.238.4.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-84.phl51.r.cloudfront.net
us.tags.newscgp.com
tags.marketwatch.com
1    2600:9000:20ed:dc00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
8    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    18.238.8.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-8-227.phl51.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)
0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
12    13.224.214.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-91.phl50.r.cloudfront.net
tagan.adlightning.com
20    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    13.224.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-50.phl50.r.cloudfront.net
cdn.p-n.io
1    45.79.167.63 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-167-63.ip.linodeusercontent.com
segment-data.zqtk.net
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
38    23.197.185.54 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-185-54.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
amplify.outbrain.com
wave.outbrain.com
libs.outbrain.com
4    18.238.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-53.phl51.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700:4400::6812:2aa1 (United States)

ASN13335 (CLOUDFLARENET, US)
video.unrulymedia.com
1    13.224.214.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-58.phl50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
2    44.206.90.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-90-231.compute-1.amazonaws.com
www.zergnet.com
1    2606:4700::6810:7c60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
16    23.56.220.66 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-220-66.deploy.static.akamaitechnologies.com
warp.media.net
cs.media.net
pb-logs.media.net
hblg.media.net
hbx.media.net
c21lg-d.media.net
1    13.224.214.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-65.phl50.r.cloudfront.net
direct-events-collector.spot.im
37    18.238.4.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-104.phl51.r.cloudfront.net
static-cdn.spot.im
3    13.224.214.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-23.phl50.r.cloudfront.net
publisher-assets.spot.im
check.analytics.rlcdn.com
1    18.238.4.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-83.phl51.r.cloudfront.net
t.contentsquare.net
2    34.110.220.19 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 19.220.110.34.bc.googleusercontent.com
sac.nypost.com
1    2607:f8b0:4004:c17::71 (Washington, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    13.224.214.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-35.phl50.r.cloudfront.net
www.ncaudienceexchange.com
6    18.238.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-6.phl51.r.cloudfront.net
tags.realtor.com
tags.barrons.com
tags.mansionglobal.com
tags.wsj.com
tags.decider.com
tags.pagesix.com
3    18.238.4.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-4.phl51.r.cloudfront.net
tags.penews.com
tags.nypost.com
2    34.102.180.215 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.180.102.34.bc.googleusercontent.com
v2.pixel.newscgp.com
1    2600:1f18:730:b140:9170:c9d:673c:3ea9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    18.209.74.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-74-157.compute-1.amazonaws.com
rp4.liadm.com
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co
49    68.67.179.155 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
10    2600:1402:6800::172d:da2 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    69.194.241.38 (United States)

ASN26120 (RHYTHMONE, US)
aniview-diag-server.1rx.io
8    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    13.224.214.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-15.phl50.r.cloudfront.net
open-api.spot.im
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
1    18.238.4.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-127.phl51.r.cloudfront.net
launchpad.privacymanager.io
23    18.238.4.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-87.phl51.r.cloudfront.net
api-2-0.spot.im
static-cdn.spot.im
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    3.210.165.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-165-134.compute-1.amazonaws.com
api.nypdev.com
1    2600:9000:20ed:f400:1b:ed91:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)
csxd.contentsquare.net
4    146.75.30.132 (Ashburn, United States)

ASN54113 (FASTLY, US)
mv.outbrain.com
12    96.46.186.186 (United States)

ASN7979 (SERVERS-COM, US)
servt.unrulyvideo.com
track1.aniview.com
track4.aniview.com
10    34.198.125.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-125-227.compute-1.amazonaws.com
i.liadm.com
1    2600:9000:20ed:4c00:9:41bd:8d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
sli.nypost.com
3    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
api.id5-sync.com
id5-sync.com
3    13.224.214.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-7.phl50.r.cloudfront.net
config.aps.amazon-adsystem.com
16    18.238.12.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-12-225.phl51.r.cloudfront.net
aax.amazon-adsystem.com
2    34.120.117.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.117.120.34.bc.googleusercontent.com
ls.skimresources.com
8    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
10    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.197.57.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-57-64.compute-1.amazonaws.com
krk2.kargo.com
63    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
r.casalemedia.com
dsum.casalemedia.com
1    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
2    3.210.107.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-107-42.compute-1.amazonaws.com
tlx.3lift.com
8    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
32    104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
1    35.211.242.24 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 24.242.211.35.bc.googleusercontent.com
grid.bidswitch.net
4    13.224.214.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-67.phl50.r.cloudfront.net
geo.privacymanager.io
1    2600:1418:a000:13::17c8:852f (Minneapolis, United States)

ASN20940 (AKAMAI-ASN1, NL)
player.unrulyvideo.com
1    34.107.215.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.215.107.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.149.80.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.80.149.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.149.117.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.117.149.34.bc.googleusercontent.com
view.cdnbasket.net
30    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
1    2600:1f18:ed:550e:6c65:3c0a:bacf:2e64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    23.39.185.111 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-185-111.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
38    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
us-east-sync.bidswitch.net
13    54.160.145.206 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-145-206.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    44.196.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-200-15.compute-1.amazonaws.com
dpm.demdex.net
7    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
37    64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
tr.outbrain.com
sync.outbrain.com
eventlog.outbrain.com
8    23.56.221.240 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-221-240.deploy.static.akamaitechnologies.com
images.outbrainimg.com
13    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
12    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    34.149.101.235 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 235.101.149.34.bc.googleusercontent.com
sync-jp.im-apps.net
1    44.199.33.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-33-177.compute-1.amazonaws.com
beacon.krxd.net
5    13.224.214.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-26.phl50.r.cloudfront.net
aa.agkn.com
sync1.intentiq.com
8    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
rtb-use.mfadsrvr.com
57    142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
cm.g.doubleclick.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
ade.googlesyndication.com
8    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    3.232.64.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-64-79.compute-1.amazonaws.com
ps.eyeota.net
8    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
prebid-eu.creativecdn.com
41    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
16    52.71.57.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-57-44.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
id.crwdcntrl.net
4    44.235.243.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-243-161.us-west-2.compute.amazonaws.com
loadus.exelator.com
5    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
32    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
24    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
17    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
2    54.90.24.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-24-244.compute-1.amazonaws.com
ice.360yield.com
match.360yield.com
2    2600:9000:25c8:3200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
5    23.105.14.101 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.101.rdns.racklot.com
ssbsync.smartadserver.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
16    207.198.113.204 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    2620:116:800e:21:36b5:1576:d999:6e52 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
18    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2606:4700:3037::6815:444a (United States)

ASN13335 (CLOUDFLARENET, US)
cm.rtbsystem.com
5    52.200.178.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-178-187.compute-1.amazonaws.com
rtb.adentifi.com
16    184.72.185.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-185-131.compute-1.amazonaws.com
match.sharethrough.com
2    2600:1f18:765:4800:7681:18d0:4c60:ba77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pxl.iqm.com
40    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
6    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
37    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2600:1418:a000:13::17c8:8524 (Minneapolis, United States)

ASN20940 (AKAMAI-ASN1, NL)
tg1.unrulyvideo.com
11    13.224.214.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-108.phl50.r.cloudfront.net
ats-wrapper.privacymanager.io
tags.crwdcntrl.net
5    2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
191e40e306f6fc5816cb2e4c9fa76d3a.safeframe.googlesyndication.com
1    2600:1901:0:56e0:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
ids.cdnwidget.com
4    52.44.212.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-212-230.compute-1.amazonaws.com
rtb.gumgum.com
17    23.197.184.187 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-184-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
9    18.238.4.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-26.phl51.r.cloudfront.net
ms-cookie-sync.presage.io
38    23.48.9.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-9-103.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
46    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
16    2600:1f18:4e9:5a01:2756:bc66:a0ce:665f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    100.21.192.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-192-180.us-west-2.compute.amazonaws.com
gsght.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:20ed:a000:d:c38f:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
ib.3lift.com
5    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.67.bidtellect.com
bttrack.com
40    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
1    198.24.162.123 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
6    54.161.249.158 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-249-158.compute-1.amazonaws.com
sync.ipredictive.com
8    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
22    2606:ae80:1451:21::440 (United States)

ASN25751 (VALUECLICK, US)
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
prebid-match.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
casale-match.dotomi.com
triplelift-match.dotomi.com
6    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
12    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    211.120.53.203 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
14    23.32.172.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
50    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
cd.connatix.com
cds.connatix.com
cks.connatix.com
15    2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4004:c1f::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    2606:4700::6812:751 (United States)

ASN13335 (CLOUDFLARENET, US)
static.vidazoo.com
inventory.vidazoo.com
26    2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2602:803:c002:200::44 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad2.rubiconproject.com
9    216.22.16.72 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
7    52.209.41.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-41-250.eu-west-1.compute.amazonaws.com
a.audrte.com
6    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
2    34.149.254.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.254.149.34.bc.googleusercontent.com
pix.cdnwidget.com
2    174.138.64.21 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
server3.vidazoo.com
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
events.bouncex.net
5    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
8    2404:6800:4009:826::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.210.6.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-6-32.compute-1.amazonaws.com
idx.liadm.com
1    34.107.165.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.165.107.34.bc.googleusercontent.com
api.rlcdn.com
15    23.48.8.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-8-28.deploy.static.akamaitechnologies.com
contextual.media.net
6    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
5    23.197.184.175 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-184-175.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    216.219.92.22 (United States)

ASN19318 (IS-AS-1, US)
inv-nets.admixer.net
12    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
6    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
5    2607:f8b0:4004:c06::95 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2600:1408:5400:23::b819:7f4b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
4    34.202.222.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-222-101.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
14    54.147.37.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-37-155.compute-1.amazonaws.com
match.prod.bidr.io
16    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    23.45.13.146 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-13-146.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    2607:f8b0:4004:c09::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
4    2607:f8b0:4000:b::6 (United States)

ASN15169 (GOOGLE, US)
r1---sn-q4fl6nsd.c.2mdn.net
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2600:9000:20ed:ce00:17:b93b:fa40:21 (United States)

ASN16509 (AMAZON-02, US)
de9a11s35xj3d.cloudfront.net
1    2600:9000:25c8:3a00:6:1e88:a100:21 (United States)

ASN16509 (AMAZON-02, US)
d31otfhas71ais.cloudfront.net
1    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
3    2600:9000:20ed:c600:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
3    35.211.206.254 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 254.206.211.35.bc.googleusercontent.com
pdc.bidswitch.net
1    35.211.85.235 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 235.85.211.35.bc.googleusercontent.com
media.grid.bidswitch.net
1    2620:100:a001::2 (United States)

ASN19750 (AS-CRITEO, US)
grid-mercury.criteo.com
7    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
7    54.197.121.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-121-110.compute-1.amazonaws.com
pm.w55c.net
2    52.44.150.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-150-160.compute-1.amazonaws.com
t.pswec.com
1    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
1    173.0.146.7 (United States)

ASN7979 (SERVERS-COM, US)
observe.aniview.com
24    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
id5-sync.com
11    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
cds.connatix.com
cks.connatix.com
3    2600:9000:2031:d800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
8    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
player.adtelligent.com
1    172.105.221.240 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com
a.c.appier.net
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    34.201.194.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-194-207.compute-1.amazonaws.com
cc.adingo.jp
5    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
17    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
9    34.227.234.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-234-237.compute-1.amazonaws.com
ap.lijit.com
5    35.214.167.88 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 88.167.214.35.bc.googleusercontent.com
csync.loopme.me
5    2a02:6ea0:e200::2 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
vid.vidoomy.com
vpaid.vidoomy.com
5    63.251.28.134 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    99.84.191.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-41.iad89.r.cloudfront.net
pix.spot.im
1    35.174.94.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-94-173.compute-1.amazonaws.com
mid.rkdms.com
3    173.231.184.20 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    51.222.241.106 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-012.roqad.pl
wt.rqtrk.eu
3    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    207.246.93.86 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 207.246.93.86.vultrusercontent.com
bis6.vidazoo.com
2    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
34    67.202.105.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
5    67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
ipac.ctnsnet.com
cm.ctnsnet.com
2    34.224.184.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-184-64.compute-1.amazonaws.com
ads.yieldmo.com
1    2600:1f18:612b:4280:3cdb:db4:84db:d654 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
connatix-supply-partners.tremorhub.com
5    18.235.119.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-119-139.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
pbs-cs.yellowblue.io
3    54.210.110.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-110-53.compute-1.amazonaws.com
vop.sundaysky.com
9    2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    159.203.147.11 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
5    172.240.155.68 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
5    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
14    69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
4    54.146.101.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-101-75.compute-1.amazonaws.com
ads.servenobid.com
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    34.235.77.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-77-155.compute-1.amazonaws.com
thrtle.com
2    54.157.86.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-86-148.compute-1.amazonaws.com
crb.kargo.com
8    52.23.48.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-48-223.compute-1.amazonaws.com
sync.bfmio.com
12    2607:4f00:944:0:3eec:efff:fed0:86a2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sghb.spotim.market
ghb.adtelligent.com
ghb2.adtelligent.com
sghb.adtelligent.com
2    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
p.safeservingcdn.com
1    35.211.118.13 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
11    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
2    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
2    44.227.222.152 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-222-152.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
1    18.245.124.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-124-125.dfw57.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    18.238.4.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-65.phl51.r.cloudfront.net
api.intentiq.com
1    173.0.146.6 (United States)

ASN7979 (SERVERS-COM, US)
go1.aniview.com
2    34.193.95.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-95-126.compute-1.amazonaws.com
k.p-n.io
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    172.105.220.23 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1874-23.members.linode.com
gocm.c.appier.net
2    44.213.144.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-144-39.compute-1.amazonaws.com
bpi.rtactivate.com
2    34.199.67.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-67-71.compute-1.amazonaws.com
io.narrative.io
1    2607:4f00:932::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb1.adtelligent.com
6    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.238.4.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-8.phl51.r.cloudfront.net
hb.openwebmedia.org
4    23.105.12.131 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
prg.smartadserver.com
1    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
hb-api.omnitagjs.com
1    54.85.156.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-156-25.compute-1.amazonaws.com
exchange.postrelease.com
2    34.237.83.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-83-209.compute-1.amazonaws.com
btlr.sharethrough.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    23.20.47.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-47-211.compute-1.amazonaws.com
prebid.ad.smaato.net
2    3.229.71.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-71-61.compute-1.amazonaws.com
reachms.bfmio.com
8    173.255.196.113 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: web-assets1.metricsamsi.com
web-assets.net
5    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
p.ad.gt
pixels.ad.gt
2    2606:4700:10::6816:37e8 (United States)

ASN13335 (CLOUDFLARENET, US)
c.aaxads.com
8    23.14.152.251 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-14-152-251.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
5    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
20    172.98.26.246 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
18    23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
sync.adtelligent.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.radius.technology
a4p.adpartner.pro
4    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
4    23.105.12.142 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    184.86.146.172 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com
px.owneriq.net
7    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
49    172.98.26.245 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-iad04.e-planning.net
pbjs.e-planning.net
3    8.2.110.17 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
6    172.98.26.242 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
13    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    138.197.58.184 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rtb.om-meta.com
8    50.17.243.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-243-245.compute-1.amazonaws.com
ssp.disqus.com
4    3.211.143.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-143-64.compute-1.amazonaws.com
cookies.nextmillmedia.com
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
3    47.253.61.56 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gw-iad-bid.ymmobi.com
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    2600:9000:2269:da00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    2606:4700:4400::ac40:9765 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
2    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    44.193.151.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-151-172.compute-1.amazonaws.com
aorta.clickagy.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
12    96.46.186.176 (United States)

ASN7979 (SERVERS-COM, US)
s2ssc.aniview.com
3    2600:1f18:61c0:2204:7278:7d7c:f993:dad2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
1    3.211.60.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-60-35.compute-1.amazonaws.com
ad2.360yield.com
12    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
2    2606:ae80:1471:12::500 (United States)

ASN25751 (VALUECLICK, US)
proc.ad.cpe.dotomi.com
1    104.37.221.83 (United States)

ASN393640 (ONLINE-TECH-LLC-IN1, US)
api.metricsamsi.com
4    18.160.18.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-50.iad12.r.cloudfront.net
images.spot.im
10    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
1    138.199.41.120 (New York, United States)

ASN60068 (CDN77 _, GB)
PTR: unn-138-199-41-120.datapacket.com
id.a-mx.com
3    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    2620:100:a001::1d (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
3    18.239.168.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-168-123.bos50.r.cloudfront.net
content.homenetiol.com
3    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
1    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2600:9000:20ed:b200:3:7df3:55c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.decide.dev
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
outbrain-d.openx.net
5    18.233.54.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-54-235.compute-1.amazonaws.com
ce.lijit.com
1    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
3    23.197.109.53 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-109-53.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
1    2606:4700:4400::6812:2412 (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    34.149.139.129 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 129.139.149.34.bc.googleusercontent.com
decide.dev
5    212.36.83.246 (Sant Vicenç dels Horts, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es
a.vidoomy.com
1    54.85.76.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-76-249.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
3    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
5    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
2    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    52.22.68.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-68-202.compute-1.amazonaws.com
ads.creative-serving.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    3.229.234.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-234-137.compute-1.amazonaws.com
um4.eqads.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    3.20.160.213 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-160-213.us-east-2.compute.amazonaws.com
sync.sharethis.com
1    2606:4700:3030::ac43:8a0d (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
1    52.202.242.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-242-121.compute-1.amazonaws.com
nep.advangelists.com
1    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    3.218.153.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-153-110.compute-1.amazonaws.com
event.hgrtb.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    143.244.208.184 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sid.storygize.net
1    8.2.110.113 (None, )

ASN- ()
as.ck-ie.com
6    209.192.201.180 (None, )

ASN- ()
user-sync.adxpremium.services
1    34.117.77.79 (None, )

ASN- ()
ml314.com
1    13.226.52.66 (None, )

ASN- ()
audex.userreport.com
Apex Domain
Subdomains		 Transfer
114 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
eus.rubiconproject.com — Cisco Umbrella Rank: 579
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
beacon-iad2.rubiconproject.com — Cisco Umbrella Rank: 1756
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 777
274 KB
94 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
ad.doubleclick.net — Cisco Umbrella Rank: 163
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
495 KB
83 nypost.com
nypost.com — Cisco Umbrella Rank: 9795
zephr-v4.nypost.com — Cisco Umbrella Rank: 20055
pbcs.nypost.com — Cisco Umbrella Rank: 19964
nid.nypost.com — Cisco Umbrella Rank: 32834
sac.nypost.com — Cisco Umbrella Rank: 19128
t.nypost.com — Cisco Umbrella Rank: 18413
tags.nypost.com — Cisco Umbrella Rank: 17332
sli.nypost.com — Cisco Umbrella Rank: 22136
1 MB
79 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1933
widget-pixels.outbrain.com — Cisco Umbrella Rank: 4251
mv.outbrain.com — Cisco Umbrella Rank: 2586
amplify.outbrain.com — Cisco Umbrella Rank: 2947
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6708
tr.outbrain.com — Cisco Umbrella Rank: 2812
wave.outbrain.com — Cisco Umbrella Rank: 2909
sync.outbrain.com — Cisco Umbrella Rank: 829
libs.outbrain.com — Cisco Umbrella Rank: 3362
eventlog.outbrain.com — Cisco Umbrella Rank: 8840
257 KB
76 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 664
image2.pubmatic.com — Cisco Umbrella Rank: 912
image4.pubmatic.com — Cisco Umbrella Rank: 1237
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
simage2.pubmatic.com — Cisco Umbrella Rank: 870
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ow.pubmatic.com — Cisco Umbrella Rank: 1571
157 KB
75 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2359
sync.e-planning.net — Cisco Umbrella Rank: 3885
u-iad04.e-planning.net — Cisco Umbrella Rank: 5111
s.e-planning.net — Cisco Umbrella Rank: 5393
pbjs.e-planning.net — Cisco Umbrella Rank: 6942
18 KB
72 spot.im
launcher.spot.im — Cisco Umbrella Rank: 5238
direct-events-collector.spot.im — Cisco Umbrella Rank: 4550
static-cdn.spot.im — Cisco Umbrella Rank: 4518
publisher-assets.spot.im — Cisco Umbrella Rank: 4746
open-api.spot.im — Cisco Umbrella Rank: 8296
api-2-0.spot.im — Cisco Umbrella Rank: 2622
pix.spot.im — Cisco Umbrella Rank: 4738
images.spot.im — Cisco Umbrella Rank: 6988
771 KB
66 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
269 KB
64 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum.casalemedia.com — Cisco Umbrella Rank: 1252
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
r.casalemedia.com — Cisco Umbrella Rank: 1743
49 KB
61 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1105
cd.connatix.com — Cisco Umbrella Rank: 3301
cds.connatix.com — Cisco Umbrella Rank: 3425
cks.connatix.com — Cisco Umbrella Rank: 5842
466 KB
54 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
acdn.adnxs.com — Cisco Umbrella Rank: 598
136 KB
50 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com — Cisco Umbrella Rank: 412
ib.3lift.com — Cisco Umbrella Rank: 1863
84 KB
49 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 901
events-ssc.33across.com — Cisco Umbrella Rank: 1615
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
lexicon.33across.com — Cisco Umbrella Rank: 1517
22 KB
48 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2212
observe.aniview.com — Cisco Umbrella Rank: 4011
track1.aniview.com — Cisco Umbrella Rank: 2666
sync.aniview.com — Cisco Umbrella Rank: 1740
go1.aniview.com — Cisco Umbrella Rank: 5509
s2ssc.aniview.com — Cisco Umbrella Rank: 4950
track4.aniview.com — Cisco Umbrella Rank: 3808
575 KB
47 googlesyndication.com
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
191e40e306f6fc5816cb2e4c9fa76d3a.safeframe.googlesyndication.com
ade.googlesyndication.com
287 KB
44 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1478
usersync.gumgum.com — Cisco Umbrella Rank: 1988
13 KB
44 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1225
x.bidswitch.net — Cisco Umbrella Rank: 373
us-east-sync.bidswitch.net — Cisco Umbrella Rank: 2104
pdc.bidswitch.net — Cisco Umbrella Rank: 6059
media.grid.bidswitch.net — Cisco Umbrella Rank: 2727
r.bidswitch.net — Cisco Umbrella Rank: 6571
23 KB
41 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1891
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
cms.analytics.yahoo.com
17 KB
38 openx.net
u.openx.net — Cisco Umbrella Rank: 683
us-u.openx.net — Cisco Umbrella Rank: 524
rtb.openx.net — Cisco Umbrella Rank: 625
outbrain-d.openx.net — Cisco Umbrella Rank: 4749
5 KB
34 media.net
warp.media.net — Cisco Umbrella Rank: 2526
prebid.media.net — Cisco Umbrella Rank: 1229
cs.media.net — Cisco Umbrella Rank: 1236
pb-logs.media.net — Cisco Umbrella Rank: 13924
hblg.media.net — Cisco Umbrella Rank: 2000
contextual.media.net — Cisco Umbrella Rank: 709
hbx.media.net — Cisco Umbrella Rank: 1257
c21lg-d.media.net — Cisco Umbrella Rank: 2197
85 KB
32 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 4452
61 KB
31 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 2647
match.adsrvr.org — Cisco Umbrella Rank: 357
data.adsrvr.org — Cisco Umbrella Rank: 5024
14 KB
30 unrulymedia.com
video.unrulymedia.com — Cisco Umbrella Rank: 18207
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
targeting.unrulymedia.com — Cisco Umbrella Rank: 863
16 KB
29 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
grid-mercury.criteo.com — Cisco Umbrella Rank: 3300
gum.criteo.com — Cisco Umbrella Rank: 423
ssp-sync.criteo.com — Cisco Umbrella Rank: 1424
mug.criteo.com — Cisco Umbrella Rank: 3123
16 KB
27 1rx.io
aniview-diag-server.1rx.io — Cisco Umbrella Rank: 20806
sync.1rx.io — Cisco Umbrella Rank: 547
15 KB
26 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
id.crwdcntrl.net — Cisco Umbrella Rank: 2323
104 KB
24 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 7333
medianet-match.dotomi.com — Cisco Umbrella Rank: 11527
prebid-match.dotomi.com — Cisco Umbrella Rank: 1917
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
33across-match.dotomi.com — Cisco Umbrella Rank: 3423
casale-match.dotomi.com — Cisco Umbrella Rank: 3039
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2790
triplelift-match.dotomi.com — Cisco Umbrella Rank: 4370
8 KB
23 id5-sync.com
api.id5-sync.com — Cisco Umbrella Rank: 13178
id5-sync.com — Cisco Umbrella Rank: 425 Failed
cdn.id5-sync.com — Cisco Umbrella Rank: 857
83 KB
22 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
prg.smartadserver.com — Cisco Umbrella Rank: 1533
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6940
9 KB
21 spotim.market
player.spotim.market — Cisco Umbrella Rank: 6815
sghb.spotim.market — Cisco Umbrella Rank: 7415
sync.spotim.market — Cisco Umbrella Rank: 4168
222 KB
18 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7043
ghb.adtelligent.com — Cisco Umbrella Rank: 4977
ghb1.adtelligent.com — Cisco Umbrella Rank: 6643
ghb2.adtelligent.com — Cisco Umbrella Rank: 7720
sghb.adtelligent.com — Cisco Umbrella Rank: 11810
sync.adtelligent.com — Cisco Umbrella Rank: 7205
125 KB
18 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
assets.a-mo.net — Cisco Umbrella Rank: 1466
14 KB
18 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
btlr.sharethrough.com — Cisco Umbrella Rank: 978
6 KB
18 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
16 KB
17 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1664
a.ad.gt — Cisco Umbrella Rank: 1857
p.ad.gt — Cisco Umbrella Rank: 2222
ids.ad.gt — Cisco Umbrella Rank: 1592
pixels.ad.gt — Cisco Umbrella Rank: 1982
19 KB
16 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
dmp.adform.net — Cisco Umbrella Rank: 3041
cm.adform.net — Cisco Umbrella Rank: 1147
adx.adform.net — Cisco Umbrella Rank: 4252
8 KB
16 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
13 KB
15 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
id.rlcdn.com — Cisco Umbrella Rank: 738
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4233
api.rlcdn.com — Cisco Umbrella Rank: 1011
2 KB
15 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3215
rp.liadm.com — Cisco Umbrella Rank: 1497
rp4.liadm.com — Cisco Umbrella Rank: 7027
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 2884
idx.liadm.com — Cisco Umbrella Rank: 2032
25 KB
14 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
8 KB
14 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
7 KB
13 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 7649
8 KB
13 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
4 KB
12 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1634
8 KB
12 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
712 B
12 gstatic.com
csi.gstatic.com
fonts.gstatic.com
63 KB
12 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2221
343 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
gcdn.2mdn.net — Cisco Umbrella Rank: 1402
r1---sn-q4fl6nsd.c.2mdn.net — Cisco Umbrella Rank: 150365
143 KB
11 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
54 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 364
253 KB
10 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1716
reachms.bfmio.com — Cisco Umbrella Rank: 7620
5 KB
10 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2086
vpaid.vidoomy.com — Cisco Umbrella Rank: 3136
a.vidoomy.com — Cisco Umbrella Rank: 2730
42 KB
10 vidazoo.com
static.vidazoo.com — Cisco Umbrella Rank: 3551
server3.vidazoo.com — Cisco Umbrella Rank: 8343
inventory.vidazoo.com — Cisco Umbrella Rank: 5534
bis6.vidazoo.com — Cisco Umbrella Rank: 7117
451 KB
9 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 11840
user-sync.adxpremium.services
9 KB
9 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
6 KB
9 presage.io
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 7199
6 KB
9 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6599
us.creativecdn.com — Cisco Umbrella Rank: 3511
5 KB
9 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2271
cdn.permutive.com — Cisco Umbrella Rank: 3125
9 KB
9 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 3110
assets.bounceexchange.com — Cisco Umbrella Rank: 2171
210 KB
9 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 4213
t.skimresources.com — Cisco Umbrella Rank: 4334
p.skimresources.com — Cisco Umbrella Rank: 5271
r.skimresources.com — Cisco Umbrella Rank: 4122
ls.skimresources.com — Cisco Umbrella Rank: 12606
18 KB
8 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1487
3 KB
8 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
211 KB
8 web-assets.net
web-assets.net — Cisco Umbrella Rank: 46572
132 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
272 KB
8 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
3 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
6 KB
8 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
rtb-use.mfadsrvr.com — Cisco Umbrella Rank: 5535
2 KB
8 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2571
213 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
5 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
44 KB
7 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3060
3 KB
7 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
5 KB
7 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2054
4 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
d.turn.com — Cisco Umbrella Rank: 1381
3 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
4 KB
7 unrulyvideo.com
servt.unrulyvideo.com — Cisco Umbrella Rank: 19122
player.unrulyvideo.com — Cisco Umbrella Rank: 21145
tg1.unrulyvideo.com — Cisco Umbrella Rank: 20120
38 KB
7 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2851
launchpad.privacymanager.io — Cisco Umbrella Rank: 2337
geo.privacymanager.io — Cisco Umbrella Rank: 1860
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2199
84 KB
7 google.com
accounts.google.com — Cisco Umbrella Rank: 23
www.google.com — Cisco Umbrella Rank: 2
ampcid.google.com — Cisco Umbrella Rank: 2967
81 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
1 KB
6 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 973
sync.admanmedia.com — Cisco Umbrella Rank: 2802
3 KB
6 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1347
cm-x.mgid.com — Cisco Umbrella Rank: 4115
3 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
3 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1576
5 KB
6 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1717
2 KB
6 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
3 KB
6 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
184 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
390 KB
6 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
3 KB
6 newscgp.com
us.tags.newscgp.com — Cisco Umbrella Rank: 10576
v2.pixel.newscgp.com — Cisco Umbrella Rank: 10846
56 KB
6 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
3 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
p.typekit.net — Cisco Umbrella Rank: 566
55 KB
5 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1430
3 KB
5 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1999
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 4886
1001 B
5 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1526
hde.tynt.com — Cisco Umbrella Rank: 3986
15 KB
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
3 KB
5 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
1 KB
5 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1482
3 KB
5 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
1 KB
5 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 880
sync1.intentiq.com — Cisco Umbrella Rank: 3054
api.intentiq.com — Cisco Umbrella Rank: 1555
4 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
4 KB
5 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
976 B
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
1 KB
4 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2123
624 B
4 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2107
2 KB
4 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1704
sync.taboola.com — Cisco Umbrella Rank: 1289
trc.taboola.com — Cisco Umbrella Rank: 646
2 KB
4 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1604
2 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 604
tps.doubleverify.com — Cisco Umbrella Rank: 650
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1641
104 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
2 KB
4 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
prebid.ad.smaato.net — Cisco Umbrella Rank: 5103
2 KB
4 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1531
3 KB
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 544
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
4 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
de9a11s35xj3d.cloudfront.net
d31otfhas71ais.cloudfront.net
54 KB
3 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3182
2 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 940
tags.bluekai.com
1 KB
3 homenetiol.com
content.homenetiol.com — Cisco Umbrella Rank: 33487
208 KB
3 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1407
541 B
3 ymmobi.com
gw-iad-bid.ymmobi.com — Cisco Umbrella Rank: 6315
1010 B
3 om-meta.com
rtb.om-meta.com — Cisco Umbrella Rank: 5104
773 B
3 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1798
29 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
2 KB
3 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2650
2 KB
3 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 8331
ipac.ctnsnet.com — Cisco Umbrella Rank: 5784
cm.ctnsnet.com — Cisco Umbrella Rank: 4100
1 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1382
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
2 KB
3 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 3394
431 KB
3 bttrack.com
bttrack.com — Cisco Umbrella Rank: 866
924 B
3 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 3905
pix.cdnwidget.com — Cisco Umbrella Rank: 5605
2 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
2 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1892
match.360yield.com — Cisco Umbrella Rank: 1918
ad2.360yield.com — Cisco Umbrella Rank: 10852
596 B
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 4810
page.cdnbasket.net — Cisco Umbrella Rank: 4821
view.cdnbasket.net — Cisco Umbrella Rank: 4825
1014 B
3 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2728
crb.kargo.com — Cisco Umbrella Rank: 1149
1 KB
3 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4364
k.p-n.io — Cisco Umbrella Rank: 3295
57 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
244 KB
3 meadowlullaby.com
meadowlullaby.com — Cisco Umbrella Rank: 19632
26 KB
2 storygize.net
sid.storygize.net — Cisco Umbrella Rank: 1537
548 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1908
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4277
1 KB
2 decide.dev
cdn2.decide.dev — Cisco Umbrella Rank: 34906
decide.dev — Cisco Umbrella Rank: 27169
4 KB
2 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1515
718 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2298
969 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1778
1 KB
2 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4140
286 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
25 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4113
643 B
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1577
217 B
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1353
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4970
967 B
2 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 6074
526 B
2 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 5981
1 KB
2 safeservingcdn.com
p.safeservingcdn.com — Cisco Umbrella Rank: 27863
42 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1397
685 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 651
1 KB
2 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1452
699 B
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 9026
gocm.c.appier.net — Cisco Umbrella Rank: 2934
1022 B
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 4204
1 KB
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 1841
1 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2307
1 KB
2 iqm.com
pxl.iqm.com — Cisco Umbrella Rank: 2813
1 KB
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1161
733 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 247
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 790
822 B
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1651
1 KB
2 nypdev.com
api.nypdev.com — Cisco Umbrella Rank: 19184
436 B
2 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3681
csxd.contentsquare.net — Cisco Umbrella Rank: 12647
75 KB
2 zergnet.com
www.zergnet.com — Cisco Umbrella Rank: 15144
5 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3040
p1.parsely.com — Cisco Umbrella Rank: 2229
26 KB
2 pagesix.com
pagesix.com — Cisco Umbrella Rank: 14099
tags.pagesix.com — Cisco Umbrella Rank: 20609
90 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 567
561 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2723
pixel.wp.com — Cisco Umbrella Rank: 2679
3 KB
2 flipboard.com
cdn.flipboard.com — Cisco Umbrella Rank: 8864
4 KB
1 userreport.com
audex.userreport.com
432 B
1 ml314.com
ml314.com
394 B
1 ck-ie.com
as.ck-ie.com
114 B
1 hgrtb.com
event.hgrtb.com — Cisco Umbrella Rank: 5302
260 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 3159
573 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 9163
212 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 14253
3 KB
1 sharethis.com
sync.sharethis.com — Cisco Umbrella Rank: 2756
549 B
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 2702
271 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7736
345 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1921
557 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1489
688 B
1 metricsamsi.com
api.metricsamsi.com — Cisco Umbrella Rank: 53394
46 KB
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1875
654 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1683
366 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 6171
358 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579
564 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6118
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6671
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 9812
320 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 13241
349 B
1 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 5105
389 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3797
632 B
1 openwebmedia.org
hb.openwebmedia.org
583 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2704
201 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1913
4 KB
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2452
418 B
1 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 10786
424 B
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1924
432 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7787
419 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 4928
465 B
1 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 8218
229 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
7 KB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
650 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2041
270 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1503
712 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
831 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3405
607 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
10 KB
1 gsght.com
gsght.com — Cisco Umbrella Rank: 10123
505 B
1 rtbsystem.com
cm.rtbsystem.com — Cisco Umbrella Rank: 4008
1 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
473 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 784
338 B
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 4760
531 B
1 prmutv.co
0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co — Cisco Umbrella Rank: 14688
381 B
1 penews.com
tags.penews.com — Cisco Umbrella Rank: 21705
3 KB
1 decider.com
tags.decider.com — Cisco Umbrella Rank: 21772
3 KB
1 wsj.com
tags.wsj.com — Cisco Umbrella Rank: 16308
3 KB
1 marketwatch.com
tags.marketwatch.com — Cisco Umbrella Rank: 19189
3 KB
1 mansionglobal.com
tags.mansionglobal.com — Cisco Umbrella Rank: 21649
3 KB
1 barrons.com
tags.barrons.com — Cisco Umbrella Rank: 21329
3 KB
1 realtor.com
tags.realtor.com — Cisco Umbrella Rank: 16593
3 KB
1 ncaudienceexchange.com
www.ncaudienceexchange.com — Cisco Umbrella Rank: 13418
3 KB
1 cloudflare.com
www.cloudflare.com — Cisco Umbrella Rank: 5812
454 B
1 zqtk.net
segment-data.zqtk.net — Cisco Umbrella Rank: 12419
306 B
1 permutive.app
0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app — Cisco Umbrella Rank: 9480
99 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 721
482 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
19 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6426
9 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3585
33 KB
1 videoplayerhub.com
nypost-com.videoplayerhub.com — Cisco Umbrella Rank: 19661
459 B
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com Failed
0 mdhv.io Failed
jelly.mdhv.io Failed
0 eexsync.com Failed
eexsync.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 iqzone.com Failed
xsync.iqzone.com Failed
0 extend.tv Failed
sync.extend.tv Failed
0 geistm.com Failed
id.geistm.com Failed
0 rezync.com Failed
live.rezync.com — Cisco Umbrella Rank: 1645 Failed
1668 241
Domain Requested by
68 nypost.com nypost.com
cdn.cookielaw.org
52 cm.g.doubleclick.net 29 redirects u.openx.net
rtb.gumgum.com
googleads.g.doubleclick.net
s.amazon-adsystem.com
eb2.3lift.com
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
nypost.com
48 u-iad04.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
sync.adkernel.com
46 eb2.3lift.com 9 redirects pbcs.nypost.com
s.amazon-adsystem.com
eb2.3lift.com
nypost.com
ads.us.e-planning.net
40 usersync.gumgum.com rtb.gumgum.com
s.amazon-adsystem.com
ads.pubmatic.com
40 ib.adnxs.com 20 redirects 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
pbcs.nypost.com
eb2.3lift.com
acdn.adnxs.com
player.spotim.market
player.aniview.com
player.adtelligent.com
nypost.com
39 static-cdn.spot.im launcher.spot.im
tagan.adlightning.com
static-cdn.spot.im
nypost.com
38 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
ms-cookie-sync.presage.io
pbcs.nypost.com
nypost.com
player.aniview.com
hde.tynt.com
ads.us.e-planning.net
sync.adkernel.com
player.spotim.market
contextual.media.net
static.vidazoo.com
37 capi.connatix.com 2 redirects nypost.com
s.amazon-adsystem.com
cds.connatix.com
cd.connatix.com
ads.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
37 s.amazon-adsystem.com 2 redirects tagan.adlightning.com
s.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
match.sharethrough.com
rtb.gumgum.com
bh.contextweb.com
ms-cookie-sync.presage.io
ads.pubmatic.com
ssum.casalemedia.com
eb2.3lift.com
c.amazon-adsystem.com
ce.lijit.com
nypost.com
37 x.bidswitch.net 30 redirects widgets.outbrain.com
nypost.com
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
ads.us.e-planning.net
34 ssc-cms.33across.com 16 redirects hde.tynt.com
de.tynt.com
nypost.com
ce.lijit.com
32 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
ssum.casalemedia.com
32 elb.the-ozone-project.com pbcs.nypost.com
elb.the-ozone-project.com
ads.pubmatic.com
onetag-sys.com
ads.stickyadstv.com
30 widgets.outbrain.com cdn.cookielaw.org
tagan.adlightning.com
nypost.com
widgets.outbrain.com
29 match.adsrvr.org 27 redirects pbcs.nypost.com
player.spotim.market
26 pagead2.googlesyndication.com tagan.adlightning.com
pagead2.googlesyndication.com
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
nypost.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
26 sync.1rx.io 25 redirects contextual.media.net
23 sync.outbrain.com widgets.outbrain.com
22 token.rubiconproject.com 7 redirects eus.rubiconproject.com
21 simage2.pubmatic.com 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
nypost.com
21 api-2-0.spot.im static-cdn.spot.im
20 us-u.openx.net 8 redirects u.openx.net
nypost.com
de.tynt.com
us-u.openx.net
outbrain-d.openx.net
20 id5-sync.com widgets.outbrain.com
pbcs.nypost.com
ssbsync.smartadserver.com
player.aniview.com
cdn.id5-sync.com
player.spotim.market
player.adtelligent.com
20 securepubads.g.doubleclick.net cdn.cookielaw.org
tagan.adlightning.com
securepubads.g.doubleclick.net
nypost.com
www.googletagservices.com
19 pixel.rubiconproject.com 14 redirects s.amazon-adsystem.com
18 bh.contextweb.com 15 redirects s.amazon-adsystem.com
bh.contextweb.com
17 cks.connatix.com nypost.com
17 sync.aniview.com player.aniview.com
ssbsync.smartadserver.com
nypost.com
ads.pubmatic.com
ssum.casalemedia.com
vid.vidoomy.com
17 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ms-cookie-sync.presage.io
ads.pubmatic.com
player.aniview.com
tagan.adlightning.com
rumcdn.geoedge.be
elb.the-ozone-project.com
ads.us.e-planning.net
player.spotim.market
adxbid.info
static.vidazoo.com
16 sync.e-planning.net ads.us.e-planning.net
eb2.3lift.com
rtb.gumgum.com
16 prebid.a-mo.net 12 redirects s.amazon-adsystem.com
player.spotim.market
nypost.com
16 pr-bh.ybp.yahoo.com 6 redirects u.openx.net
ssum-sec.casalemedia.com
s.amazon-adsystem.com
ssum.casalemedia.com
16 match.sharethrough.com 7 redirects s.amazon-adsystem.com
match.sharethrough.com
nypost.com
16 pixel-sync.sitescout.com 16 redirects
16 ups.analytics.yahoo.com 13 redirects us-u.openx.net
assets.a-mo.net
eb2.3lift.com
16 aax.amazon-adsystem.com c.amazon-adsystem.com
15 contextual.media.net pbcs.nypost.com
contextual.media.net
player.spotim.market
nypost.com
15 tpc.googlesyndication.com 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
tagan.adlightning.com
s0.2mdn.net
rumcdn.geoedge.be
nypost.com
14 targeting.unrulymedia.com player.aniview.com
player.spotim.market
14 match.prod.bidr.io 14 redirects
14 secure-assets.rubiconproject.com 14 redirects
14 sync.targeting.unrulymedia.com 14 redirects
13 rtb.openx.net 8 redirects us-u.openx.net
static.vidazoo.com
13 sync.srv.stackadapt.com 11 redirects eb2.3lift.com
ads.stickyadstv.com
13 ad.doubleclick.net 5 redirects nypost.com
widgets.outbrain.com
c.aaxads.com
12 sync.adkernel.com 3 redirects ads.us.e-planning.net
sync.adkernel.com
12 s2ssc.aniview.com player.aniview.com
12 sync.spotim.market rumcdn.geoedge.be
nypost.com
ads.us.e-planning.net
ads.pubmatic.com
12 pixel.tapad.com 8 redirects s.amazon-adsystem.com
nypost.com
us-u.openx.net
12 b1sync.zemanta.com 12 redirects
12 tagan.adlightning.com cdn.cookielaw.org
tagan.adlightning.com
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
11 events-ssc.33across.com hde.tynt.com
us-u.openx.net
de.tynt.com
11 c1.adform.net 10 redirects ads.pubmatic.com
11 image2.pubmatic.com 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
nypost.com
11 ssum-sec.casalemedia.com 4 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
ssum.casalemedia.com
11 cdn.cookielaw.org nypost.com
cdn.cookielaw.org
10 ids.ad.gt 1 redirects nypost.com
10 tags.crwdcntrl.net tagan.adlightning.com
rumcdn.geoedge.be
s.e-planning.net
nypost.com
tags.crwdcntrl.net
10 fastlane.rubiconproject.com pbcs.nypost.com
player.spotim.market
10 i.liadm.com 7 redirects tagan.adlightning.com
i.liadm.com
bcp.crwdcntrl.net
10 player.aniview.com tagan.adlightning.com
player.aniview.com
9 sync.go.sonobi.com 9 redirects
9 ap.lijit.com 8 redirects player.spotim.market
9 rtb-csync.smartadserver.com 4 redirects ssbsync.smartadserver.com
9 secure.adnxs.com 9 redirects
9 ms-cookie-sync.presage.io s.amazon-adsystem.com
ms-cookie-sync.presage.io
ssbsync.smartadserver.com
ads.pubmatic.com
9 c.amazon-adsystem.com nypost.com
c.amazon-adsystem.com
player.spotim.market
player.aniview.com
8 ssp.disqus.com 8 redirects
8 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
nypost.com
8 web-assets.net s0.2mdn.net
nypost.com
8 sync.bfmio.com 1 redirects nypost.com
static.vidazoo.com
sync.bfmio.com
8 ssum.casalemedia.com 4 redirects ads.us.e-planning.net
player.aniview.com
8 prebid-match.dotomi.com 8 redirects
8 csi.gstatic.com imasdk.googleapis.com
8 match.deepintent.com 7 redirects rtb.gumgum.com
8 sync.crwdcntrl.net 3 redirects widgets.outbrain.com
nypost.com
bcp.crwdcntrl.net
8 onetag-sys.com widgets.outbrain.com
player.aniview.com
ads.us.e-planning.net
s.amazon-adsystem.com
elb.the-ozone-project.com
contextual.media.net
8 images.outbrainimg.com nypost.com
8 dpm.demdex.net 3 redirects i.liadm.com
widgets.outbrain.com
nypost.com
bcp.crwdcntrl.net
ssum.casalemedia.com
8 bidder.criteo.com pbcs.nypost.com
player.spotim.market
nypost.com
player.aniview.com
player.adtelligent.com
8 c2shb.pubgw.yahoo.com pbcs.nypost.com
8 api.permutive.com 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
8 assets.bounceexchange.com tagan.adlightning.com
assets.bounceexchange.com
8 www.google-analytics.com nypost.com
www.google-analytics.com
www.googletagmanager.com
p.ad.gt
7 pixel.onaudience.com 7 redirects
7 pm.w55c.net 7 redirects
7 gum.criteo.com 3 redirects contextual.media.net
static.criteo.net
7 a.audrte.com 5 redirects ssbsync.smartadserver.com
nypost.com
7 ssbsync.smartadserver.com 5 redirects ms-cookie-sync.presage.io
player.aniview.com
7 creativecdn.com 6 redirects vid.vidoomy.com
7 idsync.rlcdn.com 4 redirects nypost.com
us-u.openx.net
7 dis.criteo.com 5 redirects i.liadm.com
widgets.outbrain.com
7 sync.mathtag.com 5 redirects i.liadm.com
nypost.com
7 htlb.casalemedia.com pbcs.nypost.com
player.spotim.market
static.vidazoo.com
6 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
vid.vidoomy.com
6 sync.adtelligent.com player.spotim.market
ads.pubmatic.com
ads.us.e-planning.net
player.adtelligent.com
6 s.e-planning.net ads.us.e-planning.net
6 hbopenbid.pubmatic.com player.spotim.market
static.vidazoo.com
6 bcp.crwdcntrl.net nypost.com
tags.crwdcntrl.net
6 sync-tm.everesttech.net 5 redirects ads.pubmatic.com
6 um.simpli.fi 6 redirects
6 image6.pubmatic.com ads.pubmatic.com
6 cds.connatix.com nypost.com
tagan.adlightning.com
6 static.vidazoo.com tagan.adlightning.com
nypost.com
static.vidazoo.com
6 imasdk.googleapis.com 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
imasdk.googleapis.com
6 sync.richaudience.com 6 redirects
6 sync.ipredictive.com 6 redirects
6 static.criteo.net pbcs.nypost.com
static.criteo.net
player.spotim.market
player.adtelligent.com
player.aniview.com
6 www.googletagservices.com tagan.adlightning.com
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
rumcdn.geoedge.be
6 ad.turn.com 6 redirects
6 id.rlcdn.com 3 redirects contextual.media.net
nypost.com
outbrain-d.openx.net
6 ps.eyeota.net 3 redirects widgets.outbrain.com
nypost.com
bcp.crwdcntrl.net
6 rtb.mfadsrvr.com 6 redirects
6 mcdp-nydc1.outbrain.com widgets.outbrain.com
6 ad-delivery.net nypost.com
c.aaxads.com
6 api.btloader.com nypost-com.videoplayerhub.com
c.aaxads.com
6 zephr-v4.nypost.com nypost.com
5 mug.criteo.com nypost.com
5 a.vidoomy.com nypost.com
5 ce.lijit.com s.amazon-adsystem.com
ce.lijit.com
5 dsum.casalemedia.com ssum.casalemedia.com
5 prebid-server.rubiconproject.com static.vidazoo.com
nypost.com
5 sghb.spotim.market player.spotim.market
5 simage4.pubmatic.com ads.pubmatic.com
5 sync.colossusssp.com 5 redirects
5 ads.stickyadstv.com 2 redirects player.aniview.com
ssum-sec.casalemedia.com
elb.the-ozone-project.com
5 csync.loopme.me 5 redirects ads.pubmatic.com
5 sync.inmobi.com 5 redirects
5 lb.eu-1-id5-sync.com pbcs.nypost.com
player.aniview.com
cdn.id5-sync.com
player.spotim.market
player.adtelligent.com
5 hbx.media.net 4 redirects contextual.media.net
5 s0.2mdn.net tagan.adlightning.com
s0.2mdn.net
5 acdn.adnxs.com pbcs.nypost.com
player.aniview.com
player.spotim.market
player.adtelligent.com
5 pixel-us-east.rubiconproject.com 5 redirects
5 p.rfihub.com 5 redirects
5 libs.outbrain.com tagan.adlightning.com
5 rtb.adentifi.com 3 redirects widgets.outbrain.com
ssum-sec.casalemedia.com
5 image8.pubmatic.com 5 redirects
5 px.ads.linkedin.com 2 redirects widgets.outbrain.com
eb2.3lift.com
s.amazon-adsystem.com
5 servt.unrulyvideo.com nypost.com
5 www.google.com nypost.com
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
rumcdn.geoedge.be
5 btloader.com 2 redirects nypost.com
4 track4.aniview.com player.aniview.com
4 images.spot.im nypost.com
4 casale-match.dotomi.com 4 redirects
4 cookies.nextmillmedia.com 3 redirects nypost.com
4 cm-x.mgid.com 4 redirects
4 ads.us.e-planning.net 1 redirects rumcdn.geoedge.be
player.spotim.market
player.adtelligent.com
4 prg.smartadserver.com player.spotim.market
static.vidazoo.com
4 player.adtelligent.com player.spotim.market
p.safeservingcdn.com
player.adtelligent.com
4 ads.servenobid.com 3 redirects elb.the-ozone-project.com
4 de.tynt.com 1 redirects rumcdn.geoedge.be
player.spotim.market
player.adtelligent.com
4 player.spotim.market nypost.com
player.spotim.market
4 r1---sn-q4fl6nsd.c.2mdn.net 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
4 beacon.lynx.cognitivlabs.com 3 redirects ads.pubmatic.com
4 fonts.gstatic.com fonts.googleapis.com
4 rtb.gumgum.com s.amazon-adsystem.com
ads.us.e-planning.net
4 cs.media.net 2 redirects contextual.media.net
4 eventlog.outbrain.com widgets.outbrain.com
4 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
4 cms.quantserve.com 4 redirects
4 u.openx.net 3 redirects s.amazon-adsystem.com
4 image4.pubmatic.com 3 redirects s.amazon-adsystem.com
4 loadus.exelator.com 2 redirects widgets.outbrain.com
bcp.crwdcntrl.net
4 aa.agkn.com widgets.outbrain.com
nypost.com
outbrain-d.openx.net
bcp.crwdcntrl.net
4 tr.outbrain.com tagan.adlightning.com
amplify.outbrain.com
4 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
4 mv.outbrain.com tagan.adlightning.com
4 sb.scorecardresearch.com 2 redirects nypost.com
4 us.tags.newscgp.com 2 redirects nypost.com
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
4 use.typekit.net nypost.com
use.typekit.net
3 cs.krushmedia.com 3 redirects
3 rtb.adxpremium.services player.adtelligent.com
adxbid.info
3 content.homenetiol.com nypost.com
3 cm.adform.net 3 redirects
3 d.adroll.com ssum.casalemedia.com
ssum-sec.casalemedia.com
3 sghb.adtelligent.com p.safeservingcdn.com
3 gw-iad-bid.ymmobi.com 3 redirects
3 rtb.om-meta.com 3 redirects
3 sync.admanmedia.com ads.us.e-planning.net
3 pbs-cs.yellowblue.io rumcdn.geoedge.be
player.aniview.com
player.spotim.market
elb.the-ozone-project.com
3 cdn.hadronid.net nypost.com
a.ad.gt
3 id.hadron.ad.gt player.aniview.com
cdn.hadronid.net
3 ghb.adtelligent.com player.spotim.market
player.adtelligent.com
3 vop.sundaysky.com 3 redirects
3 uipglob.semasio.net 2 redirects nypost.com
3 cdn.indexww.com ssum-sec.casalemedia.com
3 cm.adgrx.com 3 redirects
3 pix.spot.im static-cdn.spot.im
3 cs.admanmedia.com 2 redirects player.aniview.com
3 vid.vidoomy.com player.aniview.com
nypost.com
adxbid.info
3 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
3 track1.aniview.com nypost.com
3 pdc.bidswitch.net 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
nypost.com
3 sync.intentiq.com 1 redirects nypost.com
3 js-sec.indexww.com pbcs.nypost.com
player.spotim.market
static.vidazoo.com
3 bttrack.com 2 redirects match.sharethrough.com
3 t.adx.opera.com 3 redirects
3 config.aps.amazon-adsystem.com tagan.adlightning.com
rumcdn.geoedge.be
c.amazon-adsystem.com
3 prebid.media.net pbcs.nypost.com
player.spotim.market
3 t.skimresources.com nypost.com
s.skimresources.com
3 googleads.g.doubleclick.net www.googleadservices.com
tagan.adlightning.com
3 www.googletagmanager.com nypost.com
www.googletagmanager.com
cdn.cookielaw.org
3 meadowlullaby.com nypost.com
meadowlullaby.com
2 tags.bluekai.com 1 redirects bcp.crwdcntrl.net
2 sid.storygize.net 2 redirects
2 ads.betweendigital.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 id.crwdcntrl.net player.spotim.market
player.adtelligent.com
2 vpaid.vidoomy.com vid.vidoomy.com
2 triplelift-match.dotomi.com 2 redirects
2 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
2 a.ad.gt rumcdn.geoedge.be
p.ad.gt
2 s.company-target.com 2 redirects
2 lexicon.33across.com cdn-ima.33across.com
2 a.sportradarserving.com 2 redirects
2 px.owneriq.net 2 redirects
2 cdn.id5-sync.com rumcdn.geoedge.be
nypost.com
2 cdn-ima.33across.com rumcdn.geoedge.be
nypost.com
2 c.aaxads.com 2 redirects
2 reachms.bfmio.com static.vidazoo.com
2 prebid.ad.smaato.net static.vidazoo.com
2 script.4dex.io static.vidazoo.com
script.4dex.io
2 btlr.sharethrough.com player.spotim.market
2 io.narrative.io 1 redirects nypost.com
2 bpi.rtactivate.com nypost.com
outbrain-d.openx.net
2 ums.acuityplatform.com 2 redirects
2 a.tribalfusion.com 2 redirects
2 k.p-n.io cdn.p-n.io
2 pmp.mxptint.net 1 redirects nypost.com
2 a.usbrowserspeed.com 2 redirects
2 a.clickcertain.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 p.safeservingcdn.com rumcdn.geoedge.be
p.safeservingcdn.com
2 pubmatic-match.dotomi.com 2 redirects
2 crb.kargo.com 1 redirects nypost.com
2 thrtle.com 1 redirects nypost.com
2 cs-server-s2s.yellowblue.io tagan.adlightning.com
player.aniview.com
2 ads.yieldmo.com 2 redirects
2 c21lg-d.media.net contextual.media.net
2 wt.rqtrk.eu ssbsync.smartadserver.com
bcp.crwdcntrl.net
2 cm.mgid.com 2 redirects
2 sync.taboola.com 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
sync.bfmio.com
2 googleads4.g.doubleclick.net tagan.adlightning.com
2 t.pswec.com 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 rtb-use.mfadsrvr.com 2 redirects
2 de9a11s35xj3d.cloudfront.net 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
2 gcdn.2mdn.net 2 redirects
2 cdn.doubleverify.com nypost.com
tagan.adlightning.com
2 inv-nets.admixer.net 2 redirects
2 bid.g.doubleclick.net imasdk.googleapis.com
2 hblg.media.net nypost.com
2 server3.vidazoo.com static.vidazoo.com
2 pix.cdnwidget.com 1 redirects nypost.com
2 pb-logs.media.net nypost.com
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 fonts.googleapis.com 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
2 pulsepoint-match.dotomi.com 2 redirects
2 ib.3lift.com tagan.adlightning.com
2 pxl.iqm.com 2 redirects
2 trace.mediago.io 2 redirects
2 c.bing.com widgets.outbrain.com
eb2.3lift.com
2 s.ad.smaato.net 2 redirects
2 pippio.com 2 redirects
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 tlx.3lift.com pbcs.nypost.com
tagan.adlightning.com
2 ls.skimresources.com s.skimresources.com
2 api.nypdev.com nypost.com
2 stats.g.doubleclick.net www.google-analytics.com
decide.dev
2 p.skimresources.com nypost.com
2 tags.nypost.com 1 redirects nypost.com
2 v2.pixel.newscgp.com us.tags.newscgp.com
2 t.nypost.com tagan.adlightning.com
t.nypost.com
2 sac.nypost.com nid.nypost.com
2 publisher-assets.spot.im launcher.spot.im
nypost.com
2 www.zergnet.com nypost.com
tagan.adlightning.com
2 video.unrulymedia.com cdn.cookielaw.org
player.aniview.com
2 p.typekit.net use.typekit.net
2 geolocation.onetrust.com cdn.cookielaw.org
2 cdn.flipboard.com nypost.com
1 ade.googlesyndication.com nypost.com
1 audex.userreport.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 cms.analytics.yahoo.com 1 redirects
1 as.ck-ie.com adxbid.info
1 trc.taboola.com 1 redirects
1 event.hgrtb.com 1 redirects
1 cs.mobfox.com 1 redirects
1 nep.advangelists.com 1 redirects
1 adxbid.info player.adtelligent.com
1 sync.sharethis.com bcp.crwdcntrl.net
1 ow.pubmatic.com nypost.com
1 us.creativecdn.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 um4.eqads.com 1 redirects
1 d.turn.com 1 redirects
1 data.adsrvr.org 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 decide.dev cdn2.decide.dev
1 idpix.media6degrees.com 1 redirects
1 stags.bluekai.com outbrain-d.openx.net
1 b1h-euc1.zemanta.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 outbrain-d.openx.net static.vidazoo.com
1 cdn2.decide.dev nypost.com
1 adx.adform.net player.adtelligent.com
1 pbjs.e-planning.net player.adtelligent.com
1 pixels.ad.gt rumcdn.geoedge.be
1 tpsc-ue1.doubleverify.com cdn.doubleverify.com
1 191e40e306f6fc5816cb2e4c9fa76d3a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ssp-sync.criteo.com elb.the-ozone-project.com
1 id.a-mx.com 1 redirects
1 p.ad.gt a.ad.gt
1 api.metricsamsi.com s0.2mdn.net
1 ad2.360yield.com elb.the-ozone-project.com
1 r.casalemedia.com ssum.casalemedia.com
1 aorta.clickagy.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 cs-rtb.minutemedia-prebid.com player.aniview.com
1 match.adsby.bidtheatre.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 ssbsync-global.smartadserver.com 1 redirects
1 a4p.adpartner.pro 1 redirects
1 t.trafmag.com nypost.com
1 exchange.postrelease.com player.spotim.market
1 hb-api.omnitagjs.com player.spotim.market
1 ghb2.adtelligent.com player.spotim.market
1 hb.openwebmedia.org player.spotim.market
1 prebid-eu.creativecdn.com player.spotim.market
1 ghb1.adtelligent.com player.spotim.market
1 gocm.c.appier.net 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 go1.aniview.com player.aniview.com
1 api.intentiq.com static.vidazoo.com
1 synchroscript.deliveryengine.adswizz.com nypost.com
1 r.bidswitch.net 1 redirects
1 sync.technoratimedia.com 1 redirects
1 sync.resetdigital.co 1 redirects
1 connatix-supply-partners.tremorhub.com 1 redirects
1 i.ctnsnet.com 1 redirects
1 hde.tynt.com tagan.adlightning.com
1 tps.doubleverify.com tagan.adlightning.com
1 bis6.vidazoo.com static.vidazoo.com
1 inventory.vidazoo.com nypost.com
1 mid.rkdms.com 1 redirects
1 cc.adingo.jp 1 redirects
1 cs.chocolateplatform.com 1 redirects
1 match.360yield.com 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 observe.aniview.com player.aniview.com
1 dmp.adblade.com contextual.media.net
1 grid-mercury.criteo.com 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
1 media.grid.bidswitch.net 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
1 us-east-sync.bidswitch.net 1 redirects
1 sync1.intentiq.com 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
1 sync-t1.taboola.com 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
1 d31otfhas71ais.cloudfront.net 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
1 static.cloudflareinsights.com elb.the-ozone-project.com
1 hb.yahoo.net s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 api.rlcdn.com pbcs.nypost.com
1 idx.liadm.com pbcs.nypost.com
1 events.bouncex.net nypost.com
1 check.analytics.rlcdn.com pbcs.nypost.com
1 cd.connatix.com 1 redirects
1 dmp.adform.net 1 redirects
1 sync.adotmob.com 1 redirects
1 beacon-iad2.rubiconproject.com tagan.adlightning.com
1 tg.socdm.com 1 redirects
1 server.cpmstar.com 1 redirects
1 cdn.jsdelivr.net tagan.adlightning.com
1 gsght.com widgets.outbrain.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 ats-wrapper.privacymanager.io tagan.adlightning.com
1 tg1.unrulyvideo.com tagan.adlightning.com
1 cm.rtbsystem.com 1 redirects
1 ice.360yield.com widgets.outbrain.com
1 dsp.adfarm1.adition.com 1 redirects
1 beacon.krxd.net widgets.outbrain.com
1 sync-jp.im-apps.net widgets.outbrain.com
1 wave.outbrain.com amplify.outbrain.com
1 i6.liadm.com i.liadm.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 player.unrulyvideo.com player.aniview.com
1 amplify.outbrain.com widgets.outbrain.com
1 grid.bidswitch.net pbcs.nypost.com
1 direct.adsrvr.org pbcs.nypost.com
1 krk2.kargo.com pbcs.nypost.com
1 api.id5-sync.com pbcs.nypost.com
1 sli.nypost.com nypost.com
1 csxd.contentsquare.net tagan.adlightning.com
1 cdn.permutive.com 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
1 widget-pixels.outbrain.com nypost.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 r.skimresources.com s.skimresources.com
1 open-api.spot.im nypost.com
1 aniview-diag-server.1rx.io nypost.com
1 p1.parsely.com nypost.com
1 0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
1 rp4.liadm.com nypost.com
1 rp.liadm.com 1 redirects
1 tags.penews.com tagan.adlightning.com
1 tags.pagesix.com tagan.adlightning.com
1 tags.decider.com tagan.adlightning.com
1 tags.wsj.com tagan.adlightning.com
1 tags.marketwatch.com tagan.adlightning.com
1 tags.mansionglobal.com tagan.adlightning.com
1 tags.barrons.com tagan.adlightning.com
1 tags.realtor.com tagan.adlightning.com
1 www.ncaudienceexchange.com tagan.adlightning.com
1 ampcid.google.com www.google-analytics.com
1 pixel.wp.com nypost.com
1 t.contentsquare.net www.googletagmanager.com
1 direct-events-collector.spot.im launcher.spot.im
1 warp.media.net pbcs.nypost.com
1 www.cloudflare.com pbcs.nypost.com
1 tag.bounceexchange.com cdn.cookielaw.org
1 launchpad-wrapper.privacymanager.io cdn.cookielaw.org
1 s.skimresources.com cdn.cookielaw.org
1 segment-data.zqtk.net nypost.com
1 cdn.p-n.io cdn.cookielaw.org
1 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app cdn.cookielaw.org
1 b-code.liadm.com www.googletagmanager.com
1 nid.nypost.com www.googletagmanager.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 static.adsafeprotected.com nypost.com
1 pagesix.com nypost.com
1 d1z2jf7jlzjs58.cloudfront.net nypost.com
1 www.googleadservices.com nypost.com
1 stats.wp.com nypost.com
1 accounts.google.com nypost.com
1 launcher.spot.im nypost.com
1 cdn.speedcurve.com nypost.com
1 ak.sail-horizon.com nypost.com
1 nypost-com.videoplayerhub.com 1 redirects
1 pbcs.nypost.com nypost.com
0 sync-dmp.mobtrakk.com Failed nypost.com
0 jelly.mdhv.io Failed ssum.casalemedia.com
ssum-sec.casalemedia.com
0 eexsync.com Failed ads.us.e-planning.net
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 xsync.iqzone.com Failed tagan.adlightning.com
0 sync.extend.tv Failed 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
0 id.geistm.com Failed widgets.outbrain.com
0 live.rezync.com Failed nypost.com
1668 451
Subject Issuer Validity Valid
nypost.com
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
zephr-v4.pagesix.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
pbcs.nypost.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2023-12-04 -
2024-12-30		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-21 -
2025-02-21		 a year crt.sh
*.flipboard.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-12		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
meadowlullaby.com
R3		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
pagesix.com
R3		 2024-01-23 -
2024-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
nid.nypost.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
us.tags.newscgp.com
Amazon RSA 2048 M02		 2023-04-20 -
2024-05-17		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2023-12-02 -
2024-12-29		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
pushlycdn.com
Amazon RSA 2048 M03		 2023-12-16 -
2025-01-12		 a year crt.sh
*.zqtk.net
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.skimresources.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-11-07		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-04 -
2024-06-03		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
tag.bounceexchange.com
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
*.zergnet.com
Amazon RSA 2048 M02		 2024-01-12 -
2025-02-09		 a year crt.sh
www.cloudflare.com
GTS CA 1P5		 2024-01-15 -
2024-04-14		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
t.contentsquare.net
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
v2.pixel.nypp.data.newscorp.com
GTS CA 1D4		 2023-12-16 -
2024-03-15		 3 months crt.sh
*.nypost.com
Amazon RSA 2048 M02		 2024-01-25 -
2025-02-22		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
ncaudienceexchange.com
Amazon RSA 2048 M01		 2023-09-06 -
2024-10-03		 a year crt.sh
tags.penews.com
Amazon RSA 2048 M02		 2023-04-30 -
2024-05-28		 a year crt.sh
v2.pixel.newscgp.com
GTS CA 1D4		 2023-12-25 -
2024-03-24		 3 months crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-10-15		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2024-01-19 -
2024-04-18		 3 months crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.nypdev.com
Amazon RSA 2048 M02		 2024-01-26 -
2025-02-23		 a year crt.sh
csxd-02.contentsquare.net
Amazon RSA 2048 M02		 2023-08-02 -
2024-08-30		 a year crt.sh
servt.unrulyvideo.com
ZeroSSL RSA Domain Secure Site CA		 2023-12-13 -
2024-03-12		 3 months crt.sh
sli.nypost.com
Amazon RSA 2048 M01		 2023-03-13 -
2024-04-10		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
the-ozone-project.com
E1		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
wl2.aniview.com
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
data.cdnbasket.net
GTS CA 1D4		 2024-01-10 -
2024-04-09		 3 months crt.sh
page.cdnbasket.net
GTS CA 1D4		 2024-01-13 -
2024-04-12		 3 months crt.sh
view.cdnbasket.net
GTS CA 1D4		 2024-01-18 -
2024-04-17		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-03 -
2025-01-03		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
sync-jp.im-apps.net
GTS CA 1D4		 2023-12-15 -
2024-03-14		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-13		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
ids.cdnwidget.com
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.ogury.co
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-16		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
gsght.com
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
capi.connatix.com
GTS CA 1P5		 2024-01-16 -
2024-04-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
vidazoo.com
Cloudflare Inc ECC CA-3		 2023-12-24 -
2024-12-22		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-12 -
2024-04-03		 a year crt.sh
*.wunderkind.co
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
connatix.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
pdc.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-04-03 -
2024-04-03		 a year crt.sh
media.grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-11 -
2024-08-11		 a year crt.sh
dmp.adblade.com
R3		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
player.spotim.market
R3		 2023-12-16 -
2024-03-15		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2024-01-16 -
2024-03-26		 2 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02		 2023-04-29 -
2024-05-27		 a year crt.sh
player.adtelligent.com
R3		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
sghb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2024-01-22 -
2024-04-21		 3 months crt.sh
p.safeservingcdn.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.p-n.io
Amazon RSA 2048 M03		 2023-12-08 -
2025-01-03		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-27 -
2024-04-26		 3 months crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-03-12 -
2024-04-10		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-12-01 -
2024-02-29		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.openwebmedia.org
Amazon RSA 2048 M03		 2024-01-04 -
2025-02-01		 a year crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-12-01 -
2024-02-29		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA		 2023-08-25 -
2024-08-24		 a year crt.sh
aagwebservice.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
id.hadron.ad.gt
E1		 2024-01-27 -
2024-04-26		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2024-01-19 -
2024-04-18		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-13 -
2024-06-13		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
truffle.bid
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2024-01-09 -
2025-02-09		 a year crt.sh
*.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2024-01-23 -
2024-04-22		 3 months crt.sh
sghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-06		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2024-01-12 -
2025-02-12		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.metricsamsi.com
Go Daddy Secure Certificate Authority - G2		 2023-10-31 -
2024-12-01		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2023-09-09 -
2024-10-07		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.homenetiol.com
Amazon RSA 2048 M02		 2023-08-15 -
2024-09-11		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
*.decide.dev
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-25		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
decide.dev
GTS CA 1D4		 2023-12-09 -
2024-03-08		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-19 -
2024-04-18		 3 months crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-19		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
*.rqtrk.eu
RapidSSL TLS RSA CA G1		 2023-06-01 -
2024-05-31		 a year crt.sh
adxbid.info
E1		 2023-12-05 -
2024-03-04		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2023-11-12 -
2024-12-13		 a year crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4		 2024-01-01 -
2024-03-31		 3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh

This page contains 268 frames:

Primary Page: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Frame ID: 3ACE3FD3B8E58DA1F05681483F9C2C3A
Requests: 431 HTTP requests in this frame

Frame: https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Frame ID: 7B15100D94F564D04451EE1AB4D664C9
Requests: 1 HTTP requests in this frame

Frame: https://tags.realtor.com/prod/ncg/cookie.html
Frame ID: 93F025B58AFC1B7F7354BEE5A903D75C
Requests: 1 HTTP requests in this frame

Frame: https://tags.barrons.com/prod/ncg/cookie.html
Frame ID: 3F52A0F62725FB6852A51D560F6133FF
Requests: 1 HTTP requests in this frame

Frame: https://tags.mansionglobal.com/prod/ncg/cookie.html
Frame ID: E9A85F6A44E9B057FC4E5A54FCBD9686
Requests: 1 HTTP requests in this frame

Frame: https://tags.marketwatch.com/prod/ncg/cookie.html
Frame ID: 5EF15AFE0374A577609496DF55788430
Requests: 1 HTTP requests in this frame

Frame: https://tags.wsj.com/prod/ncg/cookie.html
Frame ID: 74BF49E7C7CDE2D9EBE710AEFA036D7F
Requests: 1 HTTP requests in this frame

Frame: https://tags.decider.com/prod/ncg/cookie.html
Frame ID: A714A660E10A7DCD7B0FE13C9970E6A6
Requests: 1 HTTP requests in this frame

Frame: https://tags.pagesix.com/prod/ncg/cookie.html
Frame ID: 0A87B094B25F86CE75217DBFABBD53C5
Requests: 1 HTTP requests in this frame

Frame: https://tags.penews.com/prod/ncg/cookie.html
Frame ID: DF8355D5DBF6C83F448CC408B51FF590
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.37852753337769607
Frame ID: CCDB91F4B010C442D49C82294114097F
Requests: 1 HTTP requests in this frame

Frame: https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.2.0.html?pid=5764
Frame ID: AA1980FA7FF50A51A7510BE2B813C488
Requests: 1 HTTP requests in this frame

Frame: https://t.nypost.com/a/ts_.htm?ver=1.1275.65&cid=c057
Frame ID: 8D0F8A1A00BDB89F29EAE63616EEAD96
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01qt?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&euns=1&s=&us_privacy=1---&version=v2.12.0&cd=.nypost.com
Frame ID: E83AA1720434BC49D1B0DA826CC81201
Requests: 8 HTTP requests in this frame

Frame: https://player.unrulyvideo.com/script/custom/unruly/outstream/j-query-3.7.1.min.js
Frame ID: 4059C7C0D987D7A797FC67CBAF64CC67
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 60F95321898D39F2F391196963C5A8AD
Requests: 40 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 68BE9AFD296E8513BE6AE4DDDE8602CC
Requests: 1 HTTP requests in this frame

Frame: https://nypost.com/wp-includes/js/jquery/jquery.js
Frame ID: A40B528C1A1B5F9630300A76906B4ECC
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: EE2D2C73C23C4FA05DA978B9B2745FAD
Requests: 1 HTTP requests in this frame

Frame: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C21E23C4FED8F6F680A2521C9EBFD9BB
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=5c6c44da-5154-421b-aa75-2ed668f63e76
Frame ID: EC69CF25FD870E8BEB31442FAE4B1166
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: E262374E6F12298F49F7309B42B9B4B5
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 41037C575DD90B43F1F6EF5E7DA4D67E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: B440170DBA67C9A6F47B8B9F39724827
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: DCA6D6EC8B1901963124A9CADB055C89
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 8FF545D27B0C467B38433D8FEA0E517D
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 306CBA7E3FE04472E89B3945CB1ACFB4
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: E204D4338D6F180B08B90688BFA98FAD
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: DCBE8017FD582D43375AE5144092EFC1
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 60E0614A80DDFD722428F3AE8B537DEA
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 5C4688F81F43A5D683D71D7DF002A50B
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 0E99A56C12C554E05223C2B58C1471CE
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: F98D4AC4A99F83519B92A5E8E47EBAEB
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 72B955D4645D5633B627245BF6FF8C87
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: BD0E9EE4576C011074F3A1C94C6B83D7
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 6178B2F5BCA01ED9EEBC065B97B9A98E
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 703023E6A4AE1C9E9641C483C3AFA5B4
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 65611052F67307D4D90ACD35A5876F22
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 65234767E4D4DCA9445122E0E02A6080
Requests: 20 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Frame ID: F83431DFBA8EDFCAA83C65DAA871FE32
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 823A7FB3B1740CDED2DA7B90F0F08B0B
Requests: 20 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: C3817462AE884E768DCF2FB8A714DB47
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wZU9pcXRKRTJ1S085dDNTeHBzTjlUckowdFo3MVFsTn5B
Frame ID: 8435AE8D5641719A57F09042FAAB260D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 200D06111EC79C45765EB8AF66FB3AC2
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=569908430852131164&ex=appnexus.com
Frame ID: EF246D5D757CD33A9FC3D3EECFD3BF8E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=264943876892460233441
Frame ID: 49E980DD6918C6D70275D21DC7E54D3D
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Frame ID: C9CDE8AF0161D3E920882A9792088278
Requests: 23 HTTP requests in this frame

Frame: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3CA587C05511B6C92EA2C7DFCD05591
Requests: 10 HTTP requests in this frame

Frame: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E43598713A7DCF995A88FB25EF243FD
Requests: 23 HTTP requests in this frame

Frame: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2CA59D5569AB05F5C18052BD4FBF75D6
Requests: 23 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Frame ID: F91AA7227E24B1E6B9CA6D819DC9BC3A
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Frame ID: 6E2752383D4E9A5CB3241DFE8065E1EF
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Frame ID: E277F0AAB411F8227746C63E9113B58F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80MDlmMjczOC1iYjcyLTQyYjgtYmVlYy05ZGNlNDg3MzQ5MGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: AC4D51423025CB372B399766EE85DEC9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: BB1684712C7AF7A6528C660F59E1AC43
Requests: 8 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Frame ID: 66FE039053D60AAAB62E67200E0E65E3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Zbb4ucCo5swAACZwrzgAAAAA
Frame ID: 8DEB082BDC11B924CF6743D6E2560E4D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=gumgum
Frame ID: 4443D815103474BAE1C30E7ED923B445
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 7077C4B04D1946B4CE3A5481F5C53205
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Frame ID: 3BB5E3A91D350A1E0E33501361F040C4
Requests: 4 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Frame ID: FCDB9242DC5813D43BBAFD85ED11FFEB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKGWowEQ2aidoQIY9eTImAEwAQ&v=APEucNVZZs7qwoQgxQ_IG7BOUelWLgHJ6xBV_MnvKEWCdf4nmmUBnGfFGYo2d6Rc54zKVIMQbYfuelvh92GLt6CApguuINQC6g
Frame ID: 6922D7A3C9E9A56CE9E29387BBA00F9D
Requests: 5 HTTP requests in this frame

Frame: https://cds.connatix.com/p/418625/connatix.player.js?cid=b582666c-87a2-4193-8dad-2c835c276570
Frame ID: A815E9DD7699CC99BEA91FB5C771E87A
Requests: 30 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Frame ID: 2B38965887922F25B7E67F27E7F2A4D9
Requests: 8 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: 5AFC58E9F20F66DFDED548544BCB6EDC
Requests: 14 HTTP requests in this frame

Frame: https://tlx.3lift.com/web/auction?inv_code=NYPost_Sidebar_native_header&referrer=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&rev=458f880&fe=0&ft=1&cb=6614058125
Frame ID: BF37055A34E562AB22879CE3F52C59C2
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Frame ID: E20CCA85A863CF8278A8E186A6CAD7DD
Requests: 29 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 8FE158DBEAEEF738584088139E7771FF
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: D9908CA8CCF255F1016875212B3ECADE
Requests: 17 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E1530ACA4128021572DD7E1FE33F4946
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 9E27F74EDF68D2E7D92B595784FCA2FA
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CBBFEE889E75286B0248E9A06AA61DFF
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&redir=true&gdpr=0&gdpr_consent=
Frame ID: 967661652277A804DE3BB6B684BF5D58
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 73B6E26121FD266EE25B2C728C1D0F50
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&us_privacy=1---&geo=na&co=us
Frame ID: DD2E79A901BE63B71B0FCE74CB44690A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4BB9A4C2821540405CA011EE542DCD53
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 194556F7BD4AB0378ACB2480C69A4F64
Requests: 9 HTTP requests in this frame

Frame: https://de9a11s35xj3d.cloudfront.net/206ffce5e8f0ffa7abe4980b8640db09.webp
Frame ID: DAD00CE9E0388C9DB421D203051E320F
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=ppt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=H8rkIRuldlvq&ev=1&pid=560210
Frame ID: EC7642CAC0C20AFCFD179C59B726E5D3
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=rkt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=969751697415783635
Frame ID: 9EE0457795F65AACDCCF5BB091CC2538
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/banner-nfls-300x250.html?e=69&leftOffset=0&topOffset=0&c=LucK0WAbjB&t=1&renderingType=2&ev=01_250
Frame ID: 51F9286C870778960DAC0AC9731EF162
Requests: 20 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 53115DAC6D5842C2339844895D407378
Requests: 113 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B6BF7682153F44F248E80D253E6672B8
Requests: 10 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5308.js
Frame ID: B697854D0A9B61764F1104E7DB778838
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 88CD0939E30F9BB7173E15FD3ACB3491
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E709CB67670ECF6F3482907B9D25B73C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 85C5ABAA0C740EA343563C55A809A818
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=200&key=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Frame ID: CC1A862B15456B807B252300BBE1B476
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=18&key=IEdcARZHXsIbyiq9SwayWrz3
Frame ID: E48484972B6243EB2DBE9AC8FF15645C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=56&pid=59c9148628a0612da3689288&key=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&gdpr=0
Frame ID: B3538602CEEC55344447B064D1BE85CC
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-9a4stuZE2uKU2FCaDPsyZX20TOX5Rc9Y~A&gdpr_in_effect=0
Frame ID: E33250F85E08BFAEF20E7403C53A033F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 99979FF700F0E0B53F817EAC83937D47
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=133&pid=59c9148628a0612da3689288&key=70a21ae20dfbf74c5fa4b7af696db04c
Frame ID: C8A993DF02ADA21254468012E8145F70
Requests: 6 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6cdfaa70225d6647ed904c432d8f0b&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: F108D4AAD1ACBE4E667CB035E469AC9D
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: 5A9CDCC18088CC43B2A00290B31F0DE9
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/fa9f4b3548d146d8b0584acce84c4fec.gif?gdpr=0&gdpr_consent=&us_privacy=1---&coppa=0&puid=1706490044009-172030175079-000676-010-006630&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D57%26pid%3D59c9148628a0612da3689288%26key%3D%7B%24UID%7D
Frame ID: 2116D6B7CBDFBFD8D9662DDEC41C27CA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Frame ID: DB7599CF2FE4EBE565C5844649E74CC3
Requests: 14 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=31&key=a0d7576d9e1f4d62b901874e2cf64d14
Frame ID: 171E5A6F5840577714721CC4B8189071
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: C2DD155A82450A26AABF815A6170695E
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=55&key=569908430852131164
Frame ID: 9010C54C249B8382957720AC03B71BC4
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Frame ID: A34F2B63B29CFD9378D3029C5E0C409E
Requests: 6 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Frame ID: D36710891D6DD614D90E13259A3DF0D8
Requests: 28 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Frame ID: 299FE895E9C84A140B8D5915296BE162
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Frame ID: 30DE85069F0F0C805FC06B92F489670A
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Frame ID: 788D703F1D28D6E2F75A5A8D766BD22C
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfcbe1cca89d74a54a114006b7671810e%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: 0290A7A960709E17607960EE6F005EAA
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: F09B1E8AF10400283ED68B1E9927049A
Requests: 13 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=321&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Frame ID: 7F748E28F60214881016464AF100E9A9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=569908430852131164&gdpr=0&gdpr_consent=
Frame ID: C343EBEAB8DEC70C065D0D806C178C5E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4d740f0-be41-11ee-8602-6e51ba46ead9
Frame ID: 01AC2A943F0DBE5F47EB78CD67D8BA6E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGDg07LbfEAABOt5hXgMg&gdpr=0&gdpr_consent=
Frame ID: 1A251EF1357A62125C9E73EBC1597ECD
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 862F556C630B370B3FEEF1C81D9E03E9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 63CE3FB6771A026CE0004E844D5CA934
Requests: 1 HTTP requests in this frame

Frame: https://p.safeservingcdn.com/prebidlink/19751/j.html?i=11598
Frame ID: 92493C242C51BBCF56FAD330E78C1EB4
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 9CF2C2F2F69C93BD7170182100D471E3
Requests: 4 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_3a32b05a45c5481c88778
Frame ID: DEA71EE06CD357AA347E0A9A7883AE27
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 488DAA751A54119E395F7563D294956F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn
Frame ID: 5EEC7AB8253B58EB6EBCA3B207AC25E2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
Frame ID: 838EEE9031C2BC77EB4D949441C498C5
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 6FF13C96CB6759615CCC2311FBE0D804
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=1&key=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: B06587478FFB2ACDCED247814B4107F9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: ABC746578857401170C3D897D63DC6F5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
Frame ID: 31546364708A935C8B971BBEA4BB6900
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3D7A03D09A70DB3317EC58AFF4E17AD0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751697415783635
Frame ID: 7F776D448267F0FFDE018AC27DD25FA1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUab9db8a93a1447b9af78df625a0ecba4
Frame ID: 93CFC3B9C649192BD5A40E39D7B356B3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=882424164061
Frame ID: 8D72D8F30DC606DAFBA6F2FA98590145
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 3F5ED1814461E0853537F42E0FAC2F08
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=0&gdpr_consent=
Frame ID: B62CC0F17A33EED62F694FCEA2D80C71
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dWfkx1yXDteYeVQ-vPi2ZQ
Frame ID: BECADDFAB59DB1E705879D6C861AA597
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: B8D32604FB16E1A0861260C5CA66E084
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 490BA5CD1759D8455BA1FB56FC1D248E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D570607%26a%3D281178
Frame ID: A3C6BE6548A60A6531DD551C4E24042E
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D756033%26extuid%3D%5BPBS_UID%5D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D756621%26a%3D756033
Frame ID: 9D55C32C93C589F7300D3511F9AFE2AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Frame ID: 55FE4AA53C7957E2D61A644B242963B8
Requests: 23 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Frame ID: D7ABBDDF813A6CA257952265899E3C87
Requests: 6 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=750708&a=754412
Frame ID: 433267E4A830C35FBC815457918C7C07
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=undefined
Frame ID: 57DB64327455E44C5D60AB94F9C92248
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Frame ID: D2CBE27F828F51475E7A8303B6C60F3C
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D826FC2574DE9C75D3E4304B4519C987
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: EA3C5ABC79751E0CD26BF60F6299B7FD
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=undefined
Frame ID: 91E029D21705A771175E527BB1A55D7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7597764471930027755
Frame ID: 493CC818F53E53F6727BB1C8E015B5EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:59948840237444FFB186652355CB1705&gdpr=0&gdpr_consent=undefined
Frame ID: 446DF8FB31F7F6C95E4E9A72084AA074
Requests: 1 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=undefined&pubmatic_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 9D077776467040DB288BF642F09E985C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 6340F78A020D309CD4A7238CDA96F32E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706490047870.2&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D
Frame ID: 6BB931CE7426E3D08FE8DEED0A485489
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 086295DE568D01722F77FEBFA6862629
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: 1AF93A913C2FC7042AEE7F9223C3A680
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Ded4a94647a2ace32%26uid%3D
Frame ID: B485A5FAD4B79E4535B27F74DA315351
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Frame ID: 5B0370C2446B1BA7123A182E704944EE
Requests: 10 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Frame ID: F33B21F407D0373BF2D3C1DD638A1F5D
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=72&pid=5e0e296628a061270b21ccab&key=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
Frame ID: 36C3CA9C52072ADBB6C3BD3518B05ED9
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=23&key=933e2efb-9384-45f1-819b-125fe772a322
Frame ID: 71040BA7DDFFBBCB2EC9834F76664A6C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=41&pid=5e0e296628a061270b21ccab&key=264943876892460233441
Frame ID: 04F2F6E57FF1CDC4A98F4E76790F7B8C
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D143%26pid%3D5e0e296628a061270b21ccab%26key%3D%24UID
Frame ID: C557868758551C1945349F352927F143
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
Frame ID: 32F508B6313BE8CB6E567D691A409ED8
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Frame ID: 2253CE1BA0D3724670EA016BA4014E87
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%5BAV_GDPR%5D%26gdpr_consent%3D%5BAV_CONSENT%5D%26uid%3D%5BPBS_UID%5D
Frame ID: 95800F4642EEA63FC4E17D6724A6B646
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 87544C6436E75954DEDE78CE1153F722
Requests: 34 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 334F06A7C4C9D6FFBE06CB1B7687B14A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Frame ID: C7E9A7FCC21D3AE1E3AAE82650E931E6
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: FE73E0001F34CD5C0FC05D366E56F67E
Requests: 12 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?uid=A4495936762966581276&dc=eba3ecb667ab30ab&fi=ed4a94647a2ace32
Frame ID: A5A46B54BA42D74E46ED63FABF0BC386
Requests: 4 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=307971&extuid=AKPdkJk4iTC0COCr&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=484122&a=307971
Frame ID: E77089A84106E35D99C4CDA3E7B3E552
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Frame ID: 9F2F73053E6DF92D520FF0B69C522D53
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=1&key=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 999BF0E7EDDACB5BB24D25929614E937
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: D81B65C1510856D99E4603901396C9D7
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ed4a94647a2ace32&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 51BACB22A52F1DF3B768BD729C610580
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: A78CDEFB1D653F0A10D1EDEEC1D67F7C
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ed4a94647a2ace32&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 654A860349A71775356B6752E0B51505
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: A8784F05C136D6EA4ED179089DADEB2B
Requests: 1 HTTP requests in this frame

Frame: https://capi.connatix.com/core/us?DemandPartner=2&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=Pubmatic&tier=2&DemandPartnerUserId=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: DACB581AAAF8A9E7AF06603F0648ED61
Requests: 1 HTTP requests in this frame

Frame: https://191e40e306f6fc5816cb2e4c9fa76d3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7B8DFC26D89DA513B6F3451BC97972DC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Frame ID: 2C652E9B6525F0CD7CDA4B5CE2C5118C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 1E7837F7C514EC37671DFFDCD8B5506E
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80MDlmMjczOC1iYjcyLTQyYjgtYmVlYy05ZGNlNDg3MzQ5MGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 392C370BCEFC102B9427C76F52EE88AA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Frame ID: 563D30CBC0DC92CBAC85547198B92593
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adkernel
Frame ID: F233F8C1C71A2C7B8622F6C8A849C146
Requests: 4 HTTP requests in this frame

Frame: https://capi.connatix.com/core/us?DemandPartner=2&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=Pubmatic&tier=2&DemandPartnerUserId=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 4838D7A6948CA3045FEF03343E461D80
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain
Frame ID: 98540D02D503BCD9BF66FF7B71D235D9
Requests: 1 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=undefined&pubmatic_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 3CA7341A201D56FCF27BF734CF9154C2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKyXbLDFe4XQtTmPbab5iMgNfZIA1BNQUfbeFome_aoLfMMuM9XaNctQ6Zexjw11uwtvDFnGRi18Fw3RUOVuT6RbPlhZ_9sAZ0Ogl-9qHXApxTsTq_7F8oz-0ZMvccfvgsSCJHLtBzmxB0U773DSfxL9hFebMqjITx8Q82WAnUC3Hb-L34WCub6Z0JXJatAZXBpW7rm_KQkYsTnU1oPOsq91Va8onwDPZIJNF0Kg2-io35dS42uhWPXkwuXRsUJzagDlxHpJ6neroQwfgT3Ow5fbgEtNd7c4zbotrMM3nqWnaLiHq62gnKM-e1xzM-bzmgR_mc_tkX3ENNeXasNCE7fJj-6OAm3mhcOj8AdY9TViLUkH61DJOg&sai=AMfl-YRyTCdSxl6m1vgYfGrHvOL9DF685jQgV9tsdHKmS0FRrWo91E-qTP72-TNZioJwpg3gdmicsMHuyNb8UUb8MJNMJwCpp-MF6eZ6OUMsDHCMZF-w5j0C3Q5MN2WJ1OY&sig=Cg0ArKJSzHIrsiz1nJwFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 481DC7495084A0481E660ED73927772C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 96D96656E9F4898B42390E6BA1EE5A19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CFA5396DBDA3D3799AF2568054C9C065
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3031DA6E69C9928CA5CC144C7FA0045E
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: FFC5144DBAB535AFBA8FC3909FB5A81A
Requests: 6 HTTP requests in this frame

Frame: https://outbrain-d.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 514647B031F3D8D0F24C6985DBEC8C58
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2405212159101885593&gdpr=0&gdpr_consent=
Frame ID: 80B9C4C3C2D0C7FF68F7D4EDDC11C9BF
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 9C2F2DA78F28B4F81ABAA9FE71CAF1AF
Requests: 7 HTTP requests in this frame

Frame: https://decide.dev/lad/15261875772562278?pubid=ld-5018-4415&pubo=https%3A%2F%2Fnypost.com&rid=&width=300&path=%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&x=0&y=0
Frame ID: 1BD1B5FE877400507CD9CC8C40DCA64C
Requests: 2 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=570607&a=281178
Frame ID: 76679412DE8CF3302E26B370AA6DC0D5
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=570607&a=281178
Frame ID: 162E446DC6644992A2F12F313B619D25
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 70FB9F8FD1467493DC112F4F104AFA41
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2033%2C2110%2C2030%2C273%2C550%2C233%2C2028%2C2027%2C2026%2C2025%2C237%2C117%2C359%2C97%2C2109%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C446%2C9%2C2090%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C542%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: D581316E0BA72CA9CCCAF8F38D6422DF
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2432FD1%26sp%3D833229%26pb%3D305583%26c%3D570607%26a%3D281178%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Frame ID: 81C74781EE04F29179DDEEECD5A18E1D
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Frame ID: 7C75930CFD0A69257EFF857C3BA12611
Requests: 21 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D756033%26extuid%3D%5BPBS_UID%5D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2432FD1%26sp%3D833229%26pb%3D305583%26c%3D756621%26a%3D756033%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Frame ID: 2011852FFA3770E91ED68AC9FC12F0B3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Frame ID: BF3A0980FCA2196DED4BDA5DBD72EF7E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2431DCD&sp=860902&pb=283366&c=750708&a=754412&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Frame ID: 1794DFDB8CF9A21D0056DBC41ACBEAB1
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 66689CBB43968D0C161102FC547F91EE
Requests: 10 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Frame ID: 2649A0946A3CB5D0734C6618CB6878F0
Requests: 8 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 30BDBC636AA85AFDE5CA9BE4BF6934CF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 604C7E6FE231FFFF499C3EA75B04D431
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D8153AF27ECE523CD687FCDEFDB56ED7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Frame ID: E4C81578BA4CFD83FC3A7769AD81678D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN}
Frame ID: 3A23C6B7E21137660F9AAB80B43A215B
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nypost.com&us_privacy=1---
Frame ID: BBE92441C308C5388244E5EAF4C97C50
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 28EBF084AF075A57079400B995AAA5F4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: EDA11D8E3A5E1FD08D8BBC38879563C2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D726ae5e0bff11241%26uid%3D
Frame ID: C1B919A85E28CA200EC45C9AE94D3D3E
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Frame ID: 8DCF2399CDB725376C16335B6E151B22
Requests: 9 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&traffic_source=snippet&session=85AD5D56E2432FD1&sp=833229&pb=305583&c=570607&a=281178&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Frame ID: 0EE64FB4DD45931BEC082B976B88FE92
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=6706e737-2b3b-4ae1-90dc-918a56782337&expiration=1714352452
Frame ID: A78F0BC1617BB045781E1DBD21C4336C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&traffic_source=snippet&session=85AD5D56E2432FD1&sp=833229&pb=305583&c=570607&a=281178&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Frame ID: 4A2685E2F4CB34852CAC9CCEC946CBB4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BAE25A92BFD37F75366314F193CB67EB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 6EA98793D383C3A53EAD2F88DA61634A
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Frame ID: F9C53703676A2B5F5C62877B1E09B64F
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=726ae5e0bff11241&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 71FAD56E4672B479A42D21085628FA47
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: B16DF51CF69909F35AF5E952EAF2DBAD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Frame ID: 9A88A02B1A4591010A30E90C32BAE122
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: CA94903B818F69D68F51FB10CF308B9D
Requests: 12 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?uid=A4495936762966581276&dc=eba3ecb667ab30ab&fi=726ae5e0bff11241
Frame ID: E77435427A793DB48896CF31745F09CF
Requests: 4 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKPdkJk4iTC0COCr&traffic_source=snippet&session=85AD5D56E2431DCD&sp=860902&pb=283366&c=484122&a=307971&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Frame ID: 4407B89F0960B587EBCFD7B86B32BE4B
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2%2C81%2C100%2C122%2C150%2C94&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: FD9CA24555C2995D086815174E97AA3E
Requests: 7 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=726ae5e0bff11241&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: EB99DAC3C177C20B7133705E4E3386EA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Frame ID: 5147FD0B694C295E644FC035744F23F7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: F92E882A6B487186718965BD2B305750
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80MDlmMjczOC1iYjcyLTQyYjgtYmVlYy05ZGNlNDg3MzQ5MGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 9E06811891CAD39E33525EFF237CDFEC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Frame ID: C65ABEDABCB24EA902ABE62EF8CCFA68
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adkernel
Frame ID: B3E800383C1939BF941649CFBCFB3033
Requests: 3 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Frame ID: F741C1C559990AADF3AF5113C4CC4E47
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=169&gdpr=0&gdpr_consent=
Frame ID: 6B3AD7369FC3A3DAD568290996FC5C7A
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=4c318e13d98a247655254ea5ac3ea1c
Frame ID: EDB5A6AB8A92B7B373CE27891467CF47
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=bcc1ce09-7963-4ec7-c219-22911d192fd5&gdpr=0&gc=&gce=1&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 1F25942B779C5C0E77EA183D9599CE72
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9536993E191A813B6C1124D5ED709162
Requests: 3 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 4C609455009D0F92CB943A57C219CB54
Requests: 7 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E244B17B&sp=852559&pb=753264&c=750708&a=754412&domain=https://nypost.com
Frame ID: A7FDE98B0977047F4D81D4D39DBEF3ED
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Frame ID: BCB7A74902BE94E740A1C21AB8C1E1F7
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Frame ID: 536F7CD0613EDAEDF2E43969D3D642E6
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: B2D875CA2138D62D8E6928C23162C9E4
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D650e9f26e182b7eb%26uid%3D
Frame ID: EB9C7A9D6DCE6F6609FF4C432DC753BD
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Frame ID: DF72A00F7DF053CC3DADB243B145C840
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 77DAFEEDB6989641F90295D1220A237B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Frame ID: 3AF66CBF8F2DC5CBCCD49893BD999B06
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 551DF86E72A3D83BCBA12DC4E0DCC9B0
Requests: 12 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?uid=A4495936762966581276&dc=eba3ecb667ab30ab&fi=650e9f26e182b7eb
Frame ID: 65ECB02F16DD993D29291C9A54C8D127
Requests: 4 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKPdkJk4iTC0COCr&traffic_source=snippet&session=85AD5D56E244B17B&sp=852559&pb=753264&c=484122&a=307971&domain=https://nypost.com
Frame ID: 9FDAC510D055AD83D2FF1812AB502A24
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=650e9f26e182b7eb&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 52B240F6031CCABD84122988F61491E0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Frame ID: DAE64672D439EB017588A96C4683017B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A631B0A638A50E18043EBA8A7BD0D761
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80MDlmMjczOC1iYjcyLTQyYjgtYmVlYy05ZGNlNDg3MzQ5MGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: CDA9210D8F5DEF36A5BC7E6026107229
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Frame ID: 6A9BA7FB7D4B34F2A80C9566600FDF56
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=650e9f26e182b7eb&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 43215A8B9965FF0776C5AA5AEF3D03B1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 7FEBEB52E175956B281CECE47D40211E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adkernel
Frame ID: CA64FC181333DA6D5686B196D43C12C6
Requests: 3 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=70a21ae20dfbf74c5fa4b7af696db04c
Frame ID: 6A3E4646D058378146F4648D23228E76
Requests: 5 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 50BCB992C8A05C0F3E99C23C12EBAF8D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 038AB9AC20C1CA9A661B8FC47E263ED5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 7AABFD7A6F6A775092C827C3C4F4AD44
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212440012054719
Frame ID: F6DC060CC9E0CF7EC8EC24DC4E03102C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7A674C8B3FD2F354210CDB1856736DF9
Requests: 10 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 70F51452A3E476B71478EBA393506DC5
Requests: 8 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 934D8BB6D16E29B8750B586E1A6C7772
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1---
Frame ID: F9E2B351F1FC02718FCC30534F3180B0
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Frame ID: 3BCC06C3FE8887BA252F3E0AE58944C9
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=vidoomy
Frame ID: C3B89E3E0AD9FCC92C2EAC1A92E278FA
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Frame ID: 9EEC775ADBFEA27770567905F2825E6A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The trillions in COVID relief money led to billions in fraudBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1668
Requests

73 %
HTTPS

26 %
IPv6

241
Domains

451
Subdomains

285
IPs

15
Countries

10794 kB
Transfer

35586 kB
Size

535
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0 HTTP 301
  • https://btloader.com/tag?h=nypost-com&upapi=true
Request Chain 124
  • https://sb.scorecardresearch.com/cs/6390601/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 171
  • https://tags.nypost.com/cs/sync/i HTTP 302
  • https://us.tags.newscgp.com/cs/sync/i?expiry_ts=1769562037442&origin=tags.nypost.com HTTP 302
  • https://us.tags.newscgp.com/cs/bounce/i?expiry_ts=1769562037442&origin=tags.nypost.com&fallback_id=c3340d8a-73ae-48f3-b63a-c29abe327e45.3.1706490037.1769562037442 HTTP 302
  • https://tags.nypost.com/cs/bounce/i?expiry_ts=1769562037442&nuid=c3340d8a-73ae-48f3-b63a-c29abe327e45.3.1706490037.1769562037442
Request Chain 174
  • https://rp.liadm.com/j?dtstmp=1706490037574&aid=a-01qt&se=e30&duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&tv=v2.12.0&pu=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&ext__pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlRoZSB0cmlsbGlvbnMgaW4gQ09WSUQgcmVsaWVmIG1vbmV5IGxlZCB0byBiaWxsaW9ucyBpbiBmcmF1ZDwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vbnlwb3N0LmNvbS8yMDIyLzA2LzI0L3RoZS10cmlsbGlvbnMtaW4tY292aWQtcmVsaWVmLW1vbmV5LWxlZC10by1iaWxsaW9ucy1pbi1mcmF1ZC8iPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIgTG90cyBvZiB0aGUgQ09WSUQtMTkgc3BlbmRpbmcgdGhhdCBkb2Vzbid0IHF1YWxpZnkgYXMgd2FzdGVmdWwgb3IgZnJhdWR1bGVudCB3YXMgbm9uZXRoZWxlc3MgbWlzc3BlbnQuIj48aDEgY2xhc3M9ImhlYWRsaW5lIGhlYWRsaW5lLS1zaW5nbGUtZmFsbGJhY2siPgoJCVdoeSB0aGUgdHJpbGxpb25zIGluIENPVklELTE5IHJlbGllZiBtb25leSBsZWQgdG8gYmlsbGlvbnMgaW4gZnJhdWQJPC9oMT48dGl0bGU-QmFjayBCdXR0b248L3RpdGxlPjx0aXRsZT5TZWFyY2ggSWNvbjwvdGl0bGU-PHRpdGxlPkZpbHRlciBJY29uPC90aXRsZT4&cd=.nypost.com HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&aid=a-01qt&cd=.nypost.com&dtstmp=1706490037574&tv=v2.12.0&n3pc=true&wpn=lc-bundle&ext__pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&pu=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&c=PHRpdGxlPlRoZSB0cmlsbGlvbnMgaW4gQ09WSUQgcmVsaWVmIG1vbmV5IGxlZCB0byBiaWxsaW9ucyBpbiBmcmF1ZDwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vbnlwb3N0LmNvbS8yMDIyLzA2LzI0L3RoZS10cmlsbGlvbnMtaW4tY292aWQtcmVsaWVmLW1vbmV5LWxlZC10by1iaWxsaW9ucy1pbi1mcmF1ZC8iPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIgTG90cyBvZiB0aGUgQ09WSUQtMTkgc3BlbmRpbmcgdGhhdCBkb2Vzbid0IHF1YWxpZnkgYXMgd2FzdGVmdWwgb3IgZnJhdWR1bGVudCB3YXMgbm9uZXRoZWxlc3MgbWlzc3BlbnQuIj48aDEgY2xhc3M9ImhlYWRsaW5lIGhlYWRsaW5lLS1zaW5nbGUtZmFsbGJhY2siPgoJCVdoeSB0aGUgdHJpbGxpb25zIGluIENPVklELTE5IHJlbGllZiBtb25leSBsZWQgdG8gYmlsbGlvbnMgaW4gZnJhdWQJPC9oMT48dGl0bGU-QmFjayBCdXR0b248L3RpdGxlPjx0aXRsZT5TZWFyY2ggSWNvbjwvdGl0bGU-PHRpdGxlPkZpbHRlciBJY29uPC90aXRsZT4&i6=MjAwMTo1NTA6MWQwNToxOjo4&us_privacy=1---
Request Chain 193
  • https://sb.scorecardresearch.com/b?c1=2&c2=6390601&cs_fpcu=78b47f70d5e345a690b644b2e0f4f423&cs_it=b8&cv=3.6&ns__t=1706490037764&ns_c=UTF-8&c3=NYPOST&cj=1&cs_ucfr=1&c7=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&c8=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&cs_fpcu=78b47f70d5e345a690b644b2e0f4f423&cs_it=b8&cv=3.6&ns__t=1706490037764&ns_c=UTF-8&c3=NYPOST&cj=1&cs_ucfr=1&c7=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&c8=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&c9=
Request Chain 268
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=41e24d93-d54c-44df-8e10-335978a5e3ce HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 269
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1--- HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b22f58fe-1bd6-45ec-85d0-a530447e0578%3A1706490038.8884192&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Db22f58fe-1bd6-45ec-85d0-a530447e0578%253A1706490038.8884192%26pid%3D500040%26it%3D1%26iv%3Db22f58fe-1bd6-45ec-85d0-a530447e0578%253A1706490038.8884192%26_%3D1706490038.8909276&cb=1706490038.8909843 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968625796319955998&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Db22f58fe-1bd6-45ec-85d0-a530447e0578%253A1706490038.8884192%26pid%3D500040%26it%3D1%26iv%3Db22f58fe-1bd6-45ec-85d0-a530447e0578%253A1706490038.8884192%26_%3D1706490038.8909276
Request Chain 270
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1--- HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---&rd=Y
Request Chain 271
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=a00f9526-1dfc-4162-8f58-70eba1170baf&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=a00f9526-1dfc-4162-8f58-70eba1170baf&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=a00f9526-1dfc-4162-8f58-70eba1170baf HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=liveintent HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=vC4MldVUXx1-4THjD_zAjiaEdkk&user_group=1&ssp=liveintent HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Request Chain 272
  • https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0&us_privacy=1--- HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fi.liadm.com%2Fs%2F81081%3Fbidder_id%3D91218%26bidder_uuid%3D%24UID%26gdpr%3D0%26us_privacy%3D1--- HTTP 302
  • https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=569908430852131164&gdpr=0&us_privacy=1--- HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---
Request Chain 273
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=a00f9526-1dfc-4162-8f58-70eba1170baf?us_privacy=1--- HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=a00f9526-1dfc-4162-8f58-70eba1170baf
Request Chain 289
  • https://idsync.rlcdn.com/420046.gif?partner_uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEJRVF9mTkw5MFFyOVYxY1J4MlNMUVBHMzBIWHRUMVNJNllGdldyUmlJN1lORGNnR2J0MjhvdzAyNGtvZllmUUMQABoNCLfx260GEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3fa54f4c1724f44532bcd14f648f18062f7f3cc1ac516b9b83ea4968d783ab82791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3fa54f4c1724f44532bcd14f648f18062f7f3cc1ac516b9b83ea4968d783ab82791426b5417dce21&rand=00926226 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3fa54f4c1724f44532bcd14f648f18062f7f3cc1ac516b9b83ea4968d783ab82791426b5417dce21&rand=00926226&expected_cookie=add80fa8-b4a2-46e6-8a7b-a4d3bd12eb6e
Request Chain 290
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&initiator=ob&puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&s=2&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=FGMyRixu_DgVHyivxn3d&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&initiator=ob&gdpr=0&us_privacy=1---
Request Chain 291
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=569908430852131164&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 294
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Request Chain 297
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=210aed4c-1290-40df-ade0-996605a0ba01&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJ8-aXjaDxSII0j1HQsNS1k&google_cver=1 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Request Chain 301
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7329318908464986269&gdpr=0&gdpr_consent=
Request Chain 302
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Request Chain 304
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
Request Chain 305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LRY83WXS-13-DGE9&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&initiator=ob&gdpr=0&us_privacy=1---
Request Chain 307
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&xl8blockcheck=1 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&test=
Request Chain 308
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob&s=193091&C=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 309
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjZDNTQyODQtRTFCNC00RTg5LThEOTUtOUM2RTRGNkEyNEIy&gdpr=-1&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26initiator%3Dob%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3DB6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Request Chain 310
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&uid=cfc40b9e-7cf7-4e42-9e3c-5f868d9a1725
Request Chain 311
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A&gdpr=0
Request Chain 313
  • https://s.ad.smaato.net/c/?adExInit=o&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=8ee963035d&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Request Chain 314
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=2405212159101885593&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 316
  • https://id.rlcdn.com/711945.gif?ct=4&cv= HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
Request Chain 317
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 318
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&partner_user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=&uid=Imf9ynJq_cU5Y_zELDOyyXJk_p45YKyYLWNrB2-D
Request Chain 319
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=KJxDe5uCAiTw&initiator=ob&ev=1&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&us_privacy=1---&pid=562709&gdpr_consent=&gdpr=0
Request Chain 320
  • https://trace.mediago.io/ju/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid=09dd4f7e0d9f86852vuzd500lry83yic&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 321
  • https://id5-sync.com/s/164/9.gif?puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://id5-sync.com/c/164/164/9/1.gif?puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/164/108/8/2.gif?puid=509c862a-d03a-43aa-a731-974d8d72abf6&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/164/441/7/3.gif?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/164/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/164/2/6/4.gif?puid=569908430852131164&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/164/203/5/5.gif?puid=3fbfc4ff-725e-459d-8cd2-1da079402854&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F164%2F124%2F4%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F164%2F124%2F4%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/164/124/4/6.gif?puid=00b4fe7a-171e-41c9-b430-72af5b941e2e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=569908430852131164&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=569908430852131164&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
  • https://id5-sync.com/c/164/1246/3/7.gif?puid=IEdcARZHXsIbyiq9SwayWrz3&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=41e24d93-d54c-44df-8e10-335978a5e3ce&ttl=%%TTL%% HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F796%2F1%2F9.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/164/796/1/9.gif?puid=2686f86f-e79d-485e-ba10-74b2c691a418&gdpr=0&gdpr_consent=
Request Chain 322
  • https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&p=opera&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?gdpr=0&gdpr_consent=&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&p=opera&uid=OPUab9db8a93a1447b9af78df625a0ecba4&us_privacy=1---
Request Chain 323
  • https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%7Buserid%7D%26initiator%3Dob%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=406bae7f-7d04-572f-b9e1-79954ae2d6c2&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Request Chain 325
  • https://match.sharethrough.com/universal/v1?supply_id=vviA7jzZ&source_user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=sharethrough&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
Request Chain 326
  • https://pxl.iqm.com/i/ck/outbrain?cid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Diqm%26uid%3D%7BIQM_COOKIE%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=iqm&uid=0c76e7f2-ba47-446a-abb1-da8b922c46d6&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 327
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%5BRX_UUID%5D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%5BRX_UUID%5D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob&cb=1706490041362 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3968318468 HTTP 302
  • https://sync.1rx.io/usersync/turn/7275493187359501348?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 331
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Request Chain 384
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3494916401524150000V10
Request Chain 393
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 394
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wZU9pcXRKRTJ1S085dDNTeHBzTjlUckowdFo3MVFsTn5B
Request Chain 396
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=569908430852131164&ex=appnexus.com
Request Chain 403
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=264943876892460233441
Request Chain 414
  • https://match.adsrvr.org/track/cmf/openx?oxid=7fd52299-0319-73be-fd53-0d2b3521d00e&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=41e24d93-d54c-44df-8e10-335978a5e3ce&ttd_puid=7fd52299-0319-73be-fd53-0d2b3521d00e&gdpr=0&gdpr_consent=
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOIMATgIsNRfwSuBVlKcJA&google_cver=1
Request Chain 417
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374959;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374959;dc_pre=CJyLtOWygYQDFQINaAgdua4OqA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Request Chain 418
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374962;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374962;dc_pre=CKuRtOWygYQDFZ5eRwEd3bMOEg;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Request Chain 419
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374965;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374965;dc_pre=CN2StOWygYQDFTouiAkddyYNpA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Request Chain 420
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374968;dc_trk_aid=576616723;dc_trk_cid=207984472;;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374968;dc_pre=CKaytOWygYQDFVMJaAgddIYHBw;dc_trk_aid=576616723;dc_trk_cid=207984472;;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Request Chain 421
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374971;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374971;dc_pre=COeutOWygYQDFa0baAgdpuIKwA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Request Chain 435
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Zbb4t.4rlh.cZ2F6j5eVAQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1&google_hm=2
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
Request Chain 437
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&expiration=1709082041&gdpr=0&gdpr_consent=
Request Chain 439
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969751697415783635
Request Chain 440
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
Request Chain 446
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NzBiYzU1M2QtMTdlYy00MjJiLWE3YWMtZWVlYjVlYzFjMDJi HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 449
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=569908430852131164
Request Chain 450
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=569908430852131164
Request Chain 451
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dgumgum2%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=_yqhSoo3r-oo_L9rgKV70 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Request Chain 452
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
Request Chain 453
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Request Chain 454
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
Request Chain 455
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=2686f86f-e79d-485e-ba10-74b2c691a418
Request Chain 457
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
Request Chain 458
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 459
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2405212159101885593
Request Chain 461
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=WnU1eHJGMUM4d0xGcTNUcFVhOGVvZw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAS2oUkwXmmHC5Pi8aFgQXg&google_cver=1
Request Chain 462
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=179e2a365635108b&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHaYfdwKIClQMIjRPkAAAAAAA&expiration=1706576441&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 468
  • https://t.adx.opera.com/pub/sync?pubid=pub9858090441216&gdpr=0&consent=undefined HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUfc6cf69a06944a8a99d5012486ed4622
Request Chain 469
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_consent%3Dundefined HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_consent%3Dundefined&rd=1 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?raudience_id=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&gdpr=0&gdpr_consent=undefined
Request Chain 470
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 474
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Zbb4ucCo5swAACZwrzgAAAAA
Request Chain 475
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=gumgum
Request Chain 476
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 477
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Request Chain 513
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Request Chain 514
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0a1822040049791feeac8450&gdpr=0&gdpr_consent=
Request Chain 515
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MGg3SU9GOTFzM0VTVm1FQTlqdnl5SmEwdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDBoN0lPRjkxczNFU1ZtRUE5anZ5eUphMHciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDBoN0lPRjkxczNFU1ZtRUE5anZ5eUphMHciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDBoN0lPRjkxczNFU1ZtRUE5anZ5eUphMHciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6499456437357126316&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDBoN0lPRjkxczNFU1ZtRUE5anZ5eUphMHciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=0h7IOF91s3ESVmEA9jvyyJa0w&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=2405212159101885593&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 516
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3966009720 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/41e24d93-d54c-44df-8e10-335978a5e3ce HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 517
  • https://cd.connatix.com/connatix.player.js?cid=b582666c-87a2-4193-8dad-2c835c276570 HTTP 302
  • https://cds.connatix.com/p/418625/connatix.player.js?cid=b582666c-87a2-4193-8dad-2c835c276570
Request Chain 527
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFNNohK6F8p3qiNrheBmyug&google_cver=1
Request Chain 528
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=WHlaQ3pDWjh1cm8
Request Chain 529
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1
Request Chain 530
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbb4t.4rlh.cZ2F6j5eVAQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1&google_hm=2
Request Chain 538
  • https://pix.cdnwidget.com/redirect?CID=2bbiBC2yVMrXwhq8yxcSY5MdPYa&DID=2bbiB7GCilGdiXnVecd4SJxgZ4U&v=&iv=&deviceid=3083166010840309329&visitid=1706490039300702&wsid=2045&apikey=2^HIykD HTTP 302
  • https://pippio.com/api/sync?pid=5749 HTTP 307
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Request Chain 560
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRY83WXS-13-DGE9 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRY83WXS-13-DGE9&ex=d-rubiconproject.com&status=ok
Request Chain 577
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 578
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthemediagrid%26bsw_param%3D82ce5fbb-faf3-47ec-acb9-51ab4b739685%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=a0d7576d9e1f4d62b901874e2cf64d14&ssp=themediagrid&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&consent=&gdpr_pd=&expires=7
Request Chain 588
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tsVChOG0TomNlZxuT2oksg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 589
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=509c862a-d03a-43aa-a731-974d8d72abf6%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=41e24d93-d54c-44df-8e10-335978a5e3ce&ttd_puid=509c862a-d03a-43aa-a731-974d8d72abf6%2C%2C
Request Chain 592
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFgvbstX_IMB5gzVqKDvmng&google_cver=1
Request Chain 593
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:59948840237444FFB186652355CB1705
Request Chain 594
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Request Chain 596
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7WMCTkVE2uU_84mFGaMcup5nIDsvu08-~A&gdpr=0
Request Chain 613
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRY83WXS-13-DGE9 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LRY83WXS-13-DGE9
Request Chain 614
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJZODNXWFMtMTMtREdFOQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMDh6KNDR9SFdPcLtpbFn5A&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJZODNXWFMtMTMtREdFOQ==&google_push=
Request Chain 615
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWUwMzM0ZWZmOTMzYjI5M2YwMTI0ZmE4ZTgxMDEzMjJiNGQ5ZDI4OA
Request Chain 616
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kq0HEKcsx6gaN28x2q_NScn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ozZhArpE2oKhrRe4h4.cN.ivod5SZT7wtBFDJQ--~A
Request Chain 617
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=41e24d93-d54c-44df-8e10-335978a5e3ce&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 618
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY0OTQzODc2ODkyNDYwMjMzNDQx HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 619
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAbwNbFzOXCdVyFc1aaIGpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 620
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY0OTQzODc2ODkyNDYwMjMzNDQx
Request Chain 622
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/264943876892460233441?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-SF4ZTMlE2oSU_bX2g5BPcPcep3j4N9JHi29BJTU_EQ--~A&dongle=0883
Request Chain 623
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=264943876892460233441&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=cfd08bcc-90eb-4708-b389-0707c71d75d8&ssp=triplelift&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 624
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=3fbfc4ff-725e-459d-8cd2-1da079402854&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}
Request Chain 625
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=569908430852131164&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 627
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRY83WXS-13-DGE9&ex=d-rubiconproject.com&status=ok
Request Chain 628
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zQYLimNvT7yCjAOY-0Y73w&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zQYLimNvT7yCjAOY-0Y73w
Request Chain 629
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRY83WXS-13-DGE9
Request Chain 631
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFVYo1uzixdyOZ-Djmhp1gw&google_cver=1
Request Chain 632
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=&expires=30
Request Chain 633
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGDg07LbfEAABOt5hXgMg&expires=30
Request Chain 634
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRY83WXS-13-DGE9
Request Chain 635
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=2686f86f-e79d-485e-ba10-74b2c691a418&expires=30
Request Chain 636
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRY83WXS-13-DGE9&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRY83WXS-13-DGE9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 637
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRY83WXS-13-DGE9
Request Chain 638
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRY83WXS-13-DGE9
Request Chain 639
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRY83WXS-13-DGE9&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRY83WXS-13-DGE9&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UVWpYeGhORTJ1RndCbWxkOHExY0VxY1RWMlBxLnBHaH5B&ovsid=LRY83WXS-13-DGE9&dpid=58160
Request Chain 643
  • https://gcdn.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/7A16D8E620C57D0A127EE629401CBE20196664AF.877E53C3F8BE58E9753742E30EB34C16AEA4E744/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13BDF4934087DEBC2C9A2292EB8FF4EE691260E3.82A5449321D20AC475122010655E66FE38C9009C/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4fl6nsd/ms/onc/mt/1706489288/mv/u/mvi/1/pl/48/file/file.mp4
Request Chain 648
  • https://gcdn.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/7A16D8E620C57D0A127EE629401CBE20196664AF.877E53C3F8BE58E9753742E30EB34C16AEA4E744/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B7C7C83AFA485A23FE5B5D1A62D5497906CC9B8.78F557D974AB883011D3C008D310AD02689E029D/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4fl6nsd/ms/onc/mt/1706489288/mv/u/mvi/1/pl/48/file/file.mp4
Request Chain 655
  • https://rtb-use.mfadsrvr.com/sync?ssp=bidswitch&seller_network=bidswitch_trustx&bid_id=adf9f0c0-b67e-4357-aead-70441bf6bfe2&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=210aed4c-1290-40df-ade0-996605a0ba01&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Request Chain 656
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=bidswitch_trustx&bid_id=adf9f0c0-b67e-4357-aead-70441bf6bfe2&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=210aed4c-1290-40df-ade0-996605a0ba01 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=210aed4c-1290-40df-ade0-996605a0ba01&ckls=true&ci=YuCD0eRlkT&nc=false&trid=1624310220
Request Chain 657
  • https://us-east-sync.bidswitch.net/sync?ssp=trustx&dsp_id=250&imp=1 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=trustx&bsw_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=210aed4c-1290-40df-ade0-996605a0ba01&ssp=trustx
Request Chain 675
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&khaos=LRY83WXS-13-DGE9 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LRY83WXS-13-DGE9&gdpr_consent=undefined
Request Chain 678
  • https://bh.contextweb.com/bh/rtset?pid=560210&ev=1&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dppt%26refUrl%3D%26vid%3D64900437683494916401524150000V10%26axid_e%3D%26ovsid%3D%25%25VGUID%25%25 HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=ppt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=H8rkIRuldlvq&ev=1&pid=560210
Request Chain 679
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Drkt%26refUrl%3D%26vid%3D64900437683494916401524150000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=rkt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=969751697415783635
Request Chain 680
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dcon%26refUrl%3D%26vid%3D64900437683494916401524150000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=734e1961a686108b&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dcon%26refUrl%3D%26vid%3D64900437683494916401524150000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=con&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=AAAF4JnAkSDv2gMR2A26AAAAAAA&expiration=1706576443&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 681
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dr1%26refUrl%3D%26vid%3D64900437683494916401524150000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2057.4%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=6403248818 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2057.4/b16465b6-f8b7-4700-825f-1f6d618c12a5?zcc=0&sspret=1
Request Chain 682
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ5NDkxNjQwMTUyNDE1MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOCrHLxhpsJXWnvWJ2NZlTo&google_cver=1
Request Chain 683
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Ddxu%26refUrl%3D%26vid%3D64900437683494916401524150000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Ddxu%26refUrl%3D%26vid%3D64900437683494916401524150000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=dxu&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=MGfTdgLu1Rug0Y5
Request Chain 684
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=3fbfc4ff-725e-459d-8cd2-1da079402854&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Request Chain 685
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=medianet&bsw_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=medianet&bsw_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=eef444ba-73d2-41cc-8090-949d0e38089a&expires=3&user_group=1&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 686
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=FGMyRixu_DgVHyivxn3d
Request Chain 688
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3494916401524150000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=210aed4c-1290-40df-ade0-996605a0ba01&cs=1
Request Chain 690
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 691
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=medianet
Request Chain 716
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBWOHQo4IG_r7LBHcveTFlA&google_cver=1&google_push=AXcoOmTGgzDl54puqBWz_7pHlmhprycIQLaESFCTx5xgGjawEL0vHoRr9YTdsLEwK5yF3M3JSWCXv9WzQNSPJU0NnVvghttoAhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDFlMjRkOTMtZDU0Yy00NGRmLThlMTAtMzM1OTc4YTVlM2Nl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 717
  • https://a.c.appier.net/gcm?google_gid=CAESEG0Onbv9S2Gkm0kvykqITuk&google_cver=1&google_push=AXcoOmSTnAEIBCg5DmQ19W2j71Qx3uc8IoolHr2OU8Gb9o-Yn2OD2zvgqy5HSAqlKN_xThYB6TjKYRMrd2JOHKabJq6QSsU8KzGX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFdma3gxeVhEdGVZZVZRLXZQaTJaUQ%3D%3D&google_push=AXcoOmSTnAEIBCg5DmQ19W2j71Qx3uc8IoolHr2OU8Gb9o-Yn2OD2zvgqy5HSAqlKN_xThYB6TjKYRMrd2JOHKabJq6QSsU8KzGX
Request Chain 718
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1&google_push=AXcoOmS2m0n-e96if517r32u24f1GeD4R4byGdTTRwSOiWk--ChjdHWIgMHyPTtAUBK6rsmCVF80KRGKCoxyFPKkIHbOePTxGXgB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&google_nid=index&google_push=AXcoOmS2m0n-e96if517r32u24f1GeD4R4byGdTTRwSOiWk--ChjdHWIgMHyPTtAUBK6rsmCVF80KRGKCoxyFPKkIHbOePTxGXgB
Request Chain 720
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEL2OBtVacyYoBS7T-O488_E&google_cver=1&google_push=AXcoOmS6OJLkt1ZfeahOcSKMgw-6STf56zyIX2laRs3rguZGgITj08Jz2OHGsAOysUXx_jBx9v6rp563hNpnUu9shAD1KcjvifSx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmS6OJLkt1ZfeahOcSKMgw-6STf56zyIX2laRs3rguZGgITj08Jz2OHGsAOysUXx_jBx9v6rp563hNpnUu9shAD1KcjvifSx
Request Chain 721
  • https://cc.adingo.jp/adx/push/?google_gid=CAESENDY1chyQxONm5RDreSBZaE&google_cver=1&google_push=AXcoOmQ80L7YYotvmmiHB4_-z2gEOMSEoSDOJloMP113MPYWBQVvwXjoj4Qv_7P_KcT8Lcm0-uPpF1PGV-VEKEhXVy_OBiQY6nmn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmQ80L7YYotvmmiHB4_-z2gEOMSEoSDOJloMP113MPYWBQVvwXjoj4Qv_7P_KcT8Lcm0-uPpF1PGV-VEKEhXVy_OBiQY6nmn&google_hm=e4ab3414abfc3f86df311480b97b5148
Request Chain 722
  • https://sync.inmobi.com/gob?google_gid=CAESEJ8M6gxudYimohivTL2_dPQ&google_cver=1&google_push=AXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qiXyOiwv1ybg HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qiXyOiwv1ybg HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&google_push=AXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qiXyOiwv1ybg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=jBlXS5AhPLp5o70Kbpnl&google_push=AXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qiXyOiwv1ybg&google_nid=inmobi_new_eb
Request Chain 724
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENdO6_wi95iQnAGRx1XqHxs&google_cver=1&google_push=AXcoOmTP8DxLeQ8_uv2zDq7xJHdEcOHJ_1eOD_74oBxjtyh4Deb_UvBAW6FF70xm8tjlenKja08Cr5cTfbUP8z74O_lg29vszvcqM6_bTD3KaEfmg-3AD3JWCVg9XsCaB89ZGJTscofAsWp6H5EocJ2esO_b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTP8DxLeQ8_uv2zDq7xJHdEcOHJ_1eOD_74oBxjtyh4Deb_UvBAW6FF70xm8tjlenKja08Cr5cTfbUP8z74O_lg29vszvcqM6_bTD3KaEfmg-3AD3JWCVg9XsCaB89ZGJTscofAsWp6H5EocJ2esO_b
Request Chain 726
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRoRdfWq4bE7puWLfh_uotl-UIwprNUyMDk2BNBhjxvRKJDpRLpRoiJ_hofuDIoQ9Z0qkFZzpZBJdxsf7_16_c7rJqV6ZZnm1l5Of_jV2e_qKTGEd8mwMMbhdkrNKZjuNvs8re62e6mDz26h4-wYZuh&google_gid=CAESEIiyjxVD07rBO-L4mJVv5u0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-CZ9EpshAAZMRmtHJMFdIz0hSE5PtgzZE2dktjQ&google_push=AXcoOmRoRdfWq4bE7puWLfh_uotl-UIwprNUyMDk2BNBhjxvRKJDpRLpRoiJ_hofuDIoQ9Z0qkFZzpZBJdxsf7_16_c7rJqV6ZZnm1l5Of_jV2e_qKTGEd8mwMMbhdkrNKZjuNvs8re62e6mDz26h4-wYZuh
Request Chain 727
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1&google_push=AXcoOmQAoSKQTilpSOxLjaOuanZ8zdwPZgDlIDTdB-D6q5NL49a7h7CVl5Z6ff9EbNMzHbn-Sm_pH_KMiM_1E-1ipEGnkXfVo3A3XpgMsa-glpDTpNTMjM67sA483OMpZo-xvWBKTWRTC8VOKq0FXw-qLkt6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&google_nid=index&google_push=AXcoOmQAoSKQTilpSOxLjaOuanZ8zdwPZgDlIDTdB-D6q5NL49a7h7CVl5Z6ff9EbNMzHbn-Sm_pH_KMiM_1E-1ipEGnkXfVo3A3XpgMsa-glpDTpNTMjM67sA483OMpZo-xvWBKTWRTC8VOKq0FXw-qLkt6
Request Chain 728
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKOrsOYBf9FWvGXgCUsLxP0&google_cver=1&google_push=AXcoOmRpMGQaShXfX-ajFOesETbcgUgEjx-xtpeIrlmXDd6APMawgbrd-YGLQSw5CQNnMLtVd5Ys3UMiWYJ2HiX7cbiMlAbrWDewvD99lZ5IHBfg5bC2s1xZIp94cBn6ik5aagRRq-JYW3wltJB4fKNp87ci HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=8ee963035d&gdpr=0&gdpr_consent=
Request Chain 729
  • https://sync.inmobi.com/gob?google_gid=CAESEJ8M6gxudYimohivTL2_dPQ&google_cver=1&google_push=AXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZDldTL7U4tYykWz6hfKkZWFIXONJRpa18C7CjhXNEMBXdaoJpve5mgmP4zbTUGcPKWA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZDldTL7U4tYykWz6hfKkZWFIXONJRpa18C7CjhXNEMBXdaoJpve5mgmP4zbTUGcPKWA HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&google_push=AXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZDldTL7U4tYykWz6hfKkZWFIXONJRpa18C7CjhXNEMBXdaoJpve5mgmP4zbTUGcPKWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=jBlXS5AhPLp5o70Kbpnl&google_push=AXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZDldTL7U4tYykWz6hfKkZWFIXONJRpa18C7CjhXNEMBXdaoJpve5mgmP4zbTUGcPKWA&google_nid=inmobi_new_eb
Request Chain 730
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMcpoMm11Uz84_x0D8pzqnM&google_cver=1&google_push=AXcoOmRaZubrabRrhz7GYq_-0GAtJnDtG-Ce9CB8RbzQWJndsctdv5HeyAZVorxjlJ0F2oB53P_kdICSkdcUKRApGFDgBNRa1CPCZThNKqgjgHwTzi94qSeyB52-FUhZiXcp1an_cFfS8ERPysbteN0fOzwkPQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRaZubrabRrhz7GYq_-0GAtJnDtG-Ce9CB8RbzQWJndsctdv5HeyAZVorxjlJ0F2oB53P_kdICSkdcUKRApGFDgBNRa1CPCZThNKqgjgHwTzi94qSeyB52-FUhZiXcp1an_cFfS8ERPysbteN0fOzwkPQ&google_hm=RkdNeVJpeHVfRGdWSHlpdnhuM2Q=
Request Chain 737
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=644a60246e77108b&is_secure=true&version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAFvn6aWhGzlgN3oAmpAAAAAAA&expiration=1706576444
Request Chain 742
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&rndcb=3250595750 HTTP 302
  • https://cm.mgid.com/m?cdsp=146480&gdpr=&gdpr_consent=&us_privacy=&adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dadconductor%26user_id%3D%7Bmuidn%7D%26bsw_param%3D82ce5fbb-faf3-47ec-acb9-51ab4b739685%26expires%3D10%26gdpr%3D%26gdpr_consent%3D HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dadconductor%26user_id%3D%7Bmuidn%7D%26bsw_param%3D82ce5fbb-faf3-47ec-acb9-51ab4b739685%26expires%3D10%26gdpr%3D%26gdpr_consent%3D&cdsp=146480&gdpr=&gdpr_consent=&us_privacy=&sct=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=303&ssp=adconductor&user_id=o0sIVghABe0h&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685&expires=10&gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/82ce5fbb-faf3-47ec-acb9-51ab4b739685?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D200%26key%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=200&key=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 743
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=18&key=IEdcARZHXsIbyiq9SwayWrz3
Request Chain 744
  • https://csync.loopme.me/?pubid=11455&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=56&pid=59c9148628a0612da3689288&key=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&gdpr=0
Request Chain 745
  • https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-9a4stuZE2uKU2FCaDPsyZX20TOX5Rc9Y~A&gdpr_in_effect=0
Request Chain 746
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 748
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6cdfaa70225d6647ed904c432d8f0b&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 752
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=B81743F7-B474-4C19-8479-8697021ABDD2&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D31%26key%3D%24%24visitor_cookie%24%24 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=31&key=a0d7576d9e1f4d62b901874e2cf64d14
Request Chain 754
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=55&key=569908430852131164
Request Chain 759
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid= HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=a00f9526-1dfc-4162-8f58-70eba1170baf&liid=&_ct=im&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=869d01602ac342df9a9c409daca26dff HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
Request Chain 760
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=569908430852131164&us_privacy=1---
Request Chain 762
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGDg07LbfEAABOt5hXgMg&expiration=1707699644&us_privacy=1---
Request Chain 764
  • https://rtb.adentifi.com/CookieIndex?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
Request Chain 765
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1--- HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=d4d740f0-be41-11ee-8602-6e51ba46ead9
Request Chain 766
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Request Chain 781
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zbb4vAAA0m8FLAAg HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Zbb4vAAA0m8FLAAg&gdpr=0&gdpr_consent=&_test=Zbb4vAAA0m8FLAAg
Request Chain 782
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=2405212159101885593&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 783
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=2405212159101885593&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAGDg07LbfEAABOt5hXgMg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F6%2F4.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/123/6/4.gif?puid=18d52bb8cfc-2b830000010a4452&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/5/5.gif?puid=6499456437357126316&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/104/4/6.gif?puid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/112/3/7.gif?puid=72051B607ADFDF1F&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F2%2F8.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/163/2/8.gif?puid=MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
Request Chain 784
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6499456437357126316&gdpr=0&gdpr_consent=
Request Chain 802
  • https://x.bidswitch.net/sync?ssp=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dozone%26user_id%3D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D509c862a-d03a-43aa-a731-974d8d72abf6%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%252526ssp%25253Dozone%252526user_id%25253D%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=569908430852131164&pt=509c862a-d03a-43aa-a731-974d8d72abf6%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Dozone%2526user_id%253D%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=ozone&user_id= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=&gdpr_consent=&us_privacy=&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Request Chain 812
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=fcbe1cca89d74a54a114006b7671810e&pname=Index&api-tier=2&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Request Chain 813
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=fcbe1cca89d74a54a114006b7671810e&pname=Beeswax&api-tier=2&uid=AAGDg07LbfEAABOt5hXgMg&gdpr=0
Request Chain 814
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=41e24d93-d54c-44df-8e10-335978a5e3ce&ttl=1709082044
Request Chain 815
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=fcbe1cca89d74a54a114006b7671810e&pname=Amobee&api-tier=2&uid=7275493187359501348
Request Chain 816
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=fcbe1cca89d74a54a114006b7671810e&pname=TripleLift&api-tier=2&uid=264943876892460233441
Request Chain 817
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=fcbe1cca89d74a54a114006b7671810e&pname=AppNexus&api-tier=2&uid=569908430852131164=&gdpr=0
Request Chain 818
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpid%3D44%26puid%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&rndcb=5585501237 HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LRY83WXS-13-DGE9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpid%3D44%26puid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://capi.connatix.com/us/pixel?pid=44&puid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 819
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null&url=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpid%3D40%26puid%3D%5Bsas_uid%5D%26nwid%3D3630 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=2405212159101885593&pId=40&gdpr=0&gdpr_consent=
Request Chain 820
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Request Chain 822
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=fcbe1cca89d74a54a114006b7671810e&pname=PulsePoint&api-tier=2&uid=H8rkIRuldlvq
Request Chain 823
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=fcbe1cca89d74a54a114006b7671810e&pname=Crimtan&api-tier=2&uid=a591ea3200184fecb5ef4715ed7a1859
Request Chain 824
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=fcbe1cca89d74a54a114006b7671810e&pname=LoopMe&api-tier=2&uid=5a8e7a58-5360-4042-bd21-3b1e486462a2&pubid=11186&gdpr=0
Request Chain 825
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253Dfcbe1cca89d74a54a114006b7671810e%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553%2526gdpr%253D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253Dfcbe1cca89d74a54a114006b7671810e%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553%2526gdpr%253D0&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DCentro%26api-tier%3D2%26uid%3D7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=fcbe1cca89d74a54a114006b7671810e&pname=Centro&api-tier=2&uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0
Request Chain 826
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=fcbe1cca89d74a54a114006b7671810e&pname=YieldMo&api-tier=2&uid=VEUOBrrWWOrhYC5oqQHd&gdpr=0
Request Chain 827
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=fcbe1cca89d74a54a114006b7671810e&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DTelaria%26api-tier%3D2%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=fcbe1cca89d74a54a114006b7671810e&pname=Telaria&api-tier=2&uid=2d3f182001b74b158a894fe53259fbfd
Request Chain 828
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=4c318e13d98a247655254ea5ac3ea1c&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 831
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=fcbe1cca89d74a54a114006b7671810e&pname=SundaySky&api-tier=2&uid=d6.e76e07904f87467aa0560fd6be8edb8f
Request Chain 832
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DAdelphic%26api-tier%3D2%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=fcbe1cca89d74a54a114006b7671810e&pname=Adelphic&api-tier=2&uid=2686f86f-e79d-485e-ba10-74b2c691a418
Request Chain 833
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=fcbe1cca89d74a54a114006b7671810e&pname=Sonobi&api-tier=2&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Request Chain 834
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3dfcbe1cca89d74a54a114006b7671810e%26pname%3dSharethrough%26api-tier%3d2%26uid%3d%7BUSER_ID%7D HTTP 302
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0&gdpr_consent=null
Request Chain 835
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=fcbe1cca89d74a54a114006b7671810e&pname=ResetDigital&api-tier=2&uid=0000012B8D2A74F7
Request Chain 837
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=b3ef523e-aa85-4e51-b342-ae17a1aabb70
Request Chain 838
  • https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3DMediaNet%26tier%3D2%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=31&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3494916401524150000V10
Request Chain 840
  • https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=ZmNiZTFjY2E4OWQ3NGE1NGExMTQwMDZiNzY3MTgxMGU&extra1=fcbe1cca89d74a54a114006b7671810e&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport HTTP 302
  • https://capi.connatix.com/us/google/report?extra1=fcbe1cca89d74a54a114006b7671810e&gdpr=0
Request Chain 841
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=fcbe1cca89d74a54a114006b7671810e&redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpid%3D34%26puid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?pid=34&puid=4059c788-c609-458d-bd4a-2742a3475cda
Request Chain 852
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=569908430852131164&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.26%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6220006383 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2069.26/7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553?zcc=0&sspret=1&rndcb=6220006383 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 859
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=569908430852131164&gdpr=0&gdpr_consent=
Request Chain 860
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4d740f0-be41-11ee-8602-6e51ba46ead9
Request Chain 861
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHRGcwN0xiZkVBQUJPdDVoWGdNZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAGDg07LbfEAABOt5hXgMg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGDg07LbfEAABOt5hXgMg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGDg07LbfEAABOt5hXgMg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2405212159101885593&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAGDg07LbfEAABOt5hXgMg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D2405212159101885593%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=2405212159101885593&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGDg07LbfEAABOt5hXgMg&gdpr=0&gdpr_consent=
Request Chain 864
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7b427723-98ae-4b38-8a85-f1ddcf753b70
Request Chain 868
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2686f86f-e79d-485e-ba10-74b2c691a418&gdpr=0&gdpr_consent=
Request Chain 869
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=67c963a005b8141a&is_secure=true&networkId=17100&version=1&nuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHJEC4Nl3DCwN_lO4vAAAAAAA&expiration=1706576446&nuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 874
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 876
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=the33across&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dthe33across%26bsw_param%3D82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=509c862a-d03a-43aa-a731-974d8d72abf6&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D509c862a-d03a-43aa-a731-974d8d72abf6%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dthe33across%252526bsw_param%25253D82ce5fbb-faf3-47ec-acb9-51ab4b739685%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=32327484771080788001847257897123682831&pt=509c862a-d03a-43aa-a731-974d8d72abf6%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dthe33across%2526bsw_param%253D82ce5fbb-faf3-47ec-acb9-51ab4b739685%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=the33across&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Request Chain 878
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iXRo4LBE2uFLS2IDg9nFJVVgM5xcyDEe~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iXRo4LBE2uFLS2IDg9nFJVVgM5xcyDEe%7EA&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 879
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=302deb8eb2a714dd&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAFvn6aWhGz-gMLIjM9AAAAAAA&expiration=1706576446&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFvn6aWhGz-gMLIjM9AAAAAAA&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 880
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=264943876892460233441 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=264943876892460233441&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 888
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LRY83WXS-13-DGE9 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LRY83WXS-13-DGE9
Request Chain 889
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_3a32b05a45c5481c88778
Request Chain 890
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://a.usbrowserspeed.com/cs?puid=104d7f97-8933-56e1-a67d-8076340ba107&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526bidswitch_ssp_id%253dpubmatic HTTP 302
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic HTTP 303
  • https://a.usbrowserspeed.com/cs?puid=AAGDg07LbfEAABOt5hXgMg&pid=beeswax&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=f8c7369e-473e-4cf5-8717-09a89cc78e6f&expires=5&user_group=0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 891
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn
Request Chain 892
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
Request Chain 893
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=cfd08bcc-90eb-4708-b389-0707c71d75d8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Request Chain 896
  • https://idsync.rlcdn.com/712188.gif?partner_uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=2a135dff-ce5e-45de-a22a-8dd80cbab1d6
Request Chain 899
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7275493187359501348&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 900
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_11005FCC9_87F666AC&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 901
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11&gdpr=0
Request Chain 902
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
Request Chain 903
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=pubmatic&gdpr=0&gdpr_consent=
Request Chain 921
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 922
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
Request Chain 923
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 924
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751697415783635
Request Chain 925
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUab9db8a93a1447b9af78df625a0ecba4
Request Chain 926
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=882424164061
Request Chain 928
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=0&gdpr_consent=
Request Chain 929
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dWfkx1yXDteYeVQ-vPi2ZQ
Request Chain 932
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2 HTTP 303
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=FGMyRixu_DgVHyivxn3d HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&a00f9526-1dfc-4162-8f58-70eba1170baf
Request Chain 934
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=d6293300-be41-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Request Chain 935
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6499456437357126316
Request Chain 976
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 997
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Request Chain 1011
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971 HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Request Chain 1012
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Request Chain 1013
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D750708%26a%3D754412 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=750708&a=754412
Request Chain 1014
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA6%26sp%3D730717%26pb%3D305583%26c%3D501093%26a%3D309017 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&traffic_source=snippet&session=85AD5D56E2433DA6&sp=730717&pb=305583&c=501093&a=309017
Request Chain 1015
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D545872%26a%3D323551 HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=545872&a=323551
Request Chain 1016
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D655457%26a%3D733068 HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=733068&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=655457&a=733068
Request Chain 1017
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484067%26a%3D310570 HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=310570&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=484067&a=310570
Request Chain 1019
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D603469%26a%3D307558 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=307558&extuid=26a2fa4e-2f3e-44eb-9c5d-705656140371&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=603469&a=307558
Request Chain 1020
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D538100%26a%3D297253 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=297253&extuid=569908430852131164&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=538100&a=297253
Request Chain 1022
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D736651%26a%3D751004 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=751004&extuid=569908430852131164&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=736651&a=751004
Request Chain 1023
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D746141%26a%3D753378 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=753378&extuid=o0sIVghABe0h&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=746141&a=753378
Request Chain 1025
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2405212159101885593
Request Chain 1029
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1508%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=1863272008 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/1508/569908430852131164?zcc=0&sspret=1&rndcb=1863272008 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 1033
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7597764471930027755&uid=Q7597764471930027755&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7597764471930027755
Request Chain 1034
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:59948840237444FFB186652355CB1705&gdpr=0&gdpr_consent=undefined
Request Chain 1036
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=undefined&p=M1717054901&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2 HTTP 302
  • https://a.audrte.com/p
Request Chain 1039
  • https://pixel.onaudience.com/?partner=214&mapped=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6bcc2b7bf5bd0e96/gdpr=0/gdpr_consent=undefined?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5f72766870583b8c82c87eabd99f6997&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=41e24d93-d54c-44df-8e10-335978a5e3ce&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=50d52feb844a13ef HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnpheHAtYkY5ajk1WTNKZ2Z6Zm9FR1B1YkFab3FwbVIybk55QlZPaW8zVG8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEClxdBnq0j4-IHBzTXYe7WA&google_cver=1
Request Chain 1040
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=undefined&gdpr=0&piggybackCookie=uid:3213fc64-36ea-4b3c-bc02-489b41ed3180&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1048
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=49&redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BuserId%7D%26dc%3D0abbcb4eba840e59%26fi%3Ded4a94647a2ace32 HTTP 302
  • https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
Request Chain 1049
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3Ded4a94647a2ace32 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=ed4a94647a2ace32&ev=1&us_privacy=${us_privacy}&pid=562965
Request Chain 1052
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Ded4a94647a2ace32%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ed4a94647a2ace32&uid=460bad56-ba86-4057-96df-cd3eb47a1283
Request Chain 1054
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Ded4a94647a2ace32%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=29bf7e01bf5130f&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Ded4a94647a2ace32%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ed4a94647a2ace32&uid=AAAHQ984-ACn-AMoigXKAAAAAAA&expiration=1706576448
Request Chain 1055
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Ded4a94647a2ace32 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=ed4a94647a2ace32
Request Chain 1056
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Ded4a94647a2ace32%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ed4a94647a2ace32&uid=569908430852131164
Request Chain 1057
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Ded4a94647a2ace32%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ed4a94647a2ace32&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Request Chain 1058
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3Ded4a94647a2ace32%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=ed4a94647a2ace32&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
Request Chain 1059
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Ded4a94647a2ace32%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=zeta&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZWQ0YTk0NjQ3YTJhY2UzMiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIlGDgB HTTP 302
  • https://p.rfihub.com/cm?pub=28593&in=1&rndcb=4596946682 HTTP 302
  • https://sync.1rx.io/usersync/zeta/969751697415783635 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZWQ0YTk0NjQ3YTJhY2UzMiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIlGDgB HTTP 302
  • https://ssp.disqus.com/match?bidder=37&buyeruid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZWQ0YTk0NjQ3YTJhY2UzMiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIlGDgB HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZWQ0YTk0NjQ3YTJhY2UzMiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIlGDgC&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.disqus.com/match?bidder=24&buyeruid=b82c204e-23a5-4c37-b8ee-e7d70eb88eda&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZWQ0YTk0NjQ3YTJhY2UzMiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIlGDgC HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ed4a94647a2ace32&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
Request Chain 1060
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
Request Chain 1061
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Ded4a94647a2ace32 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ed4a94647a2ace32
Request Chain 1062
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3Ded4a94647a2ace32 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=ed4a94647a2ace32
Request Chain 1063
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=48961215-5862-4647-9cd4-cab4f0e5ce54&ssp=eplanning
Request Chain 1064
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3Ded4a94647a2ace32 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=ed4a94647a2ace32
Request Chain 1065
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_user_id%7D%26dc%3Ddbfd729d40c9c3fc%26fi%3Ded4a94647a2ace32 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=ed4a94647a2ace32
Request Chain 1066
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=5198023404 HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005%26dc%3Dfc741bbdfeedcd57%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
Request Chain 1074
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706490047870.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 1076
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1709082048%26external_user_id%3D41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 1078
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
Request Chain 1079
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=vC4MldVUXx1-4THjD_zAjiaEdkk
Request Chain 1080
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 1100
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=72&pid=5e0e296628a061270b21ccab&key=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
Request Chain 1101
  • https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=23&key=933e2efb-9384-45f1-819b-125fe772a322
Request Chain 1102
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D41%26pid%3D5e0e296628a061270b21ccab%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=41&pid=5e0e296628a061270b21ccab&key=264943876892460233441
Request Chain 1104
  • https://match.sharethrough.com/universal/v1?supply_id=E5RP5Qpb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
Request Chain 1107
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=lZrk1sWX5NmOnuXYm86r1cWZ54KOnbWEmp4AGZ6j
Request Chain 1108
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=7be37ee5823e102b&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHJEC4Nl3DcgMNhJqXAAAAAAA&expiration=1706576448&is_secure=true
Request Chain 1109
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722214848&external_user_id=888d5bf4-8617-4ac8-bcc6-2af092319710
Request Chain 1110
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Zbb4vAAA0m8FLAAg
Request Chain 1111
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=95c619af-f55c-7348-b1a4351b
Request Chain 1112
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MGfTdgLu1Rug0Y5
Request Chain 1114
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vC4MldVUXx1-4THjD_zAjiaEdkk
Request Chain 1117
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=605b167c-5163-4ff0-8bc6-966ad113de3f&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=Zbb4wFVvkpzyqWGi7AwJyTvx
Request Chain 1118
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=oIOopaqfypAbJ0Gc5jjqtA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 1119
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=2686f86f-e79d-485e-ba10-74b2c691a418
Request Chain 1120
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
Request Chain 1123
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=2a135dff-ce5e-45de-a22a-8dd80cbab1d6 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBoAMvFQnDVHha_OLCcCIwQ&google_cver=1
Request Chain 1124
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=569908430852131164
Request Chain 1125
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7275493187359501348&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1126
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zbb4vAAA0m8FLAAg
Request Chain 1136
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7275493187359501348
Request Chain 1137
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6499456437357126316&expiration=1707699648
Request Chain 1138
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
Request Chain 1139
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=f5c2153d-a7ef-4252-a851-b13887473ee8
Request Chain 1140
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=b06607fcef9108b&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF4JnAkSDwywN4SwGQAAAAAAA&expiration=1706576448&is_secure=true
Request Chain 1142
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_3a32b05a45c5481c88778
Request Chain 1145
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LRY83WXS-13-DGE9 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LRY83WXS-13-DGE9
Request Chain 1159
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBoAMvFQnDVHha_OLCcCIwQ&google_cver=1
Request Chain 1174
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73&dongle=4430
Request Chain 1175
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=2686f86f-e79d-485e-ba10-74b2c691a418&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 1179
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAGDg07LbfEAABOt5hXgMg&dongle=bzwx&gdpr=0
Request Chain 1180
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=16b780358e98141a&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAHJEC4Nl3DlAMHp6_aAAAAAAA&expiration=1706576449&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 1181
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 1191
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&adnxs_id=569908430852131164&gdpr=0
Request Chain 1192
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001706490049-PIV1W3FA-T4HJ&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Request Chain 1193
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001706490049-PIV1W3FA-T4HJ HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Request Chain 1194
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001706490049-PIV1W3FA-T4HJ&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&rub=LRY83WXS-13-DGE9&gdpr=0
Request Chain 1195
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001706490049-PIV1W3FA-T4HJ%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&tapad_id=509c862a-d03a-43aa-a731-974d8d72abf6
Request Chain 1196
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&google_gid=CAESEC45vVvznuDSuIS9c9CqzKI&google_cver=1&google_ula=450542624,0
Request Chain 1197
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNjQ5MDA0OS1QSVYxVzNGQS1UNEhK
Request Chain 1199
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001706490049-PIV1W3FA-T4HJ&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001706490049-PIV1W3FA-T4HJ HTTP 302
  • https://ids.ad.gt/api/v1/colossus?cls_id=4059c788-c609-458d-bd4a-2742a3475cda&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Request Chain 1200
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001706490049-PIV1W3FA-T4HJ HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGDg07LbfEAABOt5hXgMg&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Request Chain 1205
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
Request Chain 1206
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
Request Chain 1207
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
Request Chain 1208
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Request Chain 1209
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 1210
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
Request Chain 1212
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D629501%26t%3Dimage%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%26bidder%3Dappnexus%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=appnexus&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%3D&uid=569908430852131164 HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%26bidder%3Dopenx%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%253D%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/1/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=openx&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%3D&uid=460bad56-ba86-4057-96df-cd3eb47a1283 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%26bidder%3Dsovrn%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/2/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=sovrn&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0=&uid=IEdcARZHXsIbyiq9SwayWrz3 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%26bidder%3Dindex_rtb%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/3/23905?us_privacy=1---&gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=index_rtb&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%3D&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F5%252F23905%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%2526bidder%253Dpubmatic%2526cbx%253DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%26bidder%3Dpubmatic%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%253D%26uid%3DB6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/cchain/5/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=pubmatic&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%3D&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%26bidder%3Damx_com%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/6/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=amx_com&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%3D&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%26bidder%3Dadform%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/7/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=adform&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAmZHNwPTYyOTUwMSZ0PWltYWdlJnVpZD0%3D&uid=6499456437357126316 HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=629501&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Request Chain 1213
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
Request Chain 1236
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Request Chain 1237
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 1239
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 1240
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adkernel
Request Chain 1242
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=&loc=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[UID] HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Request Chain 1246
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Request Chain 1257
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LRY83WXS-13-DGE9 HTTP 302
  • https://sync.e-planning.net/um?uid=LRY83WXS-13-DGE9&dc=9bcc91305985f0db&iss=1
Request Chain 1275
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[RX_UUID] HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=OPTOUT
Request Chain 1289
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Request Chain 1291
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=59948840237444FFB186652355CB1705&ex=simpli.fi&status=ok
Request Chain 1292
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 1293
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e0d9f86852vuzd500lry83yic
Request Chain 1294
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FGMyRixu_DgVHyivxn3d
Request Chain 1302
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2405212159101885593&gdpr=0&gdpr_consent=
Request Chain 1303
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 1312
  • https://b1h-euc1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D__ZUID__ HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Request Chain 1318
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=d378b713-1b81-5688-0a7a-46d810ec90cc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=03ewmqp3qg3hw
Request Chain 1319
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=vC4MldVUXx1-4THjD_zAjiaEdkk
Request Chain 1322
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=460bad56-ba86-4057-96df-cd3eb47a1283&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
Request Chain 1323
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRY83WXS-13-DGE9&gdpr=0
Request Chain 1324
  • https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_ed40bd2c-f36a-4e4a-860e-5e326e0cd80a&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Request Chain 1325
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adkernel&us_privacy=1---&khaos=LRY83WXS-13-DGE9 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=84&t=image&uid=LRY83WXS-13-DGE9&us_privacy=1---
Request Chain 1327
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
Request Chain 1328
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=H8rkIRuldlvq&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 1329
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=210aed4c-1290-40df-ade0-996605a0ba01
Request Chain 1330
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.krushmedia.com/42e07a438e71ad07eabd104f7c353355.gif?puid=14839fa2-63c1-53df-8bec-a8ea01ed3fd6 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcs.krushmedia.com%2F7fd23a3f0217f27d6c9750c140876344.gif%3Fpuid%3D%24UID&uid=$UID HTTP 302
  • https://cs.krushmedia.com/7fd23a3f0217f27d6c9750c140876344.gif?puid=264943876892460233441 HTTP 302
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002ZoRYhAAN&ru=https%3A%2F%2Fcs.krushmedia.com%2Fbab275f2c431a4602c12e1d489dd0838.gif%3Fpuid%3D33XUSERID33X
Request Chain 1331
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Request Chain 1337
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PDID] HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940
Request Chain 1342
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?uid=AAGDg07LbfEAABOt5hXgMg&bidder=beeswax
Request Chain 1345
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%3Cvsid%3E HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3494916401524150000V10
Request Chain 1348
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=9363056e-f379-a42f-e624-ad2d64afb44d&us_privacy=pbs-ozone
Request Chain 1352
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&s=pbs&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Request Chain 1353
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LRY83WXS-13-DGE9&gdpr=0
Request Chain 1357
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1&us_privacy=1--- HTTP 302
  • https://mug.criteo.com/sid?cpp=uAfH0HxBNjJpaU1rMEhBVUVJK1A2T3NIZ2hTcllIUVY1UTY2dHlPRmdTOEFJM2syUkhVNVRuZ3lUMXNDcGNpUnExRmE0YlE1empqTEgxcmxkNTJNNzBTUUN6NHhqMWE2THhMVkNkc3kvc2F1UjJzOVF1NE1pcG40bDZmYmVXNkg3YVlhYXJ0MHZSNEFLVmRtOS9mbHhpUXVwSFpoeEJ4VDJ1eDdzMkh1OUxWSk5zeWZKbjNHV3JUbG82TXo3VTZVS09LTWJWeGNQQXFHcCtDVnYyTzg5U0c4a21zRU9xL3dSbzZKM1lWZFdqd0NZR0Nlcmh0bzVuRS85S0xsUVBQVk8rRElYMTMxK1hSWWhBM1R4V2ZOMGVXQXgyQT09fA&cppv=2
Request Chain 1367
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2431DCD&sp=860902&pb=283366&c=750708&a=754412&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Request Chain 1369
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Request Chain 1374
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NzBiYzU1M2QtMTdlYy00MjJiLWE3YWMtZWVlYjVlYzFjMDJi HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 1375
  • https://pm.w55c.net/ping_match.gif?st=ShareThrough&rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DYnUBs5Yz9Zqjy9VCcoCxquFP%26source_user_id%3D_wfivefivec_ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=YnUBs5Yz9Zqjy9VCcoCxquFP&source_user_id=MGfTdgLu1Rug0Y5
Request Chain 1377
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Request Chain 1378
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3DB6C54284-E1B4-4E89-8D95-9C6E4F6A24B2 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Request Chain 1384
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=49&redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BuserId%7D%26dc%3D0abbcb4eba840e59%26fi%3D726ae5e0bff11241 HTTP 302
  • https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
Request Chain 1385
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D726ae5e0bff11241 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=726ae5e0bff11241&ev=1&us_privacy=${us_privacy}&pid=562965
Request Chain 1388
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D726ae5e0bff11241%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=726ae5e0bff11241&uid=460bad56-ba86-4057-96df-cd3eb47a1283
Request Chain 1390
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D726ae5e0bff11241%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=61678e4866ee141a&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D726ae5e0bff11241%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=726ae5e0bff11241&uid=AAAHaYfdwKIEaANES3-XAAAAAAA&expiration=1706576452
Request Chain 1391
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D726ae5e0bff11241 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=726ae5e0bff11241
Request Chain 1392
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D726ae5e0bff11241%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=726ae5e0bff11241&uid=569908430852131164
Request Chain 1393
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D726ae5e0bff11241%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=726ae5e0bff11241&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Request Chain 1394
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3D726ae5e0bff11241%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=726ae5e0bff11241&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
Request Chain 1395
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D726ae5e0bff11241%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://eexsync.com/ztgl358.gif?gdpr=&gdpr_consent=&us_privacy=&coppa=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D38%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzI2YWU1ZTBiZmYxMTI0MSZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgImEjgB
Request Chain 1396
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
Request Chain 1397
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D726ae5e0bff11241 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=csuid_0983445b-869a-4a0c-bbfb-ec07905c489b&dc=b337141cfdc8cf59&fi=726ae5e0bff11241
Request Chain 1398
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3D726ae5e0bff11241 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=726ae5e0bff11241
Request Chain 1399
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Deplanning%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=eplanning&user_id=k-tjiKgshAAZMRmtHJMFdIz0hSE5NBemds6t8VOQ&gdpr=&gdpr_consent=
Request Chain 1400
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3D726ae5e0bff11241 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=726ae5e0bff11241
Request Chain 1401
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_user_id%7D%26dc%3Ddbfd729d40c9c3fc%26fi%3D726ae5e0bff11241 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=726ae5e0bff11241
Request Chain 1402
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005%26dc%3Dfc741bbdfeedcd57%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
Request Chain 1403
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 1412
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=59948840237444FFB186652355CB1705
Request Chain 1413
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=f4f792d7-5274-4dab-801d-f0fe8546e2ad&ssp=index&expires=30&user_group=5&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1414
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=&gdpr_consent=
Request Chain 1416
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4c318e13d98a247655254ea5ac3ea1c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo2b61_7329319012296256201&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/4c318e13d98a247655254ea5ac3ea1c?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-B7s07.5E2oOVuJ_YdNVytq8Enhp8LqCDWRWixocF~A HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAGDg07LbfEAABOt5hXgMg&dataProviderId=817&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGMzMThlMTNkOThhMjQ3NjU1MjU0ZWE1YWMzZWExYw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENE-QsqyUZrIprWHMJY8XSc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=569908430852131164&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=3153556&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=2686f86f-e79d-485e-ba10-74b2c691a418 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent=
Request Chain 1421
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706490052468.2&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=569908430852131164
Request Chain 1422
  • https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=b82c204e-23a5-4c37-b8ee-e7d70eb88eda HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=121&external_user_id=b82c204e-23a5-4c37-b8ee-e7d70eb88eda&ts=1706490052&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1423
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDI2NzU4Mi90LzI/url/https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D44%26ts%3D1706490052468.4%26us_privacy%3D%26xu%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=44&ts=1706490052468.4&us_privacy=&xu=7275493187359501348
Request Chain 1424
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 1425
  • https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D HTTP 307
  • https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&gdpr=0
Request Chain 1426
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D40%26ts%3D1706490052468.7%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=40&ts=1706490052468.7&us_privacy=&xu=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=40&external_user_id=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2&ts=1706490052&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1428
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=6706e737-2b3b-4ae1-90dc-918a56782337&expiration=1714352452
Request Chain 1432
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.safeservingcdn.com&sn=ChromeSyncframe&so=0&topUrl=nypost.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=o2WDLnxPTy9Pb1dyZnpRZWxnK2NWTTZDTnZ4UWtMSFF3Vk5EZXdJV3dWdGFUeDhQZU1JakxoUHpCdGpmS3RJUmNqYUdXMmRvdVU0VVpvZVI3Y2l2M3Fsb1dET2ZRK0w1OWFwZjBFcEJsTXI3ZW5VTnBLUjVWd052QW9JWUlZVWMrYkJXajlGUXE1NEpydHFzR2pEb1RKd0JwZTRLS3RIOVBEWElyQlVsSCt3a3pUcFFKczBKOHFuakhuWUtPRStlV3lEVlk0RUdxcC85emJlNGc0VUdrdVo0Q1Y4Y05vSlM4ZnF5YzFadVdHSUphdHh5a2paNGpaelRibk5tTElXSktIcTVMRGhhS2NtNmFpNlF1S2hxRWl3dFJIVmpXZFlwYi9vMXZ0cWswR2dhLzBSRT18&cppv=2
Request Chain 1433
  • https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{ID5UID} HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%7BID5UID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=inmobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g
Request Chain 1436
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 1438
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=son&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=son&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Request Chain 1439
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dopx%26refUrl%3D%26vid%3D64900527033494916401524150000V10%26axid_e%3D%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=opx&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=b7f94b06-a819-495e-9e1c-734587ce42d2
Request Chain 1440
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dr1%26refUrl%3D%26vid%3D64900527033494916401524150000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dr1%26refUrl%3D%26vid%3D64900527033494916401524150000V10%26axid_e%3D%26ovsid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=r1&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 1450
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=FGMyRixu_DgVHyivxn3d&puid=&us_privacy=1---
Request Chain 1451
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&us_privacy=1---&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=Zbb4t.4rlh.cZ2F6j5eVAQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662067529212940
Request Chain 1452
  • https://cm.ctnsnet.com/int/cm?exc=19&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a591ea3200184fecb5ef4715ed7a1859&expiration=1709082052
Request Chain 1453
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a8e7a58-5360-4042-bd21-3b1e486462a2&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
Request Chain 1456
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=1---&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=&gdpr_consent=
Request Chain 1460
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
Request Chain 1461
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
Request Chain 1462
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
Request Chain 1463
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Request Chain 1464
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 1465
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
Request Chain 1467
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=59948840237444FFB186652355CB1705&dongle=yf3
Request Chain 1468
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=FGMyRixu_DgVHyivxn3d&gdpr=0
Request Chain 1469
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7275493187359501348&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 1470
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=kC2BrsAggaGLKYCgnnnOrcAugvqLKtD8nylZC8mz
Request Chain 1471
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=b16465b6-f8b7-4700-825f-1f6d618c12a5&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 1472
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Zbb4vAAA0m8FLAAg&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 1473
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix HTTP 302
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=888d5bf4-8617-4ac8-bcc6-2af092319710
Request Chain 1474
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=MGfTdgLu1Rug0Y5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 1475
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 1476
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
Request Chain 1479
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Request Chain 1480
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A
Request Chain 1484
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Request Chain 1485
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 1487
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 1488
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=713586109 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/rand=713586109
Request Chain 1495
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D343983%26t%3Dimage%26uid%3D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Request Chain 1496
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
Request Chain 1497
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adkernel
Request Chain 1506
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4c318e13d98a247655254ea5ac3ea1c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo2b61_7329319012296256201&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAGDg07LbfEAABOt5hXgMg&dataProviderId=817&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGMzMThlMTNkOThhMjQ3NjU1MjU0ZWE1YWMzZWExYw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENE-QsqyUZrIprWHMJY8XSc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=569908430852131164&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=308520&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=2686f86f-e79d-485e-ba10-74b2c691a418 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=12&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=202&userId=7329318908464986269&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=${TM_USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Zbb4vAAA0m8FLAAg&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=169&gdpr=0&gdpr_consent=
Request Chain 1511
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=LRY83WXS-13-DGE9 HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRY83WXS-13-DGE9&us_privacy=1---
Request Chain 1518
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1&us_privacy=1--- HTTP 302
  • https://mug.criteo.com/sid?cpp=Qs4zwXxyRjdqNjk5bm1OaVp2M2pPUVg4SXJKZnJMTHVBY25NbHB5dnZ0Yk5tZTdXaGJ6T3NIYjdpd1ZSNThDU3hKMDVqYm4xS09mYTJqUExHbVB0SEVwZFYvd2IzcUJoWjVzeFZ6THMrVEtDT25jOEVveWdYRjYyS3IxZkdjZUdVMFZLZmJIZWVFN2wvRVZJS0NPOTI2ZzdZZWh6RkxCTTBrYzlsbkx5NVlxRksyOTZLZ0NjOGlZclk5Ti9vbG9uL3BnWm1VNjN0MVRPRGNSc1RtMUYwdTBDc001Z2xjaUZXRGFFcGV5cVppMkJkNFFROWNHelNDY2NwVGZ4RWQ3QXhIM3kyV2FzNWQ2Q3J5b1RSemxpcFVhRnRKNGJtUCtYbU9QRTZ5a01Kc0M1UVlhZz18&cppv=2
Request Chain 1523
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fnypost.com HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E244B17B&sp=852559&pb=753264&c=750708&a=754412&domain=https://nypost.com
Request Chain 1524
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Request Chain 1526
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 1527
  • https://nep.advangelists.com/xp/user-sync?acctid=49&redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D167%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.bfmio.com/sync?pid=167&uid=av-fe0a58fc-35bc-4994-be9c-a4c4ce2035ae
Request Chain 1528
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=59948840237444FFB186652355CB1705
Request Chain 1529
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D147%26uid%3D%24%7Bssky_uuid%7D HTTP 302
  • https://sync.bfmio.com/sync?pid=147&uid=d6.e76e07904f87467aa0560fd6be8edb8f
Request Chain 1530
  • https://sync.bfmio.com/syncr?pid=180&uid=1 HTTP 302
  • https://sync.taboola.com/sg/beachfrontrtbvideo-network/1/rtb-h/?taboola_hm=2f2dd0d93af01ed1f16bd81432811c10616eae61
Request Chain 1531
  • https://sync.1rx.io/usersync2/beachfront HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D179%26uid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005 HTTP 302
  • https://sync.bfmio.com/sync?pid=179&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Request Chain 1532
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=49&redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BuserId%7D%26dc%3D0abbcb4eba840e59%26fi%3D650e9f26e182b7eb HTTP 302
  • https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
Request Chain 1533
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D650e9f26e182b7eb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=650e9f26e182b7eb&ev=1&us_privacy=${us_privacy}&pid=562965
Request Chain 1536
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D650e9f26e182b7eb%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=650e9f26e182b7eb&uid=460bad56-ba86-4057-96df-cd3eb47a1283
Request Chain 1538
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D650e9f26e182b7eb%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=17750400e610108b&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D650e9f26e182b7eb%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=650e9f26e182b7eb&uid=AAAHJEC4Nl3ETQMCtJ60AAAAAAA&expiration=1706576454
Request Chain 1539
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D650e9f26e182b7eb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=650e9f26e182b7eb
Request Chain 1540
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D650e9f26e182b7eb%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=650e9f26e182b7eb&uid=569908430852131164
Request Chain 1541
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D650e9f26e182b7eb%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=650e9f26e182b7eb&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Request Chain 1542
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3D650e9f26e182b7eb%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=650e9f26e182b7eb&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
Request Chain 1543
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D650e9f26e182b7eb%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NjUwZTlmMjZlMTgyYjdlYiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIbEjgB HTTP 302
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D343983%26t%3Dimage%26uid%3D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=176971&dsp=343983&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f HTTP 302
  • https://ssp.disqus.com/match?bidder=27&buyeruid=A4495936762966581276&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NjUwZTlmMjZlMTgyYjdlYiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIbEjgB HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NjUwZTlmMjZlMTgyYjdlYiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIbEjgC HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NjUwZTlmMjZlMTgyYjdlYiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIbEjgC HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=650e9f26e182b7eb&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
Request Chain 1544
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
Request Chain 1545
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D650e9f26e182b7eb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=csuid_0983445b-869a-4a0c-bbfb-ec07905c489b&dc=b337141cfdc8cf59&fi=650e9f26e182b7eb
Request Chain 1546
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3D650e9f26e182b7eb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=650e9f26e182b7eb
Request Chain 1547
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Deplanning%26user_id%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=eplanning&user_id=
Request Chain 1548
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3D650e9f26e182b7eb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=650e9f26e182b7eb
Request Chain 1549
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_user_id%7D%26dc%3Ddbfd729d40c9c3fc%26fi%3D650e9f26e182b7eb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=650e9f26e182b7eb
Request Chain 1550
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005%26dc%3Dfc741bbdfeedcd57%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
Request Chain 1551
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 1558
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1706490054179.2%26us_privacy%3D%26xu%3D%5BPUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1706490054179.2&us_privacy=&xu=0c76e7f2-ba47-446a-abb1-da8b922c46d6 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=0c76e7f2-ba47-446a-abb1-da8b922c46d6&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1559
  • https://cs.mobfox.com/4601c426c7c74dd7172eb80111ccb2bf.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D126%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=b060a4b1-4f5b-46cb-a377-2057d65cc65b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=126&external_user_id=b060a4b1-4f5b-46cb-a377-2057d65cc65b&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1560
  • https://match.deepintent.com/usersync/149?us_privacy= HTTP 303
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=75&xu=di_3a32b05a45c5481c88778
Request Chain 1561
  • https://ads.betweendigital.com/match?bidder_id=43963&callback_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D124%26ts%3D1706490054179.5%26us_privacy%3D%26xu%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43963&callback_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D124%26ts%3D1706490054179.5%26us_privacy%3D%26xu%3D%24%7BUSER_ID%7D&crf=1&rts=5737336993967891807 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=124&ts=1706490054179.5&us_privacy=&xu=f8b04070-229a-521d-b7ea-3719d25ccfdf HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=124&external_user_id=f8b04070-229a-521d-b7ea-3719d25ccfdf&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1562
  • https://ssbsync.smartadserver.com/api/sync?callerId=78&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D125%26ts%3D1706490054179.6%26us_privacy%3D%26xu%3D%5Bssb_sync_pid%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=125&ts=1706490054179.6&us_privacy=&xu=2405212159101885593 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=125&external_user_id=2405212159101885593&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1563
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1706490054179.7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=f5c2153d-a7ef-4252-a851-b13887473ee8
Request Chain 1570
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=882424164061&us_privacy=1---
Request Chain 1572
  • https://id.rlcdn.com/711587.gif HTTP 307
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Request Chain 1573
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2405212159101885593&gdpr=0&gdpr_consent=
Request Chain 1574
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
Request Chain 1576
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
Request Chain 1581
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=210aed4c-1290-40df-ade0-996605a0ba01&dongle=31ac&gdpr=0&gdpr_consent=
Request Chain 1583
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent= HTTP 307
  • https://eb2.3lift.com/xuid?mid=6126&xuid=5a8e7a58-5360-4042-bd21-3b1e486462a2&dongle=9e4f&gdpr
Request Chain 1584
  • https://event.hgrtb.com/sync/triplelift?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmfuid%26dongle%3D8f7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=7666&xuid=33e7505c-b727-4569-98b9-11a06ab4e987&dongle=8f7
Request Chain 1585
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7414&xuid=969751697415783635&dongle=U48
Request Chain 1586
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3DH8rkIRuldlvq%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=H8rkIRuldlvq&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 1587
  • https://trc.taboola.com/sg/TripleliftSCoD/1/cm?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7772%26xuid%3D%3CTUID%3E%26dongle%3Dtbla HTTP 302
  • https://eb2.3lift.com/xuid?mid=7772&xuid=5233d684-7765-4388-8fce-f79bbabc6716-tuctcb07e3c&dongle=tbla
Request Chain 1588
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3De31d6ac8-1779-4c98-ab2c-af9179c39dfe%26dongle%3Dc7e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=3396&xuid=e31d6ac8-1779-4c98-ab2c-af9179c39dfe&dongle=c7e1
Request Chain 1589
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7354&xuid=6499456437357126316&dongle=AD20&gdpr=0&gdpr_consent=
Request Chain 1590
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_3a32b05a45c5481c88778&dongle=fg7
Request Chain 1592
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
Request Chain 1593
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
Request Chain 1594
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
Request Chain 1595
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Request Chain 1596
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 1597
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
Request Chain 1599
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Request Chain 1600
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 1602
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Request Chain 1605
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=264943876892460233441
Request Chain 1610
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D343983%26t%3Dimage%26uid%3D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f HTTP 302
  • https://ssp.disqus.com/match?bidder=27&buyeruid=A4495936762966581276&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NjUwZTlmMjZlMTgyYjdlYiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIbEjgB HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NjUwZTlmMjZlMTgyYjdlYiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIbEjgC HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NjUwZTlmMjZlMTgyYjdlYiZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgIbEjgC HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=650e9f26e182b7eb&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
Request Chain 1611
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
Request Chain 1612
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adkernel
Request Chain 1629
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Request Chain 1636
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=6499456437357126316
Request Chain 1642
  • https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212440012054719
Request Chain 1646
  • https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=IEdcARZHXsIbyiq9SwayWrz3
Request Chain 1647
  • https://pixel.onaudience.com/?mapped=5f72766870583b8c82c87eabd99f6997&partner=104&gdpr=0 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-OP_q8g5E2pTIgeUESTubwSKPDmKxbrLvFA--~A&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=aa4d1cb88e3054ea HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=ZnJGd21lSVM5OU83WGZqaw%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMRQZkFzDMXZKfj0vi6apaE&google_cver=1
Request Chain 1651
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=559488885 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/rand=559488885
Request Chain 1654
  • https://beacon.lynx.cognitivlabs.com/ix.gif?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=cfd08bcc-90eb-4708-b389-0707c71d75d8&expiration=1738112456
Request Chain 1656
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
Request Chain 1657
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7275493187359501348&redirectID=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1580%26userId%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=264943876892460233441 HTTP 302
  • https://jelly.mdhv.io/v4/pixie
Request Chain 1658
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
Request Chain 1664
  • https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=VEUOBrrWWOrhYC5oqQHd&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Request Chain 1667
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1--- HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LRY83WXS-13-DGE9&us_privacy=1---
Request Chain 1670
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=IEdcARZHXsIbyiq9SwayWrz3
Request Chain 1671
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6499456437357126316
Request Chain 1672
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
Request Chain 1674
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Request Chain 1678
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=569908430852131164
Request Chain 1679
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=460bad56-ba86-4057-96df-cd3eb47a1283
Request Chain 1681
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3DCEN HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=CEN
Request Chain 1682
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=460bad56-ba86-4057-96df-cd3eb47a1283&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
Request Chain 1684
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A&gdpr=0
Request Chain 1685
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=264943876892460233441

1668 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/ 		389 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
0329dbea00fd27f10cda7d73d0011447a1053996f10d5cbd36a076701ddf2476
Security Headers
Name Value
Content-Security-Policy frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
private, no-store
content-encoding
br
content-security-policy
frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
content-security-policy-report-only
form-action 'self' *.nypdev.com nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:36 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://nypost.com/wp-json/>; rel="https://api.w.org/" <https://nypost.com/wp-json/wp/v2/article/22800468>; rel="alternate"; type="application/json" <https://wp.me/pb3Qpq-1xFru>; rel=shortlink
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000
x-cache
miss
x-content-type-options
nosniff
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
mia6 96 184 443
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dulN1EiikhiO8GlkrdtHlg==
age
56033
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6838
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 20:55:19 GMT
server
cloudflare
etag
0x8DC1DE7F0BAF2A8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9ff1c125-801e-000e-6504-501033000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84cd8a065a6d2888-MIA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
43816
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c19e7251-301e-0069-5d8f-1300cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84cd8a065a722888-MIA
pyz4pvc.css
use.typekit.net/ 		2 KB
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/pyz4pvc.css?ver=2215d40b31646cc01d85
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:8800::1728:cd92 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
32329c8f96118306f3c057574c0842cae4fcff8a148f7474143cbef89736effb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 29 Jan 2024 01:00:36 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
650
features
zephr-v4.nypost.com/zephr/ 		1020 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/features
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-79.phl50.r.cloudfront.net
Software
/
Resource Hash
87171d091d307d077266964e43251dbffd6d69c3fa0775e26481e08d31c949d6

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
public, max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
u7mcr1EVmYqtS2ue8LHR1K9fDCo93V8UjnWJiY4pDEevxEs-ft6MTQ==
x-blaize-request
751cb4f1
style.min.css
nypost.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 06 Dec 2023 23:23:59 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"6571028f-19824"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
mediaelementplayer-legacy.min.css
nypost.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 06 Dec 2023 23:23:59 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"6571028f-2bf8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
wp-mediaelement.min.css
nypost.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 06 Dec 2023 23:23:59 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"6571028f-105a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
inline-independent-assets-footer-more-stories.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		0
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/inline-independent-assets-footer-more-stories.min.css?ver=63192ae25d72ff0f6487
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-0"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
inline-templates-shared-article-like.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		0
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/inline-templates-shared-article-like.min.css?ver=af6fdaa225162a89ff82
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-0"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
inline-templates-shared-interior-with-sidebar.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		0
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/inline-templates-shared-interior-with-sidebar.min.css?ver=9d16f64011c70112051e
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-0"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
blocks-betting-offer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-betting-offer.min.css?ver=fc9f8cf47fe4bd41b574
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d098860773d68c5d80ac5f428b3c1d0ed991cb1f89964c20d059cb645aa4494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-810"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-button.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-button.min.css?ver=528b209ee66ccfbbf71d
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ad5f11dd00d48d6058bb7ab44edeb643ccb1c0ad2fc53703f3e898ef0229b681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-734"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-primary-tag-legacy.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-primary-tag-legacy.min.css?ver=d9111c46596640c2661a
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
27cd1d8d7fdbdbe767a21dbec8aa968cede6dbf7309a63e19790e085fe12160c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-8d5"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-gracenote.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		407 B
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-gracenote.min.css?ver=5deed44d9c878ef3780d
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
617bf1c27e03853ae5fa288ae5361889fc49736672164dbfd2007a2dcb8be86b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-197"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
407
blocks-info-box.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		470 B
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-info-box.min.css?ver=8e7aee9ffa433ba111c3
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
88a3cc1129efba74ef0734c1a455eab6807983115ae2aae02b4895d9cabc95cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-1d6"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
470
blocks-list.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
731 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-list.min.css?ver=dc778ea0dbc4f6619472
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cae751500b944f9a7a407f21634a7e8d8f484683de169acd9667cbe8cb27a94e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-7d7"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-newsletter.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-newsletter.min.css?ver=c68a86645d9234f30464
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
04f55d644236f3d7f72e5a3c53855a9ae2566c1eb8ff0ff9e88b4e8d1a480440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-1a63"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-syndicated.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-syndicated.min.css?ver=ae56eac2138b1cd61221
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c86554a8933a7bdf79a3d3ec72511c6091be0487cfef52a044214d68697dcff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-440"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-product-spotlight.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-product-spotlight.min.css?ver=f6a70a376f31d35ff8e0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
864e560f07813a71ffa8c22474d235a9dd4e2c2ea85fe8e27b6c5fd1441d4c96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-691"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-related-post.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		456 B
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-related-post.min.css?ver=db87877eeea2894b6a89
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
39bd8f88cc913df8e8d35757173c7b642b2db1e10ff08de81181d43648838766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-1c8"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
456
blocks-review.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
600 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-review.min.css?ver=f2dc4bd3eb1ef647bede
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
badbcf045249cc5d9eab597c09eac8e1e4cac6d32f71d0b73213411bec24040e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-422"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-comments.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		623 B
476 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-comments.min.css?ver=e68096d3ff149c59ca02
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
451ce2bcc056a9985c7d83a91689076e08450f9f5375b3f35ee6a6ff454eb6a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-26f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-promo.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-promo.min.css?ver=bda59dba1aa9f3c16863
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1d5efa1877ba09128cd3c07a1c9e9e0b2f7579817311cfd00b01a835d32634a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-734"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
widget.subscribe.css
nypost.com/wp-content/plugins/sailthru-wordpress-plugin/css/ 		2 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/sailthru-wordpress-plugin/css/widget.subscribe.css?ver=6.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63d-9a1"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
recirc.min.css
nypost.com/wp-content/plugins/nyp-recirc/build/css/ 		2 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-recirc/build/css/recirc.min.css?ver=be412ce2df78d5d3c9c1
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a4d229cc850db553b784b31777a9b9848abb1d4d7ef0b10783f108d8d756b90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Jan 2024 15:02:51 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65afd51b-9d2"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
social-logos.min.css
nypost.com/wp-content/mu-plugins/jetpack-12.7/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-12.7/_inc/social-logos/social-logos.min.css?ver=12.7.1
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c771f7a5ebc14ea9dece3a02207611906b4f54ee120b8c9fb842aadd3a0e9f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 24 Jan 2024 23:58:22 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b1a41e-3101"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
pb.js
pbcs.nypost.com/p/nyp/nyp/ 		849 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9a00:13:af59:7380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afc1daffbc2cbc869643cbf1c15494362d123871b192547b65fbf04b973e81aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:36 GMT
Content-Encoding
br
Via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
4
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-server-side-encryption
AES256
Last-Modified
Sat, 20 Jan 2024 00:29:25 GMT
Server
AmazonS3
ETag
W/"d4d6c3ff684e86b6a2eb5c3d2e4d8026"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
BIU6qUMTgS34MKA40Dck24YQPMoJ19YjTwTMJaRdOXRzlZvGxKkc-Q==
tag
btloader.com/
Redirect Chain
  • https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
  • https://btloader.com/tag?h=nypost-com&upapi=true
53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=nypost-com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d46924ab67fad2533df7b786bccc7a69f3936c2c06cf1705f623e760e6a8364

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 00:05:42 GMT
server
cloudflare
age
3278
etag
"f7ce92fd2d73cc89989ae0c2e27877aa"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
84cd8a0938f1da7f-MIA
content-length
18070

Redirect headers

date
Mon, 29 Jan 2024 01:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtL3hSlAshMUIk8FkHDUiGVveM6x5OUT8ry%2FCgF2whNcXJlj%2FVwPTnm9SO8D7b%2FmMFLDEuFqC8J6VXoO5U28hpFBpVCWdIKOuxcITtTyC0VooHCuT1Rj9PhMqLSLzJ5Yb%2B5IiTPUPX7A9u1WmmPguv%2Foe0kZ9W4wjJ8C"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=nypost-com&upapi=true
cache-control
max-age=3600
cf-ray
84cd8a087ba42887-MIA
expires
Mon, 29 Jan 2024 02:00:36 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=6.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-30.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:54:51 GMT
content-encoding
gzip
via
1.1 1d021a29a760cffd1a9d8324d2bfce92.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
346
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
qjplEksDg4YkO1T6dSkWU5Of4N50-UZA6cKVV2rFYtO_7NL5wqu6zw==
tag.js
nypost.com/wp-content/plugins/sailthru-wordpress-plugin/js/ 		899 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/sailthru-wordpress-plugin/js/tag.js?ver=6.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4c1242655366ec0f630dc122526413c4bf0a35c6a76f9c898ca72cb6b8500e19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63d-383"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
vendor-dompurify.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/vendor-dompurify.bundle.js?ver=7b8a38317f808ffde59d
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c812b0afd4f9e163aaa909f657bf3bb0fff3c080eddd4e2318f003374f659327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-5085"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
global-assets.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/global-assets.bundle.js?ver=95758cec1de2d7b4b21f
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c8ea1c9c15788cbe7883ac745144db2639c5469e7dd33ca34a16da17742f8f74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-aff"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
header-footer.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/header-footer.bundle.js?ver=37f33aa6a02da30b5491
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
795634e350bc3d8ee14f4fc30ee1e1781b49b3327eeb04d0d0ef34febf7b9111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-2e85"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
analytics.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/analytics.bundle.js?ver=dfdbd7f61be43ff1ba87
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
32ad2ce0b3c149e8e9e90671f4dda953c5cb04a744e4bb83c35e3e8c10fc3173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-c73"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
zephr.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/zephr.bundle.js?ver=1d2aeeb10fec4c74caf4
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
411c8ac2a8c4eb17f5f1d0d9419a21235a8dbb20b4fcd49d8dde46ed9178298d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-1f34"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-article-like.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-article-like.bundle.js?ver=735d9661bd930a12a527
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
565b3636034d3dc74fec7246fbab75c148763afdd54e02366ce4da53affac504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-4cee"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-article-like-scripts.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-article-like-scripts.bundle.js?ver=7826d22090127414f8a4
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
867ca574099cf443224cd0f111ec605234d362a42d99b378220a49e8bddbeee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-117d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-interior-with-sidebar.bundle.js?ver=766e3410ae03f53f155f
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
membership-shared.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/membership-shared.bundle.js?ver=1d604043d47ac3c1c5a5
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
membership-nypost.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/membership-nypost.bundle.js?ver=21f5805bb2aa8ab1e800
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
lux.js
cdn.speedcurve.com/js/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=263325431
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
8abe785b4022f4de20d901f25f4c9e4e4989b7b659357bd10958a141e98c51fb

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 05 Feb 2024 00:51:09 GMT
date
Mon, 29 Jan 2024 01:00:36 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
568
x-cache
HIT
content-length
8049
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706489469&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=tTCfN%2B%2BgVyqyem3bqzSoL6eS03Jg2WSuPSe4KHgm%2BMk%3D
x-served-by
cache-mia-kmia1760031-MIA
last-modified
Mon, 29 Jan 2024 00:51:09 GMT
server
Apache
x-timer
S1706490037.562477,VS0,VE0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706489469&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=tTCfN%2B%2BgVyqyem3bqzSoL6eS03Jg2WSuPSe4KHgm%2BMk%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24
button_3_bg-2.png
nypost.com/wp-content/uploads/sites/2/2023/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/02/button_3_bg-2.png?resize=231,45
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
73d3b0665c9ba0323fbadb5cd70a07ec2fdd1a7b2e550709a93c2a51027cfa15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Wed, 22 Feb 2023 16:52:01 GMT
server
nginx
etag
"103516fc588dae37"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2882
flbuttons.min.js
cdn.flipboard.com/web/buttons/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:5400:e:5a70:ca40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 06:47:42 GMT
content-encoding
gzip
via
1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:43:48 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608743508/ctime:1608745368/gid:1000/gname:ubuntu/md5:e9b04ad509ffb00302d9625f75774548/mode:33204/mtime:1608745368/uid:1000/uname:ubuntu
x-amz-cf-pop
PHL51-P1
age
65575
etag
W/"e9b04ad509ffb00302d9625f75774548"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-id
OlXjm6cY1YveMdS3064epYBz-CrY-8eHqWc513JVfv8ykjJw5YUrWg==
covid-relief-fraud-027.jpg
nypost.com/wp-content/uploads/sites/2/2022/06/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2022/06/covid-relief-fraud-027.jpg?resize=744,496&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cdffb25f7209dd25d349e20737bcecc19995b5ad7f3b460a3ce5da7d09ba234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Mon, 29 Jan 2024 01:00:36 GMT
server
nginx
etag
"29b19efc67af2627"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32476
covid-relief-fraud-026.jpg
nypost.com/wp-content/uploads/sites/2/2022/06/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2022/06/covid-relief-fraud-026.jpg?resize=720,480&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b015c6e172552731594356d4c15e127c2b2ec63cf884c6384e053467f4d3d024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Mon, 29 Jan 2024 01:00:36 GMT
server
nginx
etag
"56bf51ceb90eb643"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35836
covid-relief-fraud-028.jpg
nypost.com/wp-content/uploads/sites/2/2022/06/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2022/06/covid-relief-fraud-028.jpg?resize=1024,682&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a621ba231fe68f47705d441606c92faf0edf12d4a0c593b82c8330a44e31147b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 91 52 443
last-modified
Mon, 29 Jan 2024 01:00:36 GMT
server
nginx
etag
"5cb36c7bc1e02ff9"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
115234
sp_Sx8YukwE
launcher.spot.im/spot/ 		96 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_Sx8YukwE
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-90.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27039d1eb533c6cb80bc06c0c401a4cc55882874beb161f45afd1128343ca7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
175cLk5afu9N2X.U5FBEDb1hweB8tXE3
content-encoding
br
via
1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
date
Mon, 29 Jan 2024 00:55:54 GMT
x-amz-cf-pop
PHL50-C1
age
283
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24248
last-modified
Wed, 24 Jan 2024 08:29:22 GMT
server
AmazonS3
etag
"c0ab9cd92f83cf0bdc11ed20073dcdf4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
BICTX6N-nQe2cQ7sI_bQxI8EID0B007bnMC5razn2ZwZ1dfxLY9mQw==
main.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		647 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=fed61e76ec5a9ef320bc
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d4131b5cd22710d962f74fcd767581800edec31c6bc471c2e349ce8e563ecfc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63d-a1be2"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
client
accounts.google.com/gsi/ 		206 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be5abbd1b57a3367c168934f83509e575efffe12bd5193fdefbb385ad30d1da0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5A8ycc_lJ3koOzaLZ20BsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-5A8ycc_lJ3koOzaLZ20BsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 29 Jan 2024 01:00:36 GMT
app.bundle.min.js
nypost.com/wp-content/plugins/nyp-zephr/build/ 		303 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=2215d40b31646cc01d85
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a695c8264b883d3311dee0fce1e86e494a350c8c222b349c316f67970f319362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63d-4bbbb"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
recirc-outbrain.bundle.min.js
nypost.com/wp-content/plugins/nyp-recirc/build/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-recirc/build/recirc-outbrain.bundle.min.js?ver=2fe69f1aa386409a60f3
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f9cfc7bbf8be5970c78532521e9e130501ba32693976136b73fb4d7ae4580d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Jan 2024 15:02:51 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65afd51b-70a7"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
e-202405.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202405.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT mia
date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356930.8542
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Jan 2025 15:39:17 GMT
nyp-show-ads.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		17 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/nyp-show-ads.js?ver=869dd293421c93317414
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1bdd89c67019b334afbefd6a16df2b40aa4dc5851bf2b7ba7b627f60cf18f03a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-11"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17
sharing.min.js
nypost.com/wp-content/mu-plugins/jetpack-12.7/_inc/build/sharedaddy/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-12.7/_inc/build/sharedaddy/sharing.min.js?ver=12.7.1
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 24 Jan 2024 23:58:22 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b1a41e-2259"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
conversion.js
www.googleadservices.com/pagead/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
bd1eeab01ddc90adab4171265ea26531a6809f200f42b5d0e00912851dc8c370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18776
x-xss-protection
0
server
cafe
etag
20545684779221730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:36 GMT
6c0f8417-b563-477c-8b00-33914cb4600e.json
cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/6c0f8417-b563-477c-8b00-33914cb4600e.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ddd053bebc78d78c03e6cdfd711ffda44f3ab0a39fca7ba857fa5dbee21637f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
24068
content-md5
DlHjY08lHbefDsqTDgTMEw==
content-length
1842
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:17:56 GMT
server
cloudflare
etag
0x8DC0708262690B9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fd8d88f9-001e-002f-16f1-383448000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84cd8a06f8efdb1d-MIA
expires
Tue, 30 Jan 2024 01:00:36 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		77 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd4b7b0f1ec42c1de66868b52d5f571c70211ade3dd1ac1dc2487777bba880b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
84cd8a086fc38dee-MIA
vary
Accept-Encoding
content-type
text/javascript
global-assets.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		87 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/global-assets.min.css?ver=c76a504ca96e05028785
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b35c7c14124f5a83800b2d1c2f5aecf2373ddba258d7c29a02127250b9ea9b5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-15d23"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
header-footer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/header-footer.min.css?ver=3a96503df43622b00f56
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c687836125be36431dfd234ca15a41d038bbfb3d9e68ea70e1bc11b0c4140f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-5f7a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-core.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-core.min.css?ver=9500b18441dfea33535d
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a2557d9fdd74362e6ad2a62c7955807f77dcae19f5b071c55a9263e3897dbf18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-4ad0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
zephr.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		659 B
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/zephr.min.css?ver=5d4fd8f6c71fc6851ff5
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-293"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like.min.css?ver=ff4b4ef4ec49db8a3b32
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
247a79e74acf03cb025c078ea53ec637cb2482b627fa123aa9e52d35a409731c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-3701"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like-scripts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like-scripts.min.css?ver=bb24c4938542617d459b
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e7da1a29f7a8bfc1ca3aa2f2ed3fbf15e0f15dff3b4e8dfdc1702b18f026f250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-41b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-interior-with-sidebar.min.css?ver=b282a27becba55dc7370
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5e02690835310ac94e691785e98877789b1bfe59dfb8d91da73fa4b4f9ecb4db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-18cd"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
footer-more-stories.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		653 B
533 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/footer-more-stories.min.css?ver=ceadc18f1395811d4ff8
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
97198fb319028a7262e6de01f498e40e4bf7d677ced53f3f77cd15afa12a6e36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63e-28d"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-shared.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		207 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-shared.min.css?ver=a7f4e5ef1d330937bb58
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e484d999ed5e4e6483e73bd60efcdc276f8925428803e51d69714c306b00c97c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63e-33c16"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-nypost.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		55 B
268 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-nypost.min.css?ver=ea7acfd90d7378940c51
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-37"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55
widgets-trending-now.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		147 B
361 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-trending-now.min.css?ver=f354e16ec85a0e6ac708
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ae940071bb48dbbf4995f6b52dfd378c2635dd8520c8e6ae146e435bbb70186d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 185 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-93"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
147
widgets-now-on.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		313 B
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-now-on.min.css?ver=f813e8de02282ad2529b
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-139"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
313
widgets-custom-posts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		68 B
281 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-custom-posts.min.css?ver=ed75ce2025f997eeeed7
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 96 184 443
last-modified
Fri, 26 Jan 2024 17:05:02 GMT
server
nginx
etag
"65b3e63e-44"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68
0aba2fbe-fa67-46b3-ad27-7bfc08b7cc52
https://nypost.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/0aba2fbe-fa67-46b3-ad27-7bfc08b7cc52
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=pyz4pvc&ht=tk&f=39500.39501&a=738589&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=2215d40b31646cc01d85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:8800::1728:cdca Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/pyz4pvc.css?ver=2215d40b31646cc01d85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
last-modified
Sun, 01 Oct 2023 12:40:02 GMT
server
nginx
etag
"651968a2-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
84cd8a07be427bf9-MIA
access-control-allow-headers
Content-Type
113d17a50d1f6f2111489-prod.js
meadowlullaby.com/j/83b3b1be082545d/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meadowlullaby.com/j/83b3b1be082545d/113d17a50d1f6f2111489-prod.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
3df6a5878edb912c914ce747817097f92b7f8a6fe6c98387f81a663d2d9cc5a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 29 Jan 2024 01:00:36 GMT
x-datacenter
gce-us-east1
etag
"447f147cb1dfd7892b947b65617eea3be866bfc510623a644ac8eb2979cc8bf3"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-bjwp
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		291 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d06bda9e7df477691c5e171bd25ddd05b8c5afb6389836b6916900998ec4b1ba

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		404 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5662149034f5fd127ca3fac155c369590a333672567f6d75983f58984d0b7d7b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/384d9b/00000000000000007735bb6a/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/384d9b/00000000000000007735bb6a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=2215d40b31646cc01d85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:8800::1728:cd92 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741

Request headers

Referer
https://use.typekit.net/pyz4pvc.css?ver=2215d40b31646cc01d85
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
server
nginx
etag
"23427917d6d72688888854d7151dc7962d8d8301"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25828
l
use.typekit.net/af/fcc1c9/00000000000000007735bb6c/30/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/fcc1c9/00000000000000007735bb6c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=2215d40b31646cc01d85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:8800::1728:cd92 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c8303d94c22f8d08a2bbf554557afbb554161aa594d248b2c77286b1d3c98252

Request headers

Referer
https://use.typekit.net/pyz4pvc.css?ver=2215d40b31646cc01d85
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
server
nginx
etag
"4a18a3989731aaa007ed313e06dcae2e9eeac63d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27920
2022-federal-complaint-filed-fbi-75533117.jpg
nypost.com/wp-content/uploads/sites/2/2024/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2024/01/2022-federal-complaint-filed-fbi-75533117.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b0c53482a3850682b696c662af94f122f60d1637ea11b2f31bfec662d57b160a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 87 107 443
last-modified
Sat, 27 Jan 2024 08:38:44 GMT
server
nginx
etag
"eafd6a7d9f92e439"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8100
los-angeles-beach-death-comp.jpg
nypost.com/wp-content/uploads/sites/2/2024/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2024/01/los-angeles-beach-death-comp.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bcdcf8313cc8c169736aea2fd3e3b3c6be562a6396679d9433668cbce2c13cbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Sun, 28 Jan 2024 04:39:19 GMT
server
nginx
etag
"a9495a42c06c026a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7134
newspress-collage-f3jx4ao7g-1706485581292.jpg
nypost.com/wp-content/uploads/sites/2/2024/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2024/01/newspress-collage-f3jx4ao7g-1706485581292.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
933b7e76ce87d2b7c582a3b6ba2a865a182ab639bcd54cecf3c15b439d965e15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 86 443
last-modified
Mon, 29 Jan 2024 00:43:31 GMT
server
nginx
etag
"9251a82727e2a075"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10184
newspress-collage-udc8o8bej-1706465893115.jpg
nypost.com/wp-content/uploads/sites/2/2024/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2024/01/newspress-collage-udc8o8bej-1706465893115.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
484e63c4e8ae4df9a742aa0ce1bd0de5d0be604407c3c1b56bf6d84527dc326b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia6 80 130 443
last-modified
Sun, 28 Jan 2024 18:32:52 GMT
server
nginx
etag
"f98f63d45f4e4a74"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8830
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
62778
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:28 GMT
server
cloudflare
etag
0x8DBD0539A07337D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ebd2dd6e-701e-000a-56c3-139d34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84cd8a085e792888-MIA
gtm.js
www.googletagmanager.com/ 		265 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9eba50f5f23cfee2437c8e4069b05004f0b7fced6722d1417badabfb095912f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89035
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 01:00:36 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.11.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-11-142.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 10:38:09 GMT
Via
1.1 f300b5f0c0ff51593fb31953294424c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL51-P1
Age
51747
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
0DS0PvXHpz8FMsCMXQ0OxqP3_3-fTW5jcUbkFi6TTtsJ1yxUjvDtEA==
Expires
Mon, 29 Jan 2024 10:38:09 GMT
Bennifers-night-out-with-kids.jpg
pagesix.com/wp-content/uploads/sites/3/2024/01/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagesix.com/wp-content/uploads/sites/3/2024/01/Bennifers-night-out-with-kids.jpg?quality=75&strip=all&w=1024
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f80388db3c66a366d0639235c9538f48bd799a0ac917805b202bcd9f138bdbd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000
x-rq
mia5 80 86 443
last-modified
Mon, 29 Jan 2024 00:50:49 GMT
server
nginx
etag
"ec2a2b1a832cc99d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
88656
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/?random=1706490036569&cv=9&fst=1706490036569&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tiba=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&hn=www.googleadservices.com&us_privacy=error&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75dcf9ccd3cfab3ebd27c9b1709617c630eff12a1929c0f255081341ac192803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		291 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbab34be9a5d608624d1441cb577863c0b0caa1e9a7f52a0957f84e1dfc7df1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c66fcbd005b49322f31177cd407cb74dbcca28d8dd197efc3aa2e754e724450

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20b7efe8486155db01ea1304479465917360eb8fec4092f7592b5eabc9b24d53

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		144 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbf903684c94e204498e6645da2359da42517d09a3d9c330f43e9c66fa58b5b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		419 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba0e4777ade6e76d319d95ffe9cf484ea240834e319431ff6b0a2a09bd2e3107

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		607 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa7791fec913342ea73faacc4e2b72f72e264b8d305946ddd559384bf4d124a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
569570d532fa6c2737ee3dccac947e9f02fbb9dde932e4f704d7ba37ca0fc7f1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		353 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4808c8e8e2350265366b6e9b590043f18be423649ffdfaaa4a87c4edc2961d5b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		342 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
538be4d0f583d206b41eaf40ba202b642d3b7bca07ad734c834ef7ad8d13a700

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
en.json
cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/0339cfb4-4cf8-4e8c-a19d-fd5f2e2e3488/ 		490 KB
88 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/0339cfb4-4cf8-4e8c-a19d-fd5f2e2e3488/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51704bd533ca1f892815e534f93b5cf91c3ddd998b7b097250d078b470c48a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
24065
content-md5
pvpogCIVcCTa6AGDAs4Fhg==
content-length
90199
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:18:43 GMT
server
cloudflare
etag
0x8DC07084237E1C1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dd871607-a01e-0019-6ef1-38b938000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84cd8a093cc9db1d-MIA
expires
Tue, 30 Jan 2024 01:00:36 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=zaaegs_728x90_
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:43 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
4174255
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
gHXttUtKWIHjyURjU4k2GSjWijn3MLKmH4Y_dRjE0AN0W7tPNNrvKQ==
clear.gif
cdn.flipboard.com/dev_O/ 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flipboard.com/dev_O/clear.gif?utm_source=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:5400:e:5a70:ca40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 18:40:09 GMT
via
1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:41:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608745226/ctime:1608745224/gid:20/gname:staff/md5:ad4b0f606e0f8465bc4c4c170b37e1a3/mode:33188/mtime:1608745180/uid:501/uname:greg
x-amz-cf-pop
PHL51-P1
age
22828
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
EXSSLt_Id3yYiH29w4O0MM-8MV172JowPcklbtZTQ0UimbDWPSHpLA==
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2481570
x-guploader-uploadid
ABPtcPo4v-lihO1QF2uZKwIHI4MwQbVPvYVOsDS0VC65Wwih1u5eW_D8Iss1Wj-OLWB-F776sD4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VR0TqvFV0X6yBXs8urnIDooSMFnJIqmUXpDfc4WY0s9aasv2t5W%2BFwR0VV%2FwOsoKrKv8HOaryZtl5blSL8FHsOUnEf32%2F3jbHdaSERK5r4Ak%2B%2Byh4iBohKrdwcH1aPyB4XO3psINJQ%2B7EpkJxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84cd8a0a18a331de-MIA
expires
Sun, 31 Dec 2023 08:39:47 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 06:52:02 GMT
x-content-type-options
nosniff
age
65314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1078
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 06:52:02 GMT
px.gif
ad-delivery.net/ 		43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8832962684778254
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2481570
x-guploader-uploadid
ABPtcPo4v-lihO1QF2uZKwIHI4MwQbVPvYVOsDS0VC65Wwih1u5eW_D8Iss1Wj-OLWB-F776sD4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdzsgmYGEkZEE6HgyvZBsKLgYvclA5lHpUh4Nv3RgORfYAIyWKNdCNS%2B8uQ0OTTtyVDg2v9%2B2pcK2Qia%2FCwDyhpF2cA4Z0PDThzaevkf3%2FlrCAqBcam4lAMMWC%2B0ffvwXB3ihkXcqIES5r3e2w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84cd8a0a18a731de-MIA
expires
Sun, 31 Dec 2023 08:39:47 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ku3O1VFWoltPW4n5m1lGVQ==
age
53987
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:22 GMT
server
cloudflare
etag
0x8DBD053964DC527
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8b28181d-101e-0023-7093-0ca340000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84cd8a09ee32db1d-MIA
otPcPanel.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 		64 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a14854a5e198f939ca07cf5fea4418466f196a1dfa72e829dfe0157850d39392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+DxrFV52WFjUK7rFuDAFLQ==
age
63166
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12874
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:24 GMT
server
cloudflare
etag
0x8DBD05397B84356
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a28aaf48-e01e-0018-6eda-12e6e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84cd8a09fe34db1d-MIA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
54529
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
3d977eea-801e-0088-198b-22dc8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84cd8a09fe35db1d-MIA
p.js
cdn.parsely.com/keys/nypost.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/nypost.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-58.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
30b995ac57877f6c065e75d16585d0f2479a730503f93ca27a28c3f6123ff77c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Sun, 28 Jan 2024 12:51:06 GMT
content-encoding
gzip
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 16:15:59 GMT
server
nginx
x-amz-cf-pop
PHL51-P1
age
43771
etag
W/"6579d8bf-12651"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
mI3JxqLqG4IftTYzvejifFQuD-0YN17YP9c6q5biMUXPU_wioIddvQ==
expires
Mon, 29 Jan 2024 12:51:06 GMT
/
www.google.com/pagead/1p-user-list/988380111/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/988380111/?random=1706490036569&cv=9&fst=1706490000000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tiba=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_xMdkcLzPi0xtn-3Zd0w98_2BwoFJ-w&random=2980683826&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nid_sp.js
nid.nypost.com/prod/sp/ 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nid.nypost.com/prod/sp/nid_sp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.206.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.206.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f34c8e47b276629a716cea9d7e2555f948db14bd4d250c5b0af3b1092697a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:19:38 GMT
via
1.1 google
content-encoding
br
age
2458
x-guploader-uploadid
ABPtcPoDJb5x-RgsCf8rj5XCiHj9j5achn6rCIq_XkPS7q0j2EGxM5J6MtwAdBRROvre9u2Y_qWuCNQNhw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23363
last-modified
Wed, 16 Aug 2023 07:10:34 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1692169834387192
x-goog-hash
crc32c=jx66WA==, md5=RzA+xGu4wsrxwc6aPvPtUw==
content-type
text/javascript
cache-control
max-age=2592000
x-goog-stored-content-length
74303
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58cb25578b54052101704cded1082cec36d3e7c750e25b319e8cf5005dcf67ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80294
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 01:00:36 GMT
ncg.js
us.tags.newscgp.com/prod/ncg/ 		163 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/ncg/ncg.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-84.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c985a27afd23841c9f626469575d28b78862fd333620293aadac4646651013e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 16:13:36 GMT
Content-Encoding
gzip
Via
1.1 bbd89b29eb16bb369cdc097594fa8260.cloudfront.net (CloudFront)
Last-Modified
Mon, 08 Jan 2024 15:39:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL51-P1
Age
31622
ETag
W/"902f2d57c4e6a1783776521d20ab8c32"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
wY0y0zkOhlWC3KN4RvyKXKKAoKy4ovhJP6DaynBvJ8P4joxARUfKxw==
a-01qt.min.js
b-code.liadm.com/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01qt.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:dc00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f4bab2c497229cea30bfad39f6cdf690c738ca7b33d90dd9704500f74b204c01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 12:18:12 GMT
content-encoding
gzip
via
1.1 0112af6219abab80a1c298e0563cf966.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
45745
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
i0THAm6cSoteOkgHHj61GAdPQwN-qNgGOUgvjVp-bVQQWgR7JlWjCw==
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34ad52a87908ca3342c274201e537a08d03e3825ac5616a809a2da4d2050bcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80272
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 01:00:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 23:16:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6236
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Jan 2024 01:16:40 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		283 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:10:56 GMT
content-encoding
gzip
via
1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront), 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, PHL51-P1
age
2982
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
twhOrj3cn5wBbVJelJrFNKdpRJsX2GztCJzTcxLWEGNFeO84Fs5IYg==
f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/ 		406 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a1419027bc6deaaf880812f9b1d10753d24184419b99514d7888961c3fab04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
0cf17917-395b-4f25-91cc-db3bdd6044b0
age
0
x-guploader-uploadid
ABPtcPqxjXSROA5lF0Hiqt8jZMIZMVoN358PlEJo9SkGZrDFUuTLNkxrg8svD1TJlEpCDGgro5E
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
100622
last-modified
Fri, 22 Dec 2023 13:55:02 GMT
server
cloudflare
etag
"dd022bac39b59eb88bcc4a62b6bd16db"
vary
Accept-Encoding
x-goog-generation
1703253302689888
content-type
application/javascript
x-goog-hash
crc32c=taA1LQ==, md5=3QIrrDm1nriLzEpitr0W2w==
cache-control
public, max-age=900
x-goog-stored-content-length
100622
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84cd8a0b0f716da3-MIA
expires
Mon, 29 Jan 2024 01:15:36 GMT
op.js
tagan.adlightning.com/nc-nypost/ 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/op.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38565ce71b9ad1a675d2fea54602a11b0e1c8456b1d01623bde5510a0a9f892d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:57:35 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
9AiKOpfk9J1_h2Nz2Tzly0qSy6ku0Kbe
x-amz-cf-pop
PHL50-C1
age
183
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7784
x-amz-meta-git_commit
250cc79
last-modified
Sun, 28 Jan 2024 01:17:59 GMT
server
AmazonS3
etag
"8abbbb7bdb03d1c6df8b7639da807627"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
nttB2lvMK2NhzHEAhMN0HyFSbXLbCRE1m9kTEgPiDk0j_82688PCrg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e164f5e72707a8b1ea337c25e74dfacec8765610ab3f8af01a64b38259328ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29597
x-xss-protection
0
server
cafe
etag
757 / 19751 / m202401230101 / config-hash: 16415232170016434785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:37 GMT
pushly-sdk.min.js
cdn.p-n.io/ 		275 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=lGrO4sEYCy0zUu2DRBSBxuOWIGo8lGqPv8wE
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-50.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56570d2693e3ef40cf0f3f52567d199d922e052a499bca55510e13a3fd80cf61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:56:40 GMT
content-encoding
gzip
via
1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified
Sat, 27 Jan 2024 04:45:32 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
237
x-amz-server-side-encryption
AES256
etag
W/"41ac0e3c0cc0017ada8e4c5e4761456d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
H1anjrmlfhIHu2Ys9UXiEVVi9I8e41gwGRhjW5BkoCstKqMONjId_w==
newscorpjs-1f38g3
segment-data.zqtk.net/ 		23 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/newscorpjs-1f38g3?url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.167.63 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-167-63.ip.linodeusercontent.com
Software
nginx /
Resource Hash
558eb4d6de8f263a292d618186ac5d1270fdf3718f2b52277cb2ccf6cdfe6158

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
last-modified
Sun, 28 Jan 2024 19:07:36 GMT
server
nginx
content-type
application/javascript; charset=UTF-8
x-result-id
Guo9R58KMGu
cache-control
max-age=30
content-length
23
expires
Mon, 29 Jan 2024 01:01:07 GMT
93051X1547088.skimlinks.js
s.skimresources.com/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
6ad8f8c68fcd3042d30a385f8476c8ea8b6d53c8e3812e35b567f9bbb6bed177

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2023 15:01:45 GMT
Server
AmazonS3
x-amz-request-id
K3P60JE9RHYJ8F8J
ETag
"2e4d1cc7479d136c7f4a0a10049a94c9"
X-HW
1706490037.cds230.mi1.hn,1706490037.cds243.mi1.c
Content-Type
application/octet-stream
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16136
x-amz-id-2
YbDdIsH3HMwLFRUEP06gdpFW+gw+Zd2fFJK6Tg55mGqMI1VEH3NXd7NmoZzT6ZOBvDByNhsjvJ0=
outbrain.js
widgets.outbrain.com/ 		244 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f26fa8ac1047495641561b42052b197c7ccf5949cfa300971e1c79e598aa4c1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 07:45:08 GMT
etag
"13d4-KfGvu7o1tEdb1D8k4ZRju40Pbhk"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
35c3c38ce9dbea39885fbc12d5ef4c12
timing-allow-origin
*, *
content-length
89013
access-control-request-headers
X-OB-STG,X-OB-PRD
index.js
nypost.com/wp-content/plugins/nyp-aqfer/build/global-uid2/ 		1 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-aqfer/build/global-uid2/index.js?ver=85fa1c138c0df71fad34
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2481652cf8e27c6df54124ca8b2992688a4e36f91afdadb5a2d3c5de49f63677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63d-50d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
index.js
nypost.com/wp-content/plugins/nyp-aqfer/build/global-aqfer/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-aqfer/build/global-aqfer/index.js?ver=e9ef5d60777499f270f0
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe85befc4a3aaf20ed6c75a929f8a21b7faf9e8aa2d4b3f40bdc1458a41ffe8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63d-12b4"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6390601/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
18.238.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-53.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 04:24:40 GMT
content-encoding
gzip
via
1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
74158
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
D0KpjqNqPO30uhTB-jtnvVz7vX1_AT_Y2UhPos5d-VJmw4Ohe0bXow==

Redirect headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
E6G1yY1t4Kp9O8n1cVFNzBdVlfPJiX5GnyUwwsvzeWx0TrqN0-wW1g==
native-loader.js
video.unrulymedia.com/native/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b8eb6f627d2b3b6087c9b80548a1822bfd63f5dcea868f996a4c5e0932863e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
x-amz-version-id
z_dySaxByB9wbNOD5Bjh5jqsWk6A7Mwx
cf-cache-status
HIT
x-amz-request-id
MN92479G0TQRBTPV
age
28
content-length
6659
x-amz-id-2
oRJLmLBqqZjN50XuBqWnAYPDJQ76wNxdpWMRU0Oox+autrRsDzogZSwC5UM1FU2f69RZcpS97pU=
x-amz-expiration
expiry-date="Tue, 13 Nov 2029 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 14 Nov 2022 15:41:58 GMT
server
cloudflare
etag
"aa008fe9bcc41b4a3eb716f1d30027b2"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84cd8a0c6cc009ba-MIA
expires
Mon, 29 Jan 2024 05:00:37 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/01ae14ca-1fa2-4758-b53e-af78d90b6a28/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/01ae14ca-1fa2-4758-b53e-af78d90b6a28/launchpad-liveramp.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-58.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe442a044ff3943b427495a5971519f2084c1ed638a42b6295c6502db716dff5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
sQGn99IErb_.TEh.ImCYD8W_KlWI7vSu
content-encoding
gzip
via
1.1 e2aea636b5bbfa67100e8bdb9eda1cf6.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 10:27:25 GMT
x-amz-cf-pop
PHL50-C1
age
52393
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Tue, 03 Oct 2023 15:17:11 GMT
server
AmazonS3
etag
W/"fd6c23edc888f6f7f5f73ee1a29b6d9c"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
c47_NKY6da7L03RMoALJVO_OxGJG8Wv9noB9rArJ2CEuT_6ZM2VqUg==
i.js
tag.bounceexchange.com/2045/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2045/i.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
75c6adbeca69d9f78c4363ba982318b344531e49962b2fda139de5a8e8909547

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:04 GMT
content-encoding
gzip
via
1.1 google
age
33
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5581
server
istio-envoy
etag
8796ce65ec321c
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=33405
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.90.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-90-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bfd73655552ce0e5e0587417bf9d08a6b1df69a425a569862454e7f883273628

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 05 Feb 2024 01:00:37 GMT
date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=UTF-8
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
517 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
49488
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 20:55:21 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
03a6e3be-301e-0079-221c-50c5a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84cd8a0b3906db1d-MIA
download.png
cdn.cookielaw.org/logos/8930e991-baac-4a05-89f0-fc400879fa8a/3ebfa577-6728-4367-9384-2639ca4927aa/6777f08f-0b13-4889-8756-c821baee465b/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/8930e991-baac-4a05-89f0-fc400879fa8a/3ebfa577-6728-4367-9384-2639ca4927aa/6777f08f-0b13-4889-8756-c821baee465b/download.png
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b616694f1262a8d042679be7f51e1b2a401bdd34329f6b72b164dd49cc4961
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7T3i6T4EXjFFdT0Pyanf0w==
age
57680
content-length
24499
x-ms-lease-status
unlocked
last-modified
Wed, 19 Apr 2023 18:21:04 GMT
server
cloudflare
etag
0x8DB4102D60FBC53
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
36fe4399-401e-004c-3eb7-21a9b3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84cd8a0b4cf22888-MIA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 01:00:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
63357
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 20:55:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9f383b3d-d01e-003c-600b-501044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84cd8a0b4cf52888-MIA
trace
www.cloudflare.com/cdn-cgi/ 		318 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce168519ba463793752d8f886fb108fd6f7909f486de20126699ac190441ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
84cd8a0bfb1d746e-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
prebidrtdclient.js
warp.media.net/js/tags/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/js/tags/prebidrtdclient.js?cid=8CU3I8M1G&dn=nypost.com
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b61ed7bd04ba83acdddf4c23dc77a8fb30fd935618281e07ffc6bb0c27b36cb9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Mon, 29 Jan 2024 01:00:37 GMT
server
Apache
etag
"15147514721718005110"
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
content-length
31981
expires
Mon, 29 Jan 2024 01:30:37 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
events
direct-events-collector.spot.im/api/v2/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-65.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
Sgnp-oClbav8rTuLwMLu4w5c8L_JC531WRRGQ_Dv3D9664GjiA77aw==
x-cache
Miss from cloudfront
386-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/386-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2c02b1531be94cbf6f2a077b9d2bd90bdab82ea0872b3daae8d5091e57d0e22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 10:15:07 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
TJp15Iz1VE0kT3gPKovlYkd6YX0pNLAn
x-amz-cf-pop
PHL51-P1
age
4891530
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
22998
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"85216e38d3203fb8b2485d233fba267b"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
x0lP01Fc6e5nlcczR3YGMh1gJNkUkQnPsthxqefse_Zth6paUvLYqA==
450-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/450-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e55b83e55faa42ee2a4644ec2219fca03734d82db3b7e584ec34c259175bb333

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 10:15:07 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
VmIMDqIH8qo7tarXNaMw9SeARaCNe5f4
x-amz-cf-pop
PHL51-P1
age
4891530
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14734
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"47398ea22ad5ad54f640d2d16f5028ae"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ox1s6-XMTBlrSqyIGP6kghplcgpYcUb61mmQKdw1WYI7QZi6TwS9LA==
988-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0362c8fa422b8fc2901b19881b4a3d999f1fc1668abd9c3c7474a9353369e23b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:16:04 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
JY0tGNue34R7hutXWrqVqEtkGHsK7eYQ
x-amz-cf-pop
PHL51-P1
age
5147074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14512
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"a133b0167ec0ae6bb5e5b563cf9bb93e"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OpsFAytwLZkLtrbqplmdrIPRcLyt-h4KWUXZY1B-8Bb9JvcjsFXwLQ==
807-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/807-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3178d47e0f5adc4eb7bb9de66ce913ca939b968b41c416579576005beb3e71db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:16:04 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
trWSzhtR1.g.MzEPCJvFNKfr2Y62qO.a
x-amz-cf-pop
PHL51-P1
age
5147074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3173
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"fcb7da06b0bf75065d2ee26285c67c7a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gipyBv4onfRR5BEmgE66m6_JQlRzS3xOEQU62tHQya0G_2r1egiulg==
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30adf825110c7832a9d987dcda1f1adc50f4b65123053b09c98ad964f789e631

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:16:04 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
3kwNwqOfz4DI4wgTowU0cmmWjmTQYLRZ
x-amz-cf-pop
PHL51-P1
age
5147074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8583
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"23fdb711129863dca0b2fea9035dfada"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
d2LqwpzslgZhP2jaG4xdFjYPfhvaZQ_chDEIgDFxlCoZkC-YPcvZAw==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-23.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 20:57:59 GMT
via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
14561
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
y-NP5Vi-aDsd40Q-pWIt4MdRlIOLHSzROT7crARXVpT8bQPpd2BaqQ==
169-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		155 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/169-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b19e827414388e94fcc2815c445a4932d8eccfa009466979f46d51663a270dfa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 10:15:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
8YITJiPsALg2DMAztHps3LlPWm068Pud
x-amz-cf-pop
PHL51-P1
age
4891530
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43864
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"1ef394c18ee61b33befe94298da0f04d"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
69kI0Mhxtoe2DO85QjogOJRRWO5MTvWPOeHVkT02U86L5jcpuojCaA==
shell-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/shell-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3982ebaff8a57748e4f5d30e4267c33ba21d8b861c12c03329f11d74e83bf51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:16:04 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
4f2gCDT41TayQhOcuJw38bz_76ne3Ewr
x-amz-cf-pop
PHL51-P1
age
5147074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
21905
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"84c6dfc27e85826be4f3f00ac0496823"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
l0W_ZR59VTELLA_6xcclI1YIcjZPgCm2mdUyeAxEMg-bYLiBZMsQOw==
datalayer
zephr-v4.nypost.com/blaize/ 		61 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/blaize/datalayer
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=fed61e76ec5a9ef320bc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-79.phl50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
application/json
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Error from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
61
x-amz-cf-id
dkuuF6WP8alAwPGgUzxQ-NYtDirjam_uMHDPlrw7kR-jHIg0MZRVsg==
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
57e074a17625b.js
t.contentsquare.net/uxa/ 		309 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/57e074a17625b.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-83.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6e8ddac02d7565e3ade9b471babb6272b43e1dda65d8e2cfa1bee83f77688ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 15:08:07 GMT
content-encoding
br
via
1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
75186
last-modified
Thu, 25 Jan 2024 15:05:40 GMT
server
AmazonS3
etag
"d4737f512a99fbb2cd3c955ef5bb0439"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rYAiQ38NNAPqI3grV6ueT3R11HvkNWzSerxK0y1xf5HyEWuhBKYC4w==
1630.ebd9bcfcbc846eb54dc5.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/1630.ebd9bcfcbc846eb54dc5.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=fed61e76ec5a9ef320bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c6c6dbe5d6502e567354c47cdb3d1741d29f88d9de156b712d164eedfdee1cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 185 443
etag
W/"65b3e63d-8f0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
5908.7919c599f8e7b8c7e6da.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		605 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/5908.7919c599f8e7b8c7e6da.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=fed61e76ec5a9ef320bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6ce035c21b14712d80470e24c80645b747ee67eea6cca79ef0c3b36fcab2d1d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63d-25d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
1706.ef65f9157177412cdcb0.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		618 B
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/1706.ef65f9157177412cdcb0.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=fed61e76ec5a9ef320bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
918b31e2a4456e33205974bd14d0dd794c610f963c545587ba979c28c0967f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63d-26a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=163456144&post=22800468&tz=-5&srv=nypost.com&hp=vip&j=1%3A12.7.1&host=nypost.com&ref=&fcp=1717&rand=0.07119540881357356
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:37 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
nypost.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 06 Dec 2023 23:24:00 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65710290-4904"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
pv
api.btloader.com/ 		0
12 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=W7R6AE4cYQ&w=5766767856058368&o=5747039208996864&cv=2.1.28-1-ge480966&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&sid=R5hLoWkuQE&pm=true&upapi=true
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:37 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
decision-engine
zephr-v4.nypost.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-79.phl50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://nypost.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
x-amz-cf-id
7hZj8itnVT6EfCsAU0rXbElrXqAid6ckwPiQ-QGVXR6SM7WSU7_KHQ==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
decision-engine
zephr-v4.nypost.com/zephr/ 		266 B
1019 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=fed61e76ec5a9ef320bc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-79.phl50.r.cloudfront.net
Software
/
Resource Hash
9fa030bd8c5330c2e8e981e3449f052b5bdf950bf9bd955d93e0c02518805ca8

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
266
x-amz-cf-id
6wvuoPhGddRPgmicT_yqR7dEkmrp1HR8yk4v2QGljlsAdWd3XuDQ9w==
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-blaize-request
4d01d01d
tp2
sac.nypost.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sac.nypost.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.220.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.220.110.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sp-anonymous
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://nypost.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 29 Jan 2024 01:00:37 GMT
server
akka-http/10.2.7
via
1.1 google
tp2
sac.nypost.com/com.snowplowanalytics.snowplow/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sac.nypost.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: nid.nypost.com
URL: https://nid.nypost.com/prod/sp/nid_sp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.220.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.220.110.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

SP-Anonymous
*
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
b-250cc79-36c7d7db.js
tagan.adlightning.com/nc-nypost/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f66e180a1821e2befe2b4cd5ab7477d5ddc4b7061154facbb1f89cb9a4019ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 00:39:32 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
ZhPwUSVdbJofcN00FZJsXJD.YmbtV5Av
x-amz-cf-pop
PHL50-C1
age
951666
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25845
x-amz-meta-git_commit
250cc79
last-modified
Thu, 11 Jan 2024 20:33:36 GMT
server
AmazonS3
etag
"835f0ee42949520ad1b13d6bbfe3b912"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0ieSlkt778yONovJwUH5rDJR1oJ-w8y59V9LXjt2BS5Mu-Pu06Xe_Q==
bl-904ac2d-836b3a7d.js
tagan.adlightning.com/nc-nypost/ 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-904ac2d-836b3a7d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61db1239fcfeca84556d6ab5a43123fac064538f61d9774b98459def7b0e6600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 01:40:50 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
VE_8h5Qlmo116cSZLfeFXJ.bcbjJ6Cp6
x-amz-cf-pop
PHL50-C1
age
83988
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39058
x-amz-meta-git_commit
904ac2d
last-modified
Sun, 28 Jan 2024 01:17:38 GMT
server
AmazonS3
etag
"db214d0faa1b77f74a18b40bfa970a10"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yqOUxrCNmpMxKa_SPTiGK4d8QCCPZAIjH2r7pmLZEsJwMQjBs3RLJg==
tcs.dhj
t.nypost.com/1/e/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.nypost.com/1/e/tcs.dhj?dmn=nypost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-90.phl50.r.cloudfront.net
Software
/
Resource Hash
4066516ea98cbc1a706596497f521fc6985849f788d8e7429a575c140d428c9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
private, max-age=3600
x-robots-tag
noindex, nofollow
content-length
1470
x-amz-cf-id
ItIGsE98Md2X1P0bETgha9TqdkSG1dlvO46XQYo25BI6k0pWbE1rTg==
expires
Mon, 29 Jan 2024 02:00:37 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:30:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 29 Jan 2024 01:30:53 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
cookie.html
www.ncaudienceexchange.com/prod/ncg/ Frame 7B15 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-35.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
56393
content-encoding
gzip
content-type
text/html
date
Sun, 28 Jan 2024 09:20:45 GMT
etag
W/"27a77bbc87eed7c50fbccf9c936e316d"
last-modified
Wed, 28 Aug 2019 23:03:03 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
x-amz-cf-id
wtmB6IMKuW5EmBZ6nerZjJT3kiVq-ZZhQRkuWZPOjh-fLSl3nimBNA==
x-amz-cf-pop
PHL50-C1
x-cache
Hit from cloudfront
cookie.html
tags.realtor.com/prod/ncg/ Frame 93F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.realtor.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-6.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
30679
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 16:29:19 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 a7253311f94fb967603a1d22f7a3c43a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
v05qdsseoQQfa818ISC-afuspBo-SRT5AiY2vI9EK60e7iYm_D4FCg==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Hit from cloudfront
cookie.html
tags.barrons.com/prod/ncg/ Frame 3F52 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.barrons.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-6.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
30679
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 16:29:19 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
JXEDrBmb9HCtcCo4vTpzQWAjmG8anNjKlKmXtZmqAUY_-5l8FhJU_w==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Hit from cloudfront
cookie.html
tags.mansionglobal.com/prod/ncg/ Frame E9A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.mansionglobal.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-6.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
30679
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 16:29:19 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
X-Amz-Cf-Id
5kubhoAgtIE5OyfbZbIkmbjYWKsE43pxfnFXYzfE3qg_y8ikVG4JHQ==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Hit from cloudfront
cookie.html
tags.marketwatch.com/prod/ncg/ Frame 5EF1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.marketwatch.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-84.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
30679
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 16:29:19 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 3084f1c1c69db00ea38650e768b2b25c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
sDoj8eyuz05YTZq9ALTWJsLXmvcv0-Sx-7VtB67xxf-0GMpPdOQywQ==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Hit from cloudfront
cookie.html
tags.wsj.com/prod/ncg/ Frame 74BF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.wsj.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-6.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
30680
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 16:29:19 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 ddcac3e1d2d0eae07c0ba394a446dda2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
KsJg1cMZSi90-Wm3Pl0Rz7YJVFSId_703OkPhQ4fDVAWA4cHJdEV-Q==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Hit from cloudfront
cookie.html
tags.decider.com/prod/ncg/ Frame A714 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.decider.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-6.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
30679
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 16:29:19 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 52f91163dc9b412469bf709634e4afca.cloudfront.net (CloudFront)
X-Amz-Cf-Id
muo3hETmzow1vfUF7egzZJqQ3B9mhymF3FJlGJNWNsasVnXSiEUzOg==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Hit from cloudfront
cookie.html
tags.pagesix.com/prod/ncg/ Frame 0A87 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.pagesix.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-6.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
30679
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 16:29:19 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront)
X-Amz-Cf-Id
TcxgRVLjSSuMq6cAM5LbgZQ6bsYF5tswHPjDBDRKz_NouLmMopVZvA==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Hit from cloudfront
cookie.html
tags.penews.com/prod/ncg/ Frame DF83 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.penews.com/prod/ncg/cookie.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-4.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
30678
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 16:29:20 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 b88fda0ef7fc0be68ec5692fdd8f97ec.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xb70OMxOF5HgCc6GXfjlVwFRov3SI7ZYkxj7Jg5va8k12zFbWkIU_A==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Hit from cloudfront
i
v2.pixel.newscgp.com/ 		43 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v2.pixel.newscgp.com/i?stm=1706490037486&e=se&se_ca=aka&se_ac=link%3Adomain&se_la=ce8ee306-cd62-47ea-9165-7c4fc74ee28f&se_pr=nypost.com&eid=85f10bd9-17b2-40ef-8444-452154228f37&tv=js-3.4.0&tna=_ncg__0&aid=newsconnect-global&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Pacific%2FHonolulu&dtm=1706490037482&vp=1600x1200&ds=1600x6560&vid=1&sid=8d43d7a9-0112-4310-80dd-6360009f1335&duid=ce8ee306-cd62-47ea-9165-7c4fc74ee28f&url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI5MWI2ODMzZi0xZTIwLTQ5Y2UtYmVhNS03OTY4MGU3ZmU3ZDQifX1dfQ
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.180.102.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:36 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://nypost.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
i
tags.nypost.com/cs/bounce/
Redirect Chain
  • https://tags.nypost.com/cs/sync/i
  • https://us.tags.newscgp.com/cs/sync/i?expiry_ts=1769562037442&origin=tags.nypost.com
  • https://us.tags.newscgp.com/cs/bounce/i?expiry_ts=1769562037442&origin=tags.nypost.com&fallback_id=c3340d8a-73ae-48f3-b63a-c29abe327e45.3.1706490037.1769562037442
  • https://tags.nypost.com/cs/bounce/i?expiry_ts=1769562037442&nuid=c3340d8a-73ae-48f3-b63a-c29abe327e45.3.1706490037.1769562037442
43 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.nypost.com/cs/bounce/i?expiry_ts=1769562037442&nuid=c3340d8a-73ae-48f3-b63a-c29abe327e45.3.1706490037.1769562037442
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
18.238.4.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-4.phl51.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:37 GMT
Via
1.1 f9247b65ce15be5e9abf969e43362ca8.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
PHL51-P1
X-Cache
LambdaGeneratedResponse from cloudfront
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
0Ph_HYjlJAHDwFfRJgEv9NSEZKsST6jiA4dGO85dPd-Z5CX4mychtA==

Redirect headers

Date
Mon, 29 Jan 2024 01:00:37 GMT
Via
1.1 bbd89b29eb16bb369cdc097594fa8260.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
PHL51-P1
X-Cache
LambdaGeneratedResponse from cloudfront
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Location
https://tags.nypost.com/cs/bounce/i?expiry_ts=1769562037442&nuid=c3340d8a-73ae-48f3-b63a-c29abe327e45.3.1706490037.1769562037442
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
_l0ElYwWaDMPFRfFgJXhroreoIomV_HiF6jm5Wn-IrqalnLmr07KNw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 f300b5f0c0ff51593fb31953294424c0.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 19:47:42 GMT
x-amz-cf-pop
PHL51-P1
age
18776
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PM774I-D--7iF3EulWJGzWlYmmigSQPWncQlqgp1I-FFXd0hk2gOeA==
truncated
/ 		656 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e71155121fa314c4d12ead222f0a118e3fdc4f74856702a2141f84d0590cb2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1706490037574&aid=a-01qt&se=e30&duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&tv=v2.12.0&pu=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-m...
  • https://rp4.liadm.com/j?se=e30&duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&aid=a-01qt&cd=.nypost.com&dtstmp=1706490037574&tv=v2.12.0&n3pc=true&wpn=lc-bundle&ext__pubcid=ce0eda65-0932-4d09-add5-d2...
43 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&aid=a-01qt&cd=.nypost.com&dtstmp=1706490037574&tv=v2.12.0&n3pc=true&wpn=lc-bundle&ext__pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&pu=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&c=PHRpdGxlPlRoZSB0cmlsbGlvbnMgaW4gQ09WSUQgcmVsaWVmIG1vbmV5IGxlZCB0byBiaWxsaW9ucyBpbiBmcmF1ZDwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vbnlwb3N0LmNvbS8yMDIyLzA2LzI0L3RoZS10cmlsbGlvbnMtaW4tY292aWQtcmVsaWVmLW1vbmV5LWxlZC10by1iaWxsaW9ucy1pbi1mcmF1ZC8iPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIgTG90cyBvZiB0aGUgQ09WSUQtMTkgc3BlbmRpbmcgdGhhdCBkb2Vzbid0IHF1YWxpZnkgYXMgd2FzdGVmdWwgb3IgZnJhdWR1bGVudCB3YXMgbm9uZXRoZWxlc3MgbWlzc3BlbnQuIj48aDEgY2xhc3M9ImhlYWRsaW5lIGhlYWRsaW5lLS1zaW5nbGUtZmFsbGJhY2siPgoJCVdoeSB0aGUgdHJpbGxpb25zIGluIENPVklELTE5IHJlbGllZiBtb25leSBsZWQgdG8gYmlsbGlvbnMgaW4gZnJhdWQJPC9oMT48dGl0bGU-QmFjayBCdXR0b248L3RpdGxlPjx0aXRsZT5TZWFyY2ggSWNvbjwvdGl0bGU-PHRpdGxlPkZpbHRlciBJY29uPC90aXRsZT4&i6=MjAwMTo1NTA6MWQwNToxOjo4&us_privacy=1---
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
18.209.74.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-74-157.compute-1.amazonaws.com
Software
/
Resource Hash
561f49e7560b02f72da6625f7acdbc628765225984bbed60c93209020471620b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
x-pixel-event-id
6f25414c-edd6-400a-97a9-c248e84b7859
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
43

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&aid=a-01qt&cd=.nypost.com&dtstmp=1706490037574&tv=v2.12.0&n3pc=true&wpn=lc-bundle&ext__pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&pu=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&c=PHRpdGxlPlRoZSB0cmlsbGlvbnMgaW4gQ09WSUQgcmVsaWVmIG1vbmV5IGxlZCB0byBiaWxsaW9ucyBpbiBmcmF1ZDwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vbnlwb3N0LmNvbS8yMDIyLzA2LzI0L3RoZS10cmlsbGlvbnMtaW4tY292aWQtcmVsaWVmLW1vbmV5LWxlZC10by1iaWxsaW9ucy1pbi1mcmF1ZC8iPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIgTG90cyBvZiB0aGUgQ09WSUQtMTkgc3BlbmRpbmcgdGhhdCBkb2Vzbid0IHF1YWxpZnkgYXMgd2FzdGVmdWwgb3IgZnJhdWR1bGVudCB3YXMgbm9uZXRoZWxlc3MgbWlzc3BlbnQuIj48aDEgY2xhc3M9ImhlYWRsaW5lIGhlYWRsaW5lLS1zaW5nbGUtZmFsbGJhY2siPgoJCVdoeSB0aGUgdHJpbGxpb25zIGluIENPVklELTE5IHJlbGllZiBtb25leSBsZWQgdG8gYmlsbGlvbnMgaW4gZnJhdWQJPC9oMT48dGl0bGU-QmFjayBCdXR0b248L3RpdGxlPjx0aXRsZT5TZWFyY2ggSWNvbjwvdGl0bGU-PHRpdGxlPkZpbHRlciBJY29uPC90aXRsZT4&i6=MjAwMTo1NTA6MWQwNToxOjo4&us_privacy=1---
access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:37 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
pxid
0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co/v2.0/ 		46 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co/v2.0/pxid?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
eda851d7c156b81f901d4721023c72be5127e8e023342852e3c761250e51a13c

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:37 GMT
an-x-request-uuid
70a0758f-b08d-4608-98ff-291390a615dc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
robots.txt
t.skimresources.com/api/v2/ Frame CCDB 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.37852753337769607
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 google
cache-control
private, no-store
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain
px.gif
p.skimresources.com/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=3.7588350640169894
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=3.7588350640169894
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
/
p1.parsely.com/px/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/px/?rand=1706490037644&plid=81c097e0-eb6c-4730-8305-304f21d8df1f&idsite=nypost.com&url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&sref=&sts=1706490037637&slts=0&title=The+trillions+in+COVID+relief+money+led+to+billions+in+fraud&date=Sun+Jan+28+2024+15%3A00%3A37+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=2c6b779c-aea0-4885-aba8-ee4579e224fc&u=pid%3D20d71400-4a39-4f28-bfbb-a8486796d2d2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:37 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 11:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
48847
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138344
x-xss-protection
0
server
cafe
etag
11931332024773231753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 27 Jan 2025 11:26:30 GMT
skin.js
player.aniview.com/script/custom/unruly/outstream/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=622640
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
08494d5ab9bc08b4496bb9b67de57c86d6d03b6a3f701d9669bc6aede3621642

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:37 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ABPtcPq3vLthN9hB9If6wWZojfvU-YlxwTb83if9eOD1xRb5VfjH_Q1EqWvMY9rgPfWr-Wma5EA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
13188
Last-Modified
Mon, 01 Jan 2024 07:12:38 GMT
Server
UploadServer
ETag
"b68f828daa229a5966783333f94a8a56"
Vary
Accept-Encoding
x-goog-generation
1704093158662385
Content-Type
application/javascript
Content-Language
en
x-goog-hash
crc32c=mOwimA==, md5=to+CjaoimllmeDMz+UqKVg==
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, no-transform, max-age=900
x-goog-stored-content-length
13188
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Expires
Mon, 29 Jan 2024 01:15:37 GMT
pixels
aniview-diag-server.1rx.io/ 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aniview-diag-server.1rx.io/pixels?adslotid=18d52bb859d3fad410ddece&siteid=622640&iframe=false&siteenv=html&page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&clientver=1.0.0&pageloadid=18d52bb859d1b491ae5373b&cb=1706490037661&event=tag_load&message=Ani%20View%20Wrapper%20load%20on%20the%20page&event_time=2024-01-29%2001%3A00%3A37
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.241.38 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
strict-transport-security
max-age=15768000
content-length
0
content-type
text/plain; charset=utf-8
runtime_6459738026535cda4232dc813c61447d.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:44:15 GMT
content-encoding
br
age
540982
x-guploader-uploadid
ABPtcPqelNDC3VdtA_9H1FoqLYSDc4e-EWkT3MF5w4Wly5bTnLEBCyOrYBWaNLov2AFhDhbW_m6VAQouuA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1316
last-modified
Mon, 22 Jan 2024 18:44:07 GMT
server
UploadServer
etag
"09512239cb2a22728ca9f8608dfc2181"
x-goog-generation
1705949047694544
x-goog-hash
crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1316
accept-ranges
bytes
content-type
text/javascript
messages-count
open-api.spot.im/v1/ 		58 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://open-api.spot.im/v1/messages-count?spot_id=sp_Sx8YukwE&posts_ids=22800468
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=fed61e76ec5a9ef320bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-15.phl50.r.cloudfront.net
Software
/
Resource Hash
a76e6dae7e49c16e8e27646b0a5ebebdead5debf61f7f92c2b244f60538676a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
x-spotim-bid
x-spotim-rid
content-length
58
x-spotim-vid
access-control-max-age
86400
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
access-control-allow-credentials
true
access-control-allow-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type
x-amz-cf-id
oWttNDh4x1ILbcKg4Ql3pAQVH9AtQOSSo5P1S59o2PCd9Iv1WocvCw==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4113ebc97841fdd4d6079742098c029077897bc029ae5e724a293fc1053a88c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8163e7149db361ed14b7555bca382bdd8f5d1c6ee6d33f9434a83c2f0420cff2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
5231153e-f3d6-433a-9b39-47c5350a780e
https://nypost.com/ 		118 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/5231153e-f3d6-433a-9b39-47c5350a780e
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e339cb53bca94d1f802620e334f39ea600b1331f28a44034f33c00075d43743

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
121153
Content-Type
ff6eb0ad-4ec3-4854-bbe8-b692ab33d0ad
https://nypost.com/ 		118 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/ff6eb0ad-4ec3-4854-bbe8-b692ab33d0ad
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e339cb53bca94d1f802620e334f39ea600b1331f28a44034f33c00075d43743

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
121153
Content-Type
/
r.skimresources.com/api/ 		208 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
daa18e45dfe189f6debb6661de7a0af4519f719d07f334c9a6bc378ba0439100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/01ae14ca-1fa2-4758-b53e-af78d90b6a28/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-127.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding
gzip
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Mon, 29 Jan 2024 00:07:01 GMT
last-modified
Tue, 12 Dec 2023 13:01:22 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
3218
x-amz-server-side-encryption
AES256
etag
W/"6f5acc886b373331d622309f643f2f89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
XqDussqfU2HomWDgoS9t_v5QHdF8Jij-LEUChtT1kixbYVCt6A8T2g==
output.js
www.zergnet.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=33405&time=1706490037763&sc=1&callback=json9261885
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.90.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-90-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b27079c406725aa7cc4ad4d67b3654ca1e47e5de5afb39af29d622e5d02f6d9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6390601&cs_fpcu=78b47f70d5e345a690b644b2e0f4f423&cs_it=b8&cv=3.6&ns__t=1706490037764&ns_c=UTF-8&c3=NYPOST&cj=1&cs_ucfr=1&c7=https%3A%2F%2Fnypost.com%2F202...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&cs_fpcu=78b47f70d5e345a690b644b2e0f4f423&cs_it=b8&cv=3.6&ns__t=1706490037764&ns_c=UTF-8&c3=NYPOST&cj=1&cs_ucfr=1&c7=https%3A%2F%2Fnypost.com%2F20...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6390601&cs_fpcu=78b47f70d5e345a690b644b2e0f4f423&cs_it=b8&cv=3.6&ns__t=1706490037764&ns_c=UTF-8&c3=NYPOST&cj=1&cs_ucfr=1&c7=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&c8=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&c9=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
18.238.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-53.phl51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PHL51-P1
x-amz-cf-id
ObDDfkQuqlVd97P9tK3C6Hoth2Rk0dtyVVOsjF9fZLbfnjdiqkGIVw==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6390601&cs_fpcu=78b47f70d5e345a690b644b2e0f4f423&cs_it=b8&cv=3.6&ns__t=1706490037764&ns_c=UTF-8&c3=NYPOST&cj=1&cs_ucfr=1&c7=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&c8=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&c9=
content-length
0
x-amz-cf-id
7XxvY2yVnpAm-9nKUUZoE9ojVdudekjWBPze8hP_GXZXM0CXENbs5g==
metrics-reporter-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/metrics-reporter-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4538c4a3f0cd3b22b6b45285abc0bdd88be05af93c2092911b03927c5e78bbb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:16:05 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
DEMSNm1bsSnwzbznQh28msOIZ7p8ZmN8
x-amz-cf-pop
PHL51-P1
age
5147073
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2619
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"3325b999b14b244fcdd24382f76d7241"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DJZ_QFbkdtIwNsjJdvK2zKDQFp8iODoqC0BLP9NWXRUymd6SK-QhqA==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
ba3db223b91f52132816eecde99c20378fe4c077cd5fb0c76204d6b1b7d83c36
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-length
36
x-guid
71f3befa-7111-46eb-8308-02c08342e2dd
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
OfZcaGU-8RkcS6A1-qOXJ-Q9taxpJJfzAfzyDN_Lt0knen-w9Z1B1w==
geoip
api.permutive.com/v2.0/ 		281 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3775aaf637f98b3458e5c6693e618184d99dbbf17d21013593b3cf2868aaacd4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
watson
api.permutive.com/v2.0/ 		2 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
KS_conversions.js
widgets.outbrain.com/keystone/conv/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/keystone/conv/KS_conversions.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2cd548412f3556b2804461c3379bd14d07ad0e6d39fc347cd954ff164e84f481

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
content-length
867
last-modified
Mon, 12 Sep 2022 08:01:05 GMT
server
AkamaiNetStorage
etag
"1e0c98a9513e1a6679863ea8060a7cee:1662970133.812717"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:38 GMT
ob_extra_injections.js
widgets.outbrain.com/keystone/injections/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/keystone/injections/ob_extra_injections.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4e48827c244db80e58ccbe3a62ad5ea5e6eea15fd468aabf833e3f2fe4edf556

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
content-length
1981
last-modified
Wed, 27 Sep 2023 06:42:08 GMT
server
AkamaiNetStorage
etag
"0c47cd01f63b43f7d70df242d7856629:1695797390.802558"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 02:00:38 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 28 Feb 2024 01:00:38 GMT
date
Mon, 29 Jan 2024 01:00:38 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
f34a8612-9c89-4e7a-adeb-71a2902d9634-models.bin
cdn.permutive.com/models/v2/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/f34a8612-9c89-4e7a-adeb-71a2902d9634-models.bin
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49dbdeea90a3e68958149b76bca5e572ecb0a0796fbc3157a2f367dac166ed34

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
0cf17917-395b-4f25-91cc-db3bdd6044b0
age
0
x-guploader-uploadid
ABPtcPp1EWqTUI_1tAHLLSEy-EHs7f0aF2T8qcPc57eavRjFXCMs7SrCan59-16-g21XlZ2x6OM
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
7054
last-modified
Mon, 08 Jan 2024 06:03:59 GMT
server
cloudflare
etag
"42dac02ba4d4eb7449e0463cc35d8990"
vary
Accept-Encoding
x-goog-generation
1704693839304450
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=dUDdAA==, md5=QtrAK6TU63RJ4EY8w12JkA==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
7054
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84cd8a11d9511287-MIA
expires
Mon, 29 Jan 2024 00:50:53 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1848559469&t=pageview&_s=1&dl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&ul=en-us&de=UTF-8&dt=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAiEAjBAQCACAAI~&jid=880884119&gjid=1056136264&cid=649758697.1706490038&tid=UA-3922003-6&_gid=2119401761.1706490038&_slc=1&cd88=649758697.1706490038&cd8=desktop&cd3=benefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernment%20spending&cd2=Veronique%20de%20Rugy&cd1=article&cd5=standard&cd6=Why%20the%20trillions%20in%20COVID-19%20relief%20money%20led%20to%20billions%20in%20fraud&cd7=&cd12=Why%20the%20trillions%20in%20COVID-19%20relief%20money%20led%20to%20billions%20in%20fraud&cd9=2022-06-24&cd10=19%3A%2051&cd11=22800468&cd4=opinion&cd15=Coronavirus&cd87=Outbrain%20Guarantee&cd16=747&cd17=no&cd40=no&cd44=no&cd54=true&cd76=In-line&cd21=yes&cd46=false&cg1=article&cg2=opinion&cg3=nypost.com&z=1492717722
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3922003-6&cid=649758697.1706490038&jid=880884119&gjid=1056136264&_gid=2119401761.1706490038&_u=aHBAiEAjBAQCAGAAI~&z=1414241212
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 29 Jan 2024 01:00:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
flyout
api.nypdev.com/cdp/zephr/content/ 		88 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nypdev.com/cdp/zephr/content/flyout?gaClientId=649758697.1706490038
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=2215d40b31646cc01d85
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.165.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-165-134.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d2620b0edce0ac18b31955465060df671f24d9bfe73aca56671bc7d15327e800
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
Authorization
Basic QGxsZXk6dmZEVEJPM1Y3cnJ5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
nginx
x-frame-options
DENY
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization
content-length
88
flyout
api.nypdev.com/cdp/zephr/content/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.nypdev.com/cdp/zephr/content/flyout?gaClientId=649758697.1706490038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.165.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-165-134.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
content-type
application/json
date
Mon, 29 Jan 2024 01:00:38 GMT
server
nginx
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-frame-options
DENY
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
content-encoding
br
via
1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 11:37:17 GMT
x-amz-cf-pop
PHL51-P1
age
48202
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 11:40:02 GMT
server
AmazonS3
etag
W/"2a4e43326a158b47d0598571fd4099b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-id
5PxNyH_HK4gVfg68uNwUp7Pno53SVIiS2GM-nxqTRDMlKYZM5s4k7A==
identify
api.permutive.com/v2.0/ 		50 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4331fae7f7fe695f19d91958e32b1f7cbe79052f50fea54aa6e4f174334826d0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69
c36e566b946db6e358b56dc6aa1b81b2ececf
meadowlullaby.com/send/f67fe22455e3d2a/ 		295 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meadowlullaby.com/send/f67fe22455e3d2a/c36e566b946db6e358b56dc6aa1b81b2ececf
Requested by
Host: meadowlullaby.com
URL: https://meadowlullaby.com/j/83b3b1be082545d/113d17a50d1f6f2111489-prod.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
77edf8739c49358967586acda34e0cd5e7c07a13e3bc2de78f1cc44e97cbeba2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-us-east1-spot-bjwp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 29 Jan 2024 01:00:37 GMT
xdframe-single-domain-1.2.0.html
csxd.contentsquare.net/uxa/ Frame AA19 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.2.0.html?pid=5764
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:f400:1b:ed91:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
535feb1335a0a42ed2cd06f68cb63002dbda9d385ecd00fbbc0697ae98c6b32f

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
7729232
cache-control
max-age=31536000
content-encoding
gzip
content-type
text/html
date
Tue, 31 Oct 2023 14:00:07 GMT
etag
W/"17303eed7f8afe41b1523ca58723426b"
last-modified
Fri, 04 Aug 2023 17:04:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
x-amz-cf-id
Sshn9lTOXEhGlu4lAYfhzv8QuSgwSIztNOs-QPz1TlCE7lhISAGHRA==
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
main-v2_131d476c88d031119630c9efba39d483.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		481 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_131d476c88d031119630c9efba39d483.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
36ac23ec7d2ccdde8a3d19a7471fca945313df26be2690dadf1761c4c68e1879

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 19:05:42 GMT
content-encoding
br
age
453296
x-guploader-uploadid
ABPtcPo1YDXPsgGlBFPjc4awuLXmP01VmZB46ts83HcxqFKVjxm3KktQp72amUz_lnQhwfmliIg16mCFFg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107247
last-modified
Tue, 23 Jan 2024 19:05:31 GMT
server
UploadServer
etag
"9a668156b22046a0309a3ca9718d8441"
x-goog-generation
1706036731708765
x-goog-hash
crc32c=Wy+fvw==, md5=mmaBVrIgRqAwmjypcY2EQQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
107247
accept-ranges
bytes
content-type
text/javascript
cjs_min_1e55b565811f11b08485230cf1d150d6.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:46:28 GMT
content-encoding
gzip
age
1307650
x-guploader-uploadid
ABPtcPry905nGLEQ-Ml0dSiCcPDK7WnO1-QyULcyYy8jKiLsJOeJOQTz-hnFhxURqyM0dkF_moI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15751
last-modified
Wed, 13 Dec 2023 16:23:11 GMT
server
UploadServer
etag
"d7dc7d7ebcc4f5af5fc2d4804e7ec737"
x-goog-generation
1702484591435387
x-goog-hash
crc32c=3TW0yQ==, md5=19x9frzE9a9fwtSATn7HNw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
15751
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
get
mv.outbrain.com/Multivac/api/ 		21 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&idx=0&rand=14988&widgetJSId=SL_2&va=true&format=vjapi&pubInState=0&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010628&sig=ipuIslOd&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8fe40a37e611cd36b51b816056891187c8eef60070522162f1b03bc78d81f5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 varnish
date
Mon, 29 Jan 2024 01:00:38 GMT
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
0d6113187a6c5ff7cdcce45ce2640506
content-length
10448
x-served-by
cache-iad-kiad7000030-IAD
pragma
no-cache
x-timer
S1706490038.427941,VS0,VE53
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
page
t.skimresources.com/api/v2/ 		22 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.11 aiohttp/3.8.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link
t.skimresources.com/api/v2/ 		22 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.11 aiohttp/3.8.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://nypost.com
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
skin-622640.json
video.unrulymedia.com/native/skins/ 		2 KB
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-622640.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=622640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f11fff395615749f7d73545799ed746cab0761185e45db32432454cdbf7cfa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
x-amz-version-id
6GJbDTVo2NzoLcp2rsY4TF9aYixbPAIP
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-request-id
08WBXPG7730ER9YN
x-amz-server-side-encryption
AES256
x-amz-id-2
S/U0RMWfgFV4HMKbi4qp7hEK6//t1IuieRUZV73QyP0P35RwVzSlbUWoRL0I5iev+QEf+dUYoyA=
x-amz-expiration
expiry-date="Tue, 21 Jan 2031 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 22 Jan 2024 11:10:51 GMT
server
cloudflare
etag
W/"1dea42d96c6ebb0a28394c7bfacb01b5"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://nypost.com
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-credentials
true
cache-control
max-age=3600
cf-ray
84cd8a136e2509ba-MIA
track
servt.unrulyvideo.com/ 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1706490038286&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=&cd10=&e=c9&cd11=1-run
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.unrulyvideo.com/ 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1706490038286&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=&cd10=622640&e=c9&cd11=2-tag
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ts_.htm
t.nypost.com/a/ Frame 8D0F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.nypost.com/a/ts_.htm?ver=1.1275.65&cid=c057
Requested by
Host: t.nypost.com
URL: https://t.nypost.com/1/e/tcs.dhj?dmn=nypost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-90.phl50.r.cloudfront.net
Software
/
Resource Hash
f52a25986db575f3b50734266b36cfe7d8e6889805d089e9963ae3b064aa7dc3

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=604800
content-encoding
gzip
content-length
1149
content-type
text/html
date
Mon, 29 Jan 2024 01:00:38 GMT
expires
Mon, 05 Feb 2024 01:00:38 GMT
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-id
_b5IW3gQKsglV-yDr7ynJgcIqsM7k3e6fAGYRPp_5PdxJzvZxgzCkw==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
truncated
/ 		956 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d799b8d6ab02987525e8b6762b44750c198a6f6a3f9e7753473ddef8094c83e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
a-01qt
i.liadm.com/s/c/ Frame E83A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01qt?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&euns=1&s=&us_privacy=1---&version=v2.12.0&cd=.nypost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.125.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-125-227.compute-1.amazonaws.com
Software
/
Resource Hash
ddfd4c90be6f10374580f8a9a9955ca52668e5cf65ab3916ef39a738e4e5b1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
684
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:38 GMT
Request-Time
12
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.nypost.com/ 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.nypost.com/baker?dtstmp=1706490038306
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:4c00:9:41bd:8d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
0
x-amz-cf-id
oMGB1uxJdarGhSmj4PlWeG3KvVUJfEFhEFAVhDQq_u3N_pjCfm2BtA==
fd2cfaab-227e-4aa0-ae06-b35d50e1a527
https://nypost.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/fd2cfaab-227e-4aa0-ae06-b35d50e1a527
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed368de2caede3bfda709b07b4c12802a899ca5ac0a15939c8c364f0b9d0d61

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
7329
Content-Type
application/javascript
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
config
prebid.media.net/rtb/prebid/analytics/ 		69 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid/analytics/config?cid=8CU3I8M1G&dn=nypost.com
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
bd53009baa81953a7b82428a4bd466c15dfadca2609b1915fa1a52afd4c03d30

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
via
1.1 google
server
envoy
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=900, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 01:15:38 GMT
pbjs
api.id5-sync.com/analytics/1266/ 		70 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.id5-sync.com/analytics/1266/pbjs
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ba8451f39b0887dfff955335e5bf9007d350bf5c2d9f5ef697e07275ecbc331a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:38 GMT
cache-control
max-age=300, public
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
3105
config.aps.amazon-adsystem.com/configs/ 		532 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3105
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-7.phl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
f879c7de85cbf0c1b1a78735a6d382b8780e378ac836088a88bb0fa50e945f85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:39:16 GMT
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
age
1282
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
ZxL1dkzNmlAuAokQEEBsWHPQA0pFw1eN5rVvLuwYPrSKFM-Hb8jguQ==
config
c.amazon-adsystem.com/cdn/prod/ 		177 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3105&u=https%3A%2F%2Fnypost.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
Server /
Resource Hash
52a6c0dc3a72a1f3b7202d7f33fdb147db367ce8b44f86e791814a9f079a5735

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
177
x-amz-cf-id
LwTFoSLL0Cx_VxX7Qhxl6PvRVZ6UnkBK06J0hVS4ikk2JnkEYA6MbA==
bid
aax.amazon-adsystem.com/e/dtb/ 		221 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3105&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=BYW4NneK4SimO&cb=0&ws=1600x1200&v=24.117.1925&t=1500&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-rec_atf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x251%22%2C%221x1%22%2C%22300x600%22%2C%22300x601%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Frec_atf%2Fopinion%2Fstories%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-billb_atf%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22978x250%22%2C%221x1%22%2C%221x11%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Fbillb_atf%2Fopinion%2Fstories%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rec_btf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x252%22%2C%22300x600%22%2C%221x1%22%2C%22300x602%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Frec_btf%2Fopinion%2Fstories%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rec_widget%22%2C%22s%22%3A%5B%22300x255%22%2C%22300x250%22%2C%22300x600%22%2C%221x1%22%2C%22300x603%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Frec_widget%2Fopinion%2Fstories%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-custom%22%2C%22s%22%3A%5B%221x12%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Fcustom%2Fopinion%2Fstories%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-skin%22%2C%22s%22%3A%5B%221x2%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Fskin%2Fopinion%2Fstories%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-inline%22%2C%22s%22%3A%5B%221x7%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Finline%2Fopinion%2Fstories%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-overlay_fullpage%22%2C%22s%22%3A%5B%221x4%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Foverlay_fullpage%2Fopinion%2Fstories%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-native%22%2C%22s%22%3A%5B%221x6%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5850%2Fpost.desktop%2Fnative%2Fopinion%2Fstories%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cat%22%3A%5B%22IAB1%22%2C%22IAB12%22%2C%22IAB17%22%5D%2C%22cattax%22%3A1%2C%22domain%22%3A%22nypost.com%22%2C%22keywords%22%3A%22Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernment%20spending%22%2C%22name%22%3A%22nypost.com%22%2C%22page%22%3A%22https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F%22%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
56ca4f4ce6bd0aca06c71ca0202571897e0456a97a587e80827afb33fed418c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 bbd89b29eb16bb369cdc097594fa8260.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
221
x-amz-cf-id
qFqKUZZetPMG3nX-3s14UMBaO5-4yEOWpEJ57XsIMZuLeJ_rMvJtjQ==
api
ls.skimresources.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 29 Jan 2024 01:00:38 GMT
server
Python/3.10 aiohttp/3.8.6
via
1.1 google
api
ls.skimresources.com/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93051X1547088.skimlinks.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.6 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3922003-6&cid=649758697.1706490038&jid=880884119&_u=aHBAiEAjBAQCAGAAI~&z=164130247
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
v2.pixel.newscgp.com/ 		43 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v2.pixel.newscgp.com/i?stm=1706490038434&e=pv&url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&page=Page-View&eid=a7318fa1-3081-4d4e-bc0a-714447898118&tv=js-3.4.0&tna=_ncg__0&aid=newsconnect-global&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Pacific%2FHonolulu&dtm=1706490038433&vp=1600x1200&ds=1600x7133&vid=1&sid=8d43d7a9-0112-4310-80dd-6360009f1335&duid=ce8ee306-cd62-47ea-9165-7c4fc74ee28f&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9ha2EvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsidXNlcl9pZCI6IiIsInVzZXJfcHJvdmlkZXIiOiIiLCJ1c2VyX21lbXR5cGUiOiJhbm9ueW1vdXMiLCJ1c2VyX25ld3NsZXR0ZXJfaWQiOiIiLCJ1c2VyX25ld3NsZXR0ZXJfcHJvdmlkZXIiOiIiLCJicm93c2VyX2RtcF9pZCI6IjE3MDQ4YzMyLTAyYzEtNGY0ZS04ZTU4LWM4YTY1NTQyYzE3ZSIsImJyb3dzZXJfZG1wX3Byb3ZpZGVyIjoicGVybXV0aXZlIiwiYnJvd3Nlcl9hZHNfcHBpZCI6IiIsImJyb3dzZXJfYWRzX3Byb3ZpZGVyIjoiIiwiYnJvd3Nlcl9hbmFseXRpY3NfaWQiOiIiLCJicm93c2VyX2FuYWx5dGljc19wcm92aWRlciI6IiIsImJyb3dzZXJfbmNnX2lkIjoiIn19LHsic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9hcnRpY2xlL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7ImFydGljbGVfaWQiOiIyMjgwMDQ2OCIsImFydGljbGVfc291cmNlIjoiVmVyb25pcXVlIGRlIFJ1Z3kiLCJhcnRpY2xlX3B1Ymxpc2hlZF90aW1lIjoiMjAyMi8wNi8yNCAxOTo1MToxNiIsImNvbnRlbnRfdHlwZSI6ImFydGljbGUiLCJzZWN0aW9uIjoib3BpbmlvbiIsInN1YnNlY3Rpb24iOiJDb3JvbmF2aXJ1cyIsInN1YnN1YnNlY3Rpb24iOiIiLCJzdWJzdWJzdWJzZWN0aW9uIjoiIiwic3Vic3Vic3Vic3Vic2VjdGlvbiI6IiIsImFydGljbGVfcGFpZF9jb250ZW50X3R5cGUiOiIifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5uZXdzY2dwL2FkaG9jL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Im5hbWVzcGFjZSI6Im5ld3NpZC5kZXZpY2VpZCIsImRhdGEiOlt7ImtleSI6ImRldmljZV9pZCIsInZhbHVlIjoiYzMzNDBkOGEtNzNhZS00OGYzLWI2M2EtYzI5YWJlMzI3ZTQ1LjMuMTcwNjQ5MDAzNy4xNzY5NTYyMDM3NDQyIn1dfX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy93ZWJfcGFnZS9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJpZCI6IjkxYjY4MzNmLTFlMjAtNDljZS1iZWE1LTc5NjgwZTdmZTdkNCJ9fV19
Requested by
Host: us.tags.newscgp.com
URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.180.102.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:37 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://nypost.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
22800468
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/ 		153 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/22800468
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
dadb81deecbca8e8c84d01e3b2a9bda2f907c79e2e8c5c76adf231528c665fd7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-length
153
x-request-id
d1d45cb5-be41-11ee-9b0d-fea464db70db
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
wEQ_gWvHrMM4YaIJ5VDe8pEUoqW4mww3RpY3aAbTbQ9Kja2hSu7WnQ==
22800468
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/22800468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 29 Jan 2024 01:00:38 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-id
WJP_DTIYVgnOevqGE6mJy7M77bdjfVf8mNsH6mJMFV6whSTk9Qy3Qw==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 29 Jan 2024 01:00:38 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 29 Jan 2024 01:00:38 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 29 Jan 2024 01:00:38 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 29 Jan 2024 01:00:38 GMT
server
ATS/9.1.10.94
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=199546&size_id=57&p_pos=atf&us_privacy=1---&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernment%20spending%2C&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.name=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=23&tg_i.pagesection=opinion&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fopinion%2Fstories&tk_flint=pbjs_lite_v8.27.0&x_source.tid=ed16bba1-dbb8-4d69-bef6-876791b55ddc&l_pb_bid_id=2bf428e66399b6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=828f107d-9bbb-4eca-a8c4-0cee18d13acc&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fopinion%2Fstories&m_ch_mobile=%3F0&slots=1&rand=0.4611315764360755
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7ef54121dff97a0fd3fe864beeafa253d1db3128d4a39fabf5eb61a1d3465561

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=199546&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernment%20spending%2C&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.name=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=23&tg_i.pagesection=opinion&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Frec_atf%2Fopinion%2Fstories&tk_flint=pbjs_lite_v8.27.0&x_source.tid=ed16bba1-dbb8-4d69-bef6-876791b55ddc&l_pb_bid_id=307448a83b669a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3690afa2-805f-489a-9354-7881c927d891&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Frec_atf%2Fopinion%2Fstories&m_ch_mobile=%3F0&slots=1&rand=0.9800671708276973
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b91cefd88b175bab94b90237eb32c44263712fd1c309296676468e2ddef60824

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		583 B
922 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=199548&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernment%20spending%2C&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.name=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=23&tg_i.pagesection=opinion&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Frec_btf%2Fopinion%2Fstories&tk_flint=pbjs_lite_v8.27.0&x_source.tid=ed16bba1-dbb8-4d69-bef6-876791b55ddc&l_pb_bid_id=43fe3890fcba3d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=11db9b0f-4085-433d-ad4a-76ff1f78151d&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Frec_btf%2Fopinion%2Fstories&m_ch_mobile=%3F0&slots=1&rand=0.3206755961266152
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
12dc4503c019818c0ba0c3fd57c1396173f772e88182f875b0b22144b1d769ef

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
583
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		586 B
925 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11076&site_id=26782&zone_id=199550&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernment%20spending%2C&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.name=nypost.com&tg_i.cat=IAB1%2CIAB12%2CIAB17&tg_i.page_type=article&tg_i.testgroup=23&tg_i.pagesection=opinion&tg_i.pagetype=article&tg_i.pbadslot=%2F5850%2Fpost.desktop%2Frec_widget%2Fopinion%2Fstories&tk_flint=pbjs_lite_v8.27.0&x_source.tid=ed16bba1-dbb8-4d69-bef6-876791b55ddc&l_pb_bid_id=5de41ffcdcdc03&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=353f094e-5ce5-4794-ba0d-f4df74728fb6&rp_maxbids=1&p_gpid=%2F5850%2Fpost.desktop%2Frec_widget%2Fopinion%2Fstories&m_ch_mobile=%3F0&slots=1&rand=0.9377791103333661
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a93593c107ed44f2df4b016b920274e004155af9e2bf77e58091d5b194d43551

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
586
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.57.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-57-64.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=214345
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67e16ca32aca0d911ccbde238dd4487d0199b1d29fb48d35cbf08fa9e664480

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSeiIngL3NBzBYD2RlB7jCb%2FEwNGkfcZoc7GNE%2BVoE50uxlHlsoJxmgqYCDWgwGSc5I%2BjUK8enZjQbdH7NzKxlRAhoLxKr907m4r%2FHYP3XJRMj1rDAWuYhBTjNjbpcBH%2Br40gVRK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84cd8a14fbcd8da8-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
nypost
direct.adsrvr.org/bid/bidder/ 		0
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/nypost
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
507 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
5d9efae6b1c2d8721203ec071cd4e17d5e32e8367e1e87484a93cd07aa16d2d8

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
50d8937079cb1a33563bbe3c7607c080f92f9a3928a4f4ac710baa9e510a093b

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
ac0720477f5db0eafb7fc10f2e44668813279239e79c5e93c4ea1e77316229bd

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
95bfd076761285456d5ab47ba57f588be5b1e5346e4c59465d16ac2eb301d4ca

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
content-length
84
auction
tlx.3lift.com/header/ 		19 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tmax=2000&us_privacy=1---
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.210.107.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-107-42.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
189 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=2550442726&lsavail=1
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:37 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
elb.the-ozone-project.com/openrtb2/ 		128 B
972 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ba859e35df75f1d200db16ddc5b2bff3705286026b033a257454f6cc050375

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84cd8a151f939ae3-MIA
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3I8M1G
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
a048d08cad291fcf123100afeb7500fdb32342cdc14e67e6edc47fe3543ef57c

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:37 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 01:00:38 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
an-x-request-uuid
24c1689a-ace8-4be8-ad36-0d3ae5ee38c9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		14 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.242.24 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
24.242.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b385bf8bbcbf59c8a18883252dac3f2891ac2965055e05be4be5cfa33aa4776a

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 29 Jan 2024 01:00:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
6628
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-67.phl50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront), 1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
x-amz-apigw-id
SRvMmEv1DoEEl8Q=
x-amz-cf-id
DMTVGdWMZ2rHBrf7AGB2-6jU9c72o4_hEwd09vae7JFt8BSmDWKYMQ==
x-amz-cf-pop
PHL50-C1 PHL50-C1
x-amzn-requestid
0ff571a8-3a12-469c-a7bc-1d245ec5e054
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-67.phl50.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

Accept
application/json
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 28 Jan 2024 08:30:54 GMT
via
1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront), 1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, PHL50-C1
age
59384
x-amzn-requestid
6d4c7277-2cf8-4c8c-bc6a-a68714b65313
x-amzn-trace-id
Root=1-65b610be-23ab125f5291cb625c57931b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
SPeNyF4ajoEETqQ=
content-length
30
x-amz-cf-id
VJ8KquqFdT4FuhEHVUH1L1E2T_i40UC4V_C0xqktO8LUbrJGS1_Q2g==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
obtp.js
amplify.outbrain.com/cp/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/keystone/conv/KS_conversions.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
65ad11676484334621ffe4b268158ac58a8ac12c41bf51280cbd25eb42b7fa33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 13:05:32 GMT
server
AkamaiNetStorage
etag
"9e1e6021011fe5d6f6df980bd868010b:1703078880.424415"
vary
Accept-Encoding
content-type
application/x-javascript
x-rg
NA
cache-control
max-age=1200
x-cc
US
accept-ranges
bytes
content-length
7776
expires
Mon, 29 Jan 2024 01:20:38 GMT
j-query-3.7.1.min.js
player.unrulyvideo.com/script/custom/unruly/outstream/ Frame 4059 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.unrulyvideo.com/script/custom/unruly/outstream/j-query-3.7.1.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=622640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1418:a000:13::17c8:852f Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0b249325e3db2bd22697e85ec3e907a311f61c962ad9b1c9aabaca8cefc1e200

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:38 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ABPtcPpgyHLCdiktvf4IvUwRaJrd82fGBZ5Q1Xe2W5OSndi2TXu-zWr--SA0B9e-F7VRhoqY0QqT7qFSkQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
30357
Last-Modified
Sun, 31 Dec 2023 16:08:51 GMT
Server
UploadServer
ETag
"f6fbef456569c3749356f33414751834"
Vary
Accept-Encoding
x-goog-generation
1704038931727596
Content-Type
application/javascript
Content-Language
en
x-goog-hash
crc32c=Sj8Vsw==, md5=9vvvRWVpw3STVvM0FHUYNA==
Access-Control-Expose-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=600
x-goog-stored-content-length
30357
Accept-Ranges
bytes
Expires
Mon, 29 Jan 2024 01:10:38 GMT
decision-engine
zephr-v4.nypost.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine?brand=nypost&content_id=22800468&env=production&isExclusiveArticle=&isSportsArticle=&isSportsArticleNonBetting=&primarySection=opinion&primaryTag=coronavirus&sections=opinion
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-79.phl50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://nypost.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
x-amz-cf-id
lyaRHY2MIRoKHVO9MFNVi4TmFdYrgrs2hhTOSgnWWlB_0coCMoXcdg==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
decision-engine
zephr-v4.nypost.com/zephr/ 		13 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine?brand=nypost&content_id=22800468&env=production&isExclusiveArticle=&isSportsArticle=&isSportsArticleNonBetting=&primarySection=opinion&primaryTag=coronavirus&sections=opinion
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=2215d40b31646cc01d85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-79.phl50.r.cloudfront.net
Software
/
Resource Hash
f07981ada418160b7e534282cfaaf6abcbae6af062b9981842881e9114496a18

Request headers

Accept
application/json
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
br
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
ZA_MI81I4Pvo0lrem977_ykXH0XKnSFKWOFnRW9BVLGBuuoXon5XHQ==
x-blaize-request
78beb774
onsite-v2_1e65144eaf4e12878292a8065df4997d.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_1e65144eaf4e12878292a8065df4997d.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7bcce32f4ef85233e030a2e0f1a2a81aefab5d602d45c655b1ff5f068ac8abb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:14:40 GMT
content-encoding
br
age
222358
x-guploader-uploadid
ABPtcPqIFsmt-wYhI5UJuo42r0W2Y2zmQiHhLPjqw6Fde89a3KPhdUs1Y8Dz7i1aEAR9ZItslR2DjTyoGw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4963
last-modified
Tue, 23 Jan 2024 19:05:40 GMT
server
UploadServer
etag
"aaf913c9914c1e9a66cc88a9a0b151cd"
x-goog-generation
1706036740216586
x-goog-hash
crc32c=jDxLwQ==, md5=qvkTyZFMHppmzIipoLFRzQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
4963
accept-ranges
bytes
content-type
text/javascript
ads-v2_47aebd0c6444728af7470a0a273082cc.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		175 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_47aebd0c6444728af7470a0a273082cc.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a32520664ec3babc59c3ca9cce31e4454dbf11d7dba8cc93b248f04aa68a8dbb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:30 GMT
content-encoding
br
age
541028
x-guploader-uploadid
ABPtcPrC93soQBUVc1ukXAlDoKdJQqSWng7Ap5l3XyHUTmxbo0C2oWim_vH2QOl0h0UmFt9PJyI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39045
last-modified
Mon, 22 Jan 2024 18:43:17 GMT
server
UploadServer
etag
"7a802b2eece51fa0f4571bb9fb37a5f2"
x-goog-generation
1705948997718307
x-goog-hash
crc32c=QgBAtQ==, md5=eoArLuzlH6D0Vxu5+zel8g==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
39045
accept-ranges
bytes
content-type
text/javascript
aed938385a0297b1516aa4b0ea042d7f.br.json
assets.bounceexchange.com/assets/gam/5850/ 		24 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/gam/5850/aed938385a0297b1516aa4b0ea042d7f.br.json
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_131d476c88d031119630c9efba39d483.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7cc35b37ec5bbc372cbdad090ff68003fe60a89dfd5a61d67233f116579de6fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 19:03:20 GMT
content-encoding
br
age
280638
x-guploader-uploadid
ABPtcPqQAjaYJSeSFC50OrIDfP9wm5WWaYPBhsasAAr6uPw_xkTf0LvKVx2H34dCK_9M7_Iqa3NJEHUpUw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6572
last-modified
Thu, 25 Jan 2024 19:02:43 GMT
server
UploadServer
etag
"0f490ed7151715ae6668fa1529f5474b"
x-goog-generation
1706209363113406
x-goog-hash
crc32c=TxRc0Q==, md5=D0kO1xUXFa5maPoVKfVHSw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, etag
cache-control
public,max-age=31536000
x-goog-stored-content-length
6572
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.107.215.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.215.107.34.bc.googleusercontent.com
Software
/
Resource Hash
79d74b22a3dfca4c829d3cc89d5385381230fe603e1518419220f68a8fb0f306

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:38 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.80.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.80.149.34.bc.googleusercontent.com
Software
/
Resource Hash
09dabe6a722eb848d94724f7f97c4393652605471c787bba24647035dfe91bca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:38 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.117.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.117.149.34.bc.googleusercontent.com
Software
/
Resource Hash
cd3034c76f5ffbb9045fc7f68d6b1ce2749e66417f17c7142e1f3c30e4d6f0ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:38 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
35759
i6.liadm.com/s/ Frame E83A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1---
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1---
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=41e24d93-d54c-44df-8e10-335978a5e3ce
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=41e24d93-d54c-44df-8e10-335978a5e3ce
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&euns=1&s=&us_privacy=1---&version=v2.12.0&cd=.nypost.com
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:6c65:3c0a:bacf:2e64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=41e24d93-d54c-44df-8e10-335978a5e3ce
Date
Mon, 29 Jan 2024 01:00:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
pixel
live.rezync.com/ Frame E83A
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b22f58fe-1bd6-45ec-85d0-a530447e0578%3A1706490038.8884192&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Db22f58fe-1bd6-45ec...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968625796319955998&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Db22f58f...
0
0
live_intent_sync
x.dlx.addthis.com/e/ Frame E83A
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---&rd=Y
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&euns=1&s=&us_privacy=1---&version=v2.12.0&cd=.nypost.com
Protocol
H2
Server
23.39.185.111 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:00:39 GMT
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---&rd=Y
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Mon, 29 Jan 2024 01:00:38 GMT
52164
i.liadm.com/s/ Frame E83A
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=a00f9526-1dfc-4162-8f58-70eba1170baf&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=a00f9526-1dfc-4162-8f58-70eba1170baf&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=a00f9526-1dfc-4162-8f58-70eba1170baf
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=liveintent
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=vC4MldVUXx1-4THjD_zAjiaEdkk&user_group=1&ssp=liveintent
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&euns=1&s=&us_privacy=1---&version=v2.12.0&cd=.nypost.com
Protocol
HTTP/1.1
Server
34.198.125.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-125-227.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
img
sync.mathtag.com/sync/ Frame E83A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0&us_privacy=1---
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fi.liadm.com%2Fs%2F81081%3Fbidder_id%3D91218%26bidder_uuid%3D%24UID%26gdpr%3D0%26us_privacy%3D1---
  • https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=569908430852131164&gdpr=0&us_privacy=1---
  • https://sync.mathtag.com/sync/img?mt_exid=36&a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---
43 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=36&a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&euns=1&s=&us_privacy=1---&version=v2.12.0&cd=.nypost.com
Protocol
HTTP/1.1
Server
216.200.232.253 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1451 1934b03 master ord ord-pixel-x57 config_version:"539" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x57 config_version:"539"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 29 Jan 2024 01:00:38 GMT

Redirect headers

Location
https://sync.mathtag.com/sync/img?mt_exid=36&a00f9526-1dfc-4162-8f58-70eba1170baf&us_privacy=1---
Date
Mon, 29 Jan 2024 01:00:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
demconf.jpg
dpm.demdex.net/ Frame E83A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=a00f9526-1dfc-4162-8f58-70eba1170baf?us_privacy=1---
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=a00f9526-1dfc-4162-8f58-70eba1170baf
42 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=a00f9526-1dfc-4162-8f58-70eba1170baf
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&euns=1&s=&us_privacy=1---&version=v2.12.0&cd=.nypost.com
Protocol
H2
Server
44.196.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-200-15.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0e5653e14.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
z5E2neucQug=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-04d1637b9.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
oxF7Glb+RWg=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=a00f9526-1dfc-4162-8f58-70eba1170baf
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
usersync.aspx
dis.criteo.com/dis/ Frame E83A 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01qt?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&euns=1&s=&us_privacy=1---&version=v2.12.0&cd=.nypost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
387099
expires
Mon, 29 Jan 2024 00:00:00 GMT
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 60F9 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
dce25a083454abeda970aae797a0da02fca1893b6cf028d6ec3f64d1802efcd3

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
6157
content-type
text/html
date
Mon, 29 Jan 2024 01:00:38 GMT
etag
"623b6591c8039098d7fe5390dc776dfd:1706444649.328202"
expires
Mon, 05 Feb 2024 01:00:38 GMT
last-modified
Sun, 28 Jan 2024 12:10:34 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
l
mcdp-nydc1.outbrain.com/ 		2 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=04d079a9b3b65db7a84e0b545fc07319_770_1706490038472&tm=815&eT=0&wRV=2010628&pVis=0&lsd=5c6c44da-5154-421b-aa75-2ed668f63e76&eIdx=&ccpa=1---&cheq=0&oo=false&lo=2818&obreq=2404&mvreq=3470&cet=4g&to=1706490034806&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
394c74f88d313b4d28ecfb169f089d70
Content-Length
6
get
mv.outbrain.com/Multivac/api/ 		168 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&idx=1&rand=79092&widgetJSId=AR_3&va=true&et=true&format=html&t=NDE5Nzk4NjQ1NDRiNmE5YjQ3MDQ5ODE5Zjk2OGI4N2M=&px=268&py=4857&vpd=3657&pubInState=0&cw=734&seid=d943cfe0-ae58-ffa0-0000-018d52bb88a7%7C0%7C1&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010628&sig=ipuIslOd&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f9d7dde003b6888b21e9d93a9819c861ccc4af505e06e1d9b58118f6b473e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000030-IAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 varnish
date
Mon, 29 Jan 2024 01:00:39 GMT
traffic-path
NYDC1, IAD, USA_EAST1
x-timer
S1706490039.743750,VS0,VE845
x-cache
MISS
content-type
text/javascript; charset=UTF-8
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
6910e3ba598c3cabfc3cf3e014577bbf
accept-ranges
bytes
content-length
24893
x-cache-hits
0
eyJpdSI6ImQ1MzNiMzEzNGI4ZGFhNDJhZDMxMmU1ZmQ4ZjIwZmIxNzFiZGEyZWJmZDdlODI2ODdkMDc5OGViZTUzZDc4NDIiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ1MzNiMzEzNGI4ZGFhNDJhZDMxMmU1ZmQ4ZjIwZmIxNzFiZGEyZWJmZDdlODI2ODdkMDc5OGViZTUzZDc4NDIiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.240 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
366743023675ba6e41f03432df01a1dbef6b1667ac77ed5697699e7e9345b57c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Fri, 26 Jan 2024 23:31:46 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2284806
access-control-allow-credentials
false
x-traceid
4950f18119bc5241c0511396c61ae682
timing-allow-origin
*, *
content-length
2018
eyJpdSI6IjZkYjE2NGM5MDBiNjdkZWU5OWIyMTc5Njg2ZjE3MGJmYzQ4YmJmM2U0Mjk5ZTJhMmU1NWExYzYwMmQ1ZjhmNjkiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZkYjE2NGM5MDBiNjdkZWU5OWIyMTc5Njg2ZjE3MGJmYzQ4YmJmM2U0Mjk5ZTJhMmU1NWExYzYwMmQ1ZjhmNjkiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.240 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b76cae459125c98aebfcdfe1f308b9c7cf6bd8fcbbaca48e6c49a70fa189a18a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Fri, 26 Jan 2024 22:35:53 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2282600
access-control-allow-credentials
false
x-traceid
3b60409bd5ac5dc7ed8b1481f7af0be7
timing-allow-origin
*, *
content-length
2030
eyJpdSI6IjQyMjY0YjI5NzYyM2RlN2FjYzk1MWY0OWE3M2ZhZThiZTk3YjE3MjQzZmEzMjk3OGU0MTMwNDA0YzY3NDAyMWQiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQyMjY0YjI5NzYyM2RlN2FjYzk1MWY0OWE3M2ZhZThiZTk3YjE3MjQzZmEzMjk3OGU0MTMwNDA0YzY3NDAyMWQiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.240 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b468f5a6caa7488f8cc76974e1caee7118fd6200fb2fc4bd0ea47b8b191b6eea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Sat, 27 Jan 2024 00:16:09 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2287014
access-control-allow-credentials
false
x-traceid
0c52b4f29bae7bcbc45d829d1d35af25
timing-allow-origin
*, *
content-length
1956
eyJpdSI6ImUwZjI2MGMwYWRkYjZjOGQwYTNiNTNkZjJhZWEzNmE0OWY2N2Q1MzFiMDFjYjA5OWQyMDg2ZGQ2NzQ2NDc4NzQiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUwZjI2MGMwYWRkYjZjOGQwYTNiNTNkZjJhZWEzNmE0OWY2N2Q1MzFiMDFjYjA5OWQyMDg2ZGQ2NzQ2NDc4NzQiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.240 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60874b330fa9ccfdbc228fb4a348a5890f0e812cb47d39c10fe5a67a933cd2ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Mon, 29 Jan 2024 00:47:54 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2461651
access-control-allow-credentials
false
x-traceid
f95e3593d9916e36b7ee3ce613a57252
timing-allow-origin
*, *
content-length
1160
eyJpdSI6ImI2ZDk5NjczNTIzMWFkYzRhODU4MWVmNWU2MDA2ZTA3MGFmMGJhZWM5ZjgxOTZkZDQ1MDQxYWQzN2I2YWU2ZmQiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI2ZDk5NjczNTIzMWFkYzRhODU4MWVmNWU2MDA2ZTA3MGFmMGJhZWM5ZjgxOTZkZDQ1MDQxYWQzN2I2YWU2ZmQiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.240 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b49d715e0baa40567b3aaa9079fa1476eebd5f40c754f57a1f047254b827eb54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Fri, 26 Jan 2024 21:41:34 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2277769
access-control-allow-credentials
false
x-traceid
58b7528fee3e72bc85b639a394822a8d
timing-allow-origin
*, *
content-length
1674
eyJpdSI6ImQzMjhmZGYwNmQ5NWRlYmUyYWM3ZDNhY2Y3YTFkOTJlYzViMTkyODkwMmIxM2VjOGJmYWU3YWM2YjdhOTA5MmEiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQzMjhmZGYwNmQ5NWRlYmUyYWM3ZDNhY2Y3YTFkOTJlYzViMTkyODkwMmIxM2VjOGJmYWU3YWM2YjdhOTA5MmEiLCJ3Ijo5MCwiaCI6NjAsImQiOjEuMCwiY3MiOjAsImYiOjR9.webp
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.240 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7a920ba92d4bc93dac1c94ad51fa4e24cf835da866c8b3141902a52629846fed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 14:25:29 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2424532
access-control-allow-credentials
false
x-traceid
dad34c0167aa118f1ef6692e899ddb4c
timing-allow-origin
*, *
content-length
1656
cf632a3bd3ac4f34157505ec90648f1ee32f47a80
meadowlullaby.com/7a747834274/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meadowlullaby.com/7a747834274/cf632a3bd3ac4f34157505ec90648f1ee32f47a80
Requested by
Host: meadowlullaby.com
URL: https://meadowlullaby.com/j/83b3b1be082545d/113d17a50d1f6f2111489-prod.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 29 Jan 2024 01:00:38 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-us-east1-spot-bjwp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 29 Jan 2024 01:00:37 GMT
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=004ec41dbe72b567a8c4abdb82ffdf73ba
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
44115447e2e8d2b9133d48a5a65687db
Content-Length
39
Content-Type
application/javascript
004ec41dbe72b567a8c4abdb82ffdf73ba
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/004ec41dbe72b567a8c4abdb82ffdf73ba
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:38 GMT
content-encoding
gzip
ob-sent-time
1706421954166
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-rg
NA
cache-control
max-age=60
x-cc
US
x-traceid
9ca7202d8056468641964fe28c72b92a
content-length
22
expires
Mon, 29 Jan 2024 01:01:38 GMT
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:48:23 GMT
content-encoding
br
age
1221135
x-guploader-uploadid
ABPtcPpXodkz_zExVclnbZkChzLIvIJsjhAtesEXVwe2nT38-fXHG_n4N4cHHJ0k0sXvpPyllA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31584
last-modified
Thu, 11 Jan 2024 16:26:10 GMT
server
UploadServer
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
x-goog-generation
1704990370811177
x-goog-hash
crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
89476
accept-ranges
none
content-type
text/javascript; charset=UTF-8
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 68BE 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
1426809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:40:29 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Thu, 02 Nov 2023 21:35:04 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1698960904048494
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
ABPtcPqK9IKKq5W6ewhmrEkD7OzE_oJug_cDjqNPpUbKwSCBDrYlcKlvryx7FtsfX26aizbrLp3hgxsc_z_PlduYHq_PFg
db_sync
px.ads.linkedin.com/ Frame 60F9
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEJRVF9mTkw5MFFyOVYxY1J4MlNMUVBHMzBIWHRUMVNJNllGdldyUmlJN1lORGNnR2J0MjhvdzAyNGtvZllmUUMQABoNCLfx260GEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3fa54f4c1724f44532bcd14f648f18062f7f3cc1ac516b9b83ea4968d783ab82791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3fa54f4c1724f44532bcd14f648f18062f7f3cc1ac516b9b83ea4968d783ab82791426b5417dce21&rand=00926226
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3fa54f4c1724f44532bcd14f648f18062f7f3cc1ac516b9b83ea4968d783ab82791426b5417dce21&rand=00926226&expected_cookie=add80fa8-b4a2-46e6-8a7b-a4d3bd12eb6e
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3fa54f4c1724f44532bcd14f648f18062f7f3cc1ac516b9b83ea4968d783ab82791426b5417dce21&rand=00926226&expected_cookie=add80fa8-b4a2-46e6-8a7b-a4d3bd12eb6e
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: FCB6A1ED8EED43F1B27EC5DEE3B7300A Ref B: MIAEDGE1309 Ref C: 2024-01-29T01:00:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQCyy1xVt9Ngfxp8pUBg==

Redirect headers

date
Mon, 29 Jan 2024 01:00:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 415C7EF3865545B2BA3E3C13AA57939C Ref B: MIAEDGE1309 Ref C: 2024-01-29T01:00:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=3fa54f4c1724f44532bcd14f648f18062f7f3cc1ac516b9b83ea4968d783ab82791426b5417dce21&rand=00926226&expected_cookie=add80fa8-b4a2-46e6-8a7b-a4d3bd12eb6e
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQCyysK5PEHW3ock/BDQ==
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&initiator=ob&puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&s=2&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=FGMyRixu_DgVHyivxn3d&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&initiator=ob&gdpr=0&us_privacy=1---
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=FGMyRixu_DgVHyivxn3d&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&initiator=ob&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
5f7620bd8dc93b6c49f8c473e9a09f73
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=FGMyRixu_DgVHyivxn3d&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&initiator=ob&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
222
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=569908430852131164&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=569908430852131164&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
f62ce0d5c727dde9b80b953d88e5f96e
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
an-x-request-uuid
4507024e-e14a-421a-946d-90aac0a96d4f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=569908430852131164&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=133726&dpuuid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_pd=1&gdpr_consent=
dpm.demdex.net/ Frame 60F9 		42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=133726&dpuuid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-200-15.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-0153aa08c.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
oXFKNYM2QmA=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 60F9 		43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.101.235 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.101.149.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
cache-control
private, max-age=3000
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
fea6654c83dbeaeaf44e8b84b2439e11
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:39 GMT
server
Kestrel
content-length
241
usermatch.gif
beacon.krxd.net/ Frame 60F9 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.33.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-33-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n003-ash-prod.krxd.net
date
Mon, 29 Jan 2024 01:00:39 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1706490039
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 60F9 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-26.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
XUU86fBHeLeY_t9cTlO97pkQUva7nN7_36HAGB56XhByJTma-BzSvQ==
expires
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=210aed4c-1290-40df-ade0-996605a0ba01&gdpr=0&gdpr_consent=&us_privacy=1---
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=210aed4c-1290-40df-ade0-996605a0ba01&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
1fa8dd4cfcd0a19497ab0a7dd722c344
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=210aed4c-1290-40df-ade0-996605a0ba01&gdpr=0&gdpr_consent=&us_privacy=1---
date
Mon, 29 Jan 2024 01:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 60F9 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=outbrain&user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 60F9 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26uid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
301514
expires
Mon, 29 Jan 2024 00:00:00 GMT
/
onetag-sys.com/match/ Frame 60F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJ8-aXjaDxSII0j1HQsNS1k&google_cver=1
  • https://onetag-sys.com/match/?int_id=30&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 29 Jan 2024 01:00:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7329318908464986269&gdpr=0&gdpr_consent=
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7329318908464986269&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
1bd27966a09b5304d143ddddcaf44abe
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7329318908464986269&gdpr=0&gdpr_consent=
Date
Mon, 29 Jan 2024 01:00:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
ps.eyeota.net/match/bounce/ Frame 60F9
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
3.232.64.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-64-79.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:39 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=1mpn7m0&uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Date
Mon, 29 Jan 2024 01:00:39 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
id.geistm.com/m/OB/ Frame 60F9 		0
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_conse...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
f27cff6745d4c699b31c2cb768aa4ab6
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT, Mon, 29 Jan 2024 01:00:39 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LRY83WXS-13-DGE9&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&initiator=ob&gdpr=0&us_privacy=1---
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LRY83WXS-13-DGE9&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&initiator=ob&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
3dbcd4e33912ec38ef0e6720838b4902
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LRY83WXS-13-DGE9&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&initiator=ob&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
tpid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 60F9 		49 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.230
content-length
49
expires
0
/
loadus.exelator.com/load/ Frame 60F9
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&xl8blockcheck=1
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&test=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&test=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
44.235.243.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-243-161.us-west-2.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 29 Jan 2024 01:00:40 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&test=
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YN...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28o...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
da198e3a4e67ffbed4b40ebecbd9ff9c
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPygBKApzoF739veADSi9SQ%2BEP1ZZoCZFunUnJIMFUht3QZkKqP13ZSkT%2BoXx%2BZ1Yz2H3tYK%2BiNlnzVj0eeUgMncOMj7EfJ6hY%2ByhjIJECynaNrWsjRyb7QBVyxeULMHiFk2tPwz0yjoHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
cache-control
no-cache
cf-ray
84cd8a1c88ca8da8-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjZDNTQyODQtRTFCNC00RTg5LThEOTUtOUM2RTRGNkEyNEIy&gdpr=-1&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YF...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=B6C54284-E1B4-4E89-8D95...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
6391663657dcbd556c728eeff920f9bd
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
date
Mon, 29 Jan 2024 01:00:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26...
  • https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3D...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&uid=cfc40b9e-7cf7-4e42-9e3c-5f...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&uid=cfc40b9e-7cf7-4e42-9e3c-5f868d9a1725
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
bb2d8fb11e372a86dbc0b15a09bdc051
Content-Length
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&uid=cfc40b9e-7cf7-4e42-9e3c-5f868d9a1725
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A&gdpr=0
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A&gdpr=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
68b2b355cc998b3d1ecbc35bad891270
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A&gdpr=0
date
Mon, 29 Jan 2024 01:00:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server_match
ice.360yield.com/ Frame 60F9 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.90.24.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-24-244.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:40 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=o&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiat...
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=8ee963035d&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=8ee963035d&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
025a40c84f39dd14281e78f2da31dc63
Content-Length
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:40 GMT
via
1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=8ee963035d&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
vlNEq271r03-1GwHEkf67QU1oUnZbmAzMAUMQFWynJgGI-L0Lh9fnw==
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DBQT_fNL90Qr9V1...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=2405212159101885593&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=2405212159101885593&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
7916c259adadaefa76130a22163daa16
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=2405212159101885593&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
date
Mon, 29 Jan 2024 01:00:39 GMT
content-length
0
c.gif
c.bing.com/ Frame 60F9 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Wed, 10 Jan 2024 01:59:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B2E33CD838CD48A18A7043BC3D4AF673 Ref B: MIA301000103023 Ref C: 2024-01-29T01:00:40Z
etag
"c5fcfc9c6843da1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://id.rlcdn.com/711945.gif?ct=4&cv=
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
97bcbd31170067359791231da0e6fcde
Content-Length
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DBQT_fNL90...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
fed9aa6c4dbf742ec99ab759790cf96d
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&partner_user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=&uid=Imf9ynJq_cU5Y_zELDOyyXJk_p45YKyYLWNrB2-D
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=&uid=Imf9ynJq_cU5Y_zELDOyyXJk_p45YKyYLWNrB2-D
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
2beea47df3bfae0a56e9eb3bdb35947b
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=&uid=Imf9ynJq_cU5Y_zELDOyyXJk_p45YKyYLWNrB2-D
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&rurl=https%3A%2F%2Fsync.outbrain.com%2...
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=KJxDe5uCAiTw&initiator=ob&ev=1&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&us_privacy=1---&pid=562709&gdpr_consent=...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=KJxDe5uCAiTw&initiator=ob&ev=1&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&us_privacy=1---&pid=562709&gdpr_consent=&gdpr=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
780efaef7c2099ac2db2b8156238949c
Content-Length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=KJxDe5uCAiTw&initiator=ob&ev=1&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&us_privacy=1---&pid=562709&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://trace.mediago.io/ju/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%...
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid=09dd4f7e0d9f86852vuzd500lry83yic&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initia...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=baidu&uid=09dd4f7e0d9f86852vuzd500lry83yic&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
a47c5fa119cfc02565b9ebca42e78a91
Content-Length
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:40 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://sync.outbrain.com/cookie-sync?p=baidu&uid=09dd4f7e0d9f86852vuzd500lry83yic&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
9.gif
id5-sync.com/c/164/796/1/ Frame 60F9
Redirect Chain
  • https://id5-sync.com/s/164/9.gif?puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://id5-sync.com/c/164/164/9/1.gif?puid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/164/108/8/2.gif?puid=509c862a-d03a-43aa-a731-974d8d72abf6&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/164/441/7/3.gif?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/164/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/164/2/6/4.gif?puid=569908430852131164&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/164/203/5/5.gif?puid=3fbfc4ff-725e-459d-8cd2-1da079402854&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F164%2F124%2F4%2F6.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F164%2F124%2F4%2F6.gif%3Fp...
  • https://id5-sync.com/cq/164/124/4/6.gif?puid=00b4fe7a-171e-41c9-b430-72af5b941e2e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=569908430852131164&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_...
  • https://ce.lijit.com/merge?pid=92&3pid=569908430852131164&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_...
  • https://id5-sync.com/c/164/1246/3/7.gif?puid=IEdcARZHXsIbyiq9SwayWrz3&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=41e24d93-d54c-44df-8e10-335978a5e3ce&ttl=%%TTL%%
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F796%2F1%2F9.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/164/796/1/9.gif?puid=2686f86f-e79d-485e-ba10-74b2c691a418&gdpr=0&gdpr_consent=
0
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&p=opera&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://sync.outbrain.com/cookie-sync?gdpr=0&gdpr_consent=&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&p=opera&uid=OPUab9db8a93a1447b9af78df625a0ecba4&us_pri...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?gdpr=0&gdpr_consent=&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&p=opera&uid=OPUab9db8a93a1447b9af78df625a0ecba4&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
a74580ec860656fec08baf51656b261a
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://sync.outbrain.com/cookie-sync?gdpr=0&gdpr_consent=&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&p=opera&uid=OPUab9db8a93a1447b9af78df625a0ecba4&us_privacy=1---
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
253
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%7Buserid%7D%26initiator%3Dob%2...
  • https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=406bae7f-7d04-572f-b9e1-79954ae2d6c2&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=406bae7f-7d04-572f-b9e1-79954ae2d6c2&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
95fa198190ed4387962cb75f6b03db90
Content-Length
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZw3DEG%2FIR%2BUgjSpm5JPGlEcc%2B9RNqTukBQ17SiWVrWb8PgtjHk9QObF8%2BApQlO7l6dVf3jb3PUm36cjEfErpEnPrg5FtMbwH%2BsBdNCDq4OQFKx2LWqiogj8ZbhbkzOs6fYfPRqdSh6Bq7Z4jfy8"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
location
https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=406bae7f-7d04-572f-b9e1-79954ae2d6c2&initiator=ob&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
cf-ray
84cd8a2619115c77-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
CookieOutbrain
rtb.adentifi.com/ Frame 60F9 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieOutbrain?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dadtheorent%26uid%3D%24%7BUSER%7D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%0A%0A
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.178.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-178-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=vviA7jzZ&source_user_id=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://sync.outbrain.com/cookie-sync?p=sharethrough&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=sharethrough&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
0d85024e1fea4c8fe875d6ac9f5017b5
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=sharethrough&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
date
Mon, 29 Jan 2024 01:00:41 GMT
content-length
0
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://pxl.iqm.com/i/ck/outbrain?cid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Diqm%26uid%3D%7BIQM_COOKIE%7D%26obUid...
  • https://sync.outbrain.com/cookie-sync?p=iqm&uid=0c76e7f2-ba47-446a-abb1-da8b922c46d6&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&init...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=iqm&uid=0c76e7f2-ba47-446a-abb1-da8b922c46d6&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
74111de5f550256bf980ce8cd3ed82b1
Content-Length
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:41 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/avif;charset=UTF-8
location
https://sync.outbrain.com/cookie-sync?p=iqm&uid=0c76e7f2-ba47-446a-abb1-da8b922c46d6&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
205
cookie-sync
sync.outbrain.com/ Frame 60F9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%5BRX_UUID%5D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt...
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%5BRX_UUID%5D%26obUid%3DBQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YN...
  • https://ad.turn.com/r/cs?pid=45&rndcb=3968318468
  • https://sync.1rx.io/usersync/turn/7275493187359501348?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-4949403a-4567-4413-86a8-64a4c612...
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy...
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:42 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
9f43d64ab8d8479872386bc98d8c4fa9
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&obUid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
date
Mon, 29 Jan 2024 01:00:41 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
jquery.js
nypost.com/wp-includes/js/jquery/ Frame A40B 		278 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/jquery/jquery.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=2215d40b31646cc01d85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1771fb9faa52eee780bcfbb6218fa4bd2e61cd3a1b00547a0bc546afac340094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 06 Dec 2023 23:23:59 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"6571028f-45958"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
embed.bundle.min.js
nypost.com/wp-content/plugins/nyp-zephr/build/ Frame A40B 		199 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-zephr/build/embed.bundle.min.js?ver=2215d40b31646cc01d85
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=2215d40b31646cc01d85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
446d693891ef200376ad1c89b5b09995af2ebf71182ad90f3e7b43f0317f1d70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 17:05:01 GMT
server
nginx
x-rq
mia6 96 184 443
etag
W/"65b3e63d-31da6"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
uel0ekt.css
use.typekit.net/ Frame A40B 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/uel0ekt.css
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=2215d40b31646cc01d85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:8800::1728:cd92 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c1e06659befe17feff8f2d2f80055fed6a8176a63e9cdddf19ed53f5e27c45ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 29 Jan 2024 01:00:39 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1047
iu3
s.amazon-adsystem.com/ Frame EE2D
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
350 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2dccdd26bcba69a611b2c82493a7ec52efb25a1156d9b1a3e4b0ab68ba98405b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
350
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 29 Jan 2024 01:00:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
R4ZTWQ4TH7WX4VF60ST0

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WVT1V664C5WBTD2BG403
spt
tg1.unrulyvideo.com/api/adserver/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.unrulyvideo.com/api/adserver/spt?AV_TAGID=62af35d851923c62777207b4&AV_PUBLISHERID=603f65a2e291680ef30af9c7&AV_CDIM10=622640
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1418:a000:13::17c8:8524 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5660f8ba5583f4758504b208cb48649ece2e7c02d802f2ce9ae0acceb5d5762

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Mon, 29 Jan 2024 01:00:39 GMT
Connection
keep-alive
Content-Length
6642
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding, Origin
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Expires
Mon, 29 Jan 2024 01:05:39 GMT
track
servt.unrulyvideo.com/ 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1706490039413&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=&cd10=622640&e=c9&cd11=3-getSiteData
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.unrulyvideo.com/ 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1706490039414&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=&cd10=622640&e=c9&cd11=4-loadStudio
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
p.css
p.typekit.net/ Frame A40B 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=uel0ekt&ht=tk&f=139.140.175.176.10879.10881.10887.10888.39498.39500&a=738589&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uel0ekt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:8800::1728:cdca Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/uel0ekt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Sun, 01 Oct 2023 12:40:02 GMT
server
nginx
etag
"651968a2-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
ats.js
ats-wrapper.privacymanager.io/ats-modules/b27468f8-7e45-475d-a0d7-2c9803dcec62/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/b27468f8-7e45-475d-a0d7-2c9803dcec62/ats.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7c2337eded668daa218800e9d2697c5bcb38ee5109ac9c36b9da4b0a8cd4a33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:25:37 GMT
x-amz-version-id
3P9fVxLlOi0epyjabut3tuDAFhVycBFL
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 12:33:35 GMT
server
AmazonS3
via
1.1 1f53e7c3ff322fe2a87e3b0e12a1a5b8.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
etag
W/"06dd86a0d677df0530e12f2b4271e9ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
age
2103
x-amz-cf-id
FHrg0GjBelz6er8IurjV7W-37AbAc7Ggr0-VBc92VWz3mYRp9Jm2LA==
segment
api.permutive.com/adv/v2/ 		37 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5c4e00d13067bee384b18ce3841fe890d5a8e93e1f32fc35e60ba5d0ef063e8e

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:39 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		313 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1090850372245569&correlator=4326435034455158&hxva=1&scor=3297844486415006&eid=31079925&output=ldjh&gdfp_req=1&vrg=202401230101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=5850%2Cpost.desktop%2Crec_atf%2Copinion%2Cstories%2Cbillb_atf%2Crec_btf%2Crec_widget%2Ccustom%2Cskin%2Cinline%2Coverlay_fullpage%2Cnative&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F5%2F3%2F4%2C%2F0%2F1%2F6%2F3%2F4%2C%2F0%2F1%2F7%2F3%2F4%2C%2F0%2F1%2F8%2F3%2F4%2C%2F0%2F1%2F9%2F3%2F4%2C%2F0%2F1%2F10%2F3%2F4%2C%2F0%2F1%2F11%2F3%2F4%2C%2F0%2F1%2F12%2F3%2F4&prev_iu_szs=300x250%7C300x251%7C1x1%7C300x600%7C300x601%2C970x90%7C970x250%7C978x250%7C1x1%7C1x11%2C300x250%7C300x252%7C300x600%7C1x1%7C300x602%2C300x255%7C300x250%7C300x600%7C1x1%7C300x603%2C1x12%2C1x2%7C1x1%2C1x7%7C1x1%2C1x4%7C1x1%2C320x50%7C1x6%7C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&ifi=1&didk=3171899918~285960245~3171905950~3543286650~119205592~907871424~2265005873~2949661673~934004422&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706490039538&lmt=1706490039&adxs=1032%2C315%2C1032%2C1032%2C0%2C0%2C0%2C0%2C1032&adys=1993%2C237%2C4423%2C3216%2C7112%2C543%2C543%2C543%2C2399&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4%7C0%7C0%7C0%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&vis=1&psz=300x603%7C970x256%7C300x603%7C300x603%7C1600x0%7C1600x0%7C1600x7111%7C1600x4%7C300x0&msz=300x250%7C970x0%7C300x250%7C300x250%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C644%2C644%2C644%2C132%2C132%2C132%2C132%2C132&ohw=300%2C970%2C300%2C300%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=649758697.1706490038&ga_sid=1706490040&ga_hid=1848559469&ga_fc=true&dlt=1706490036122&idt=2114&ppid=65b6f8b53e83c2171317f6fe65b6f8b53e83c2171317f6fe&prev_scp=amznbid%3D2%26amznp%3D2%26mnadc%3Ddiv-gpt-ad-rec_atf%26hb_domain%3Dnypost.com%26hb_auction_id%3Ded16bba1-dbb8-4d69-bef6-876791b55ddc%26hb_crid%3D2249%253A319959669%26hb_dsp%3D2249%26hb_adomain%3Dnorthfortlauderdalesubaru.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.18%26hb_adid%3D59d2bd177b20f5f%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26mnadc%3Ddiv-gpt-ad-billb_atf%26hb_crid_trustx%3D494_379_250_535428_ssl%26hb_adomain_trustx%3Dwellnessguide102.com%26hb_format_trustx%3Dbanner%26hb_source_trustx%3Dclient%26hb_deal_bidder_trust%3Dtrustx%26hb_size_trustx%3D970x250%26hb_pb_trustx%3D0.34%26hb_adid_trustx%3D60684a11fda5845%26hb_bidder_trustx%3Dtrustx%26hb_deal_bidder%3Dtrustx%26hb_deal_trustx%3DG-TRUSTX-trustxgeneral%26hb_deal%3DG-TRUSTX-trustxgeneral%26hb_ds%3Dtrustx%26hb_domain%3Dnypost.com%26hb_auction_id%3Ded16bba1-dbb8-4d69-bef6-876791b55ddc%26hb_crid%3D494_379_250_535428_ssl%26hb_adomain%3Dwellnessguide102.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.34%26hb_adid%3D60684a11fda5845%26hb_bidder%3Dtrustx%7Camznbid%3D2%26amznp%3D2%26mnadc%3Ddiv-gpt-ad-rec_btf%7Camznbid%3D2%26amznp%3D2%26mnadc%3Ddiv-gpt-ad-rec_widget%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=permutive%3D72374%252C74597%252C135499%252C174649%252Crts%26puid%3D17048c32-02c1-4f4e-8e58-c8a65542c17e%26ptime%3D1706490038249%26authors%3DVeronique%2520de%2520Rugy%26page_type%3Darticle%26content%3Dbenefits%252Ccongress%252Ccoronavirus%252Cfraud%252Cgovernment-spending%26site%3Dnypost%26dimension54%3Dtrue%26environment%3Dproduction%26video%3Dnone%26nckey_userGroup%3D0%26testgroup%3D23%26li-module-enabled%3Don%26prmtvsdk%3Dweb&adks=1365398888%2C399015852%2C4208198414%2C2625033611%2C1241782680%2C1316245560%2C622647110%2C2228949508%2C2998394542&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5731ccf8c6718438c520cc39e4d2b38033f1f5a1832ea1db4d171a71135968c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50796
x-xss-protection
0
google-lineitem-id
5553429509,6271587762,-1,-1,-2,-2,6439332703,-2,5402416556
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
55804760735,138429235599,-1,-1,-2,-2,138440418758,-2,138244049805
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C21E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:39 GMT
expires
Tue, 28 Jan 2025 01:00:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame EC69 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=5c6c44da-5154-421b-aa75-2ed668f63e76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
686
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"1e015194a0e596827cb8971f884eb43c:1706431276.675102"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame E262 		416 B
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
282
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1706431272.687014"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 28 Feb 2024 01:00:39 GMT
date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1701762095.019634"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 28 Feb 2024 01:00:39 GMT
date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=1bbf62bd76741519ef4df14ee35052d3_770_1706490038770&tm=1751&eT=0&widgetWidth=734&widgetHeight=33&widgetX=268&widgetY=4866&wRV=2010628&pVis=0&lsd=5c6c44da-5154-421b-aa75-2ed668f63e76&eIdx=&ccpa=1---&rtt=920&oo=false&lo=2818&obreq=2404&mvreq=3909&mvres=4828&cet=4g&to=1706490034806&umv=1&ll=0&chs=1&eme=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
495d353767224da4a633a3ac6adaf372
Content-Length
6
obPvTracker.js
widgets.outbrain.com/external/publishers/common/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/external/publishers/common/obPvTracker.js?advId=00c0feecc40196b47a738de28ad44794ac
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
09bba9c244cbc0f1c1f93f3c4033b7e71d34a8dbeee3c754a36ddcba0e329ab8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
gzip
content-length
836
last-modified
Wed, 03 Jan 2024 11:02:36 GMT
server
AkamaiNetStorage
etag
"07a0f9eaad525afd418f644b5cf0e3be:1704279943.233658"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:39 GMT
obConversionTracker.js
widgets.outbrain.com/external/publishers/common/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/external/publishers/common/obConversionTracker.js?selector=.buy-button,.article-list__stream-link&name=Buy%20now%20click
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
44529f30aa6017da84c45718df1a0a4b0fb44cbb187c1fd80e33bbd6077067cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
gzip
content-length
999
last-modified
Wed, 03 Jan 2024 11:02:36 GMT
server
AkamaiNetStorage
etag
"ae89148ab5231afecd4a9f41414daad5:1704279941.747083"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:39 GMT
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4103 		0
0
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B440 		0
0
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame DCA6 		0
0
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8FF5 		0
0
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 306C 		0
0
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E204 		0
0
userZapping.js
widgets.outbrain.com/nanoWidget/2010628/module/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010628/module/userZapping.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
680bdf2896d0df4dae70825d3dc03daf8e35d13cccbb8e628577cba912e217e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
gzip
content-length
7147
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"d32bae7a6befa3a9728c80abc174e3b6:1706431260.772801"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 05 Feb 2024 01:00:39 GMT
admiral.js
widgets.outbrain.com/nanoWidget/2010628/module/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010628/module/admiral.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9564d665e9e17b9f98f772f1fb118732bc8990b70946ae2d0117b079723d05de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
gzip
content-length
691
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"78467bf86445962f33d3f15d0271910c:1706431227.865448"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 05 Feb 2024 01:00:39 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=9b29627bc462352049de8a40a1b998fc_770_1706490038853&tm=1777&eT=0&widgetWidth=728&widgetHeight=242&widgetX=271&widgetY=4911&wRV=2010628&pVis=1&lsd=5c6c44da-5154-421b-aa75-2ed668f63e76&eIdx=&ccpa=1---&oo=false&lo=2818&obreq=2404&mvreq=3909&mvres=4849&re=4866&cet=4g&cs=3&to=1706490034806&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
384f204d9dbb93c39e5db495a04ab2e7
Content-Length
6
obVideo.js
libs.outbrain.com/video/obVideo/current/ 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/obVideo.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ecd857064d5de22054c6e59c126e039c2c298109be3c62adb5e2af11e18c6665

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 13:33:31 GMT
server
AkamaiNetStorage
etag
"579e1cde9f84891fc31b5328f69233fa:1706449258.581139"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
33052
expires
Mon, 29 Jan 2024 05:00:39 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=6746a30d9e43f40e519e93b9a609df19_770_1706490039452&tm=1790&eT=0&widgetWidth=728&widgetHeight=344&widgetX=271&widgetY=5178&wRV=2010628&pVis=1&lsd=5c6c44da-5154-421b-aa75-2ed668f63e76&eIdx=&ccpa=1---&oo=false&lo=2818&obreq=2404&mvreq=3909&mvres=4849&re=4881&cet=4g&cs=3&to=1706490034806&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
8f668359f033ba51060afeee8ccce94c
Content-Length
6
clip.js
widgets.outbrain.com/nanoWidget/2010628/module/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010628/module/clip.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f006eeccca0790bc125a562e7e2f88da8b2a05c881be2236b7bdb5b9c793a965

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:39 GMT
content-encoding
gzip
content-length
888
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"1cf8de2fc74a004c9b2777afa4356581:1706431229.619066"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 05 Feb 2024 01:00:39 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=ebf41b17a0ec170eab8455d43498337f_770_1706490039559&tm=1795&eT=0&widgetWidth=728&widgetHeight=319&widgetX=271&widgetY=5545&wRV=2010628&pVis=1&lsd=5c6c44da-5154-421b-aa75-2ed668f63e76&eIdx=&ccpa=1---&oo=false&lo=2818&obreq=2404&mvreq=3909&mvres=4849&re=4886&cet=4g&cs=3&to=1706490034806&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
64f350408e990f6dbe661562edf91700
Content-Length
6
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame DCBE 		361 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
271
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1706431275.045171"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 60E0 		361 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
271
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1706431275.045171"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 5C46 		361 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
271
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1706431275.045171"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0E99 		361 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
271
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1706431275.045171"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F98D 		361 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
271
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1706431275.045171"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 72B9 		361 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
271
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1706431275.045171"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
/
eventlog.outbrain.com/logger/v1/widget/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://eventlog.outbrain.com/logger/v1/widget/
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryQLB0xWQVd81gA61Y

Response headers
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08495447018588718&referrer=&cht=ot&marketerId=004ec41dbe72b567a8c4abdb82ffdf73ba&name=PAGE_VIEW&dl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:39 GMT
Cache-Control
no-cache
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
f076d0248ef781af9e15b79228d27545
Content-Length
54
Content-Type
image/gif;
/
eventlog.outbrain.com/logger/v1/widget/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://eventlog.outbrain.com/logger/v1/widget/
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryA9cLxI3BwBiebz2B

Response headers
/
eventlog.outbrain.com/logger/v1/widget/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://eventlog.outbrain.com/logger/v1/widget/
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryFOoPZQI7znvaHqAw

Response headers
get
mv.outbrain.com/Multivac/api/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&idx=2&rand=19504&widgetJSId=AR_12&va=true&et=true&format=html&lsd=5c6c44da-5154-421b-aa75-2ed668f63e76&lsdt=1706490039639&t=NDE5Nzk4NjQ1NDRiNmE5YjQ3MDQ5ODE5Zjk2OGI4N2M=&px=629&py=7046&vpd=5846&pubInState=0&cw=341&seid=d943cfe0-ae58-ffa0-0000-018d52bb88a7%7C316%7C1&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&wdr-cosc=1&activeTab=true&version=2010628&sig=ipuIslOd&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b48089fb455c51b736328ecf08e573be53fa76d151041f33583ba3390f20c8a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 varnish
date
Mon, 29 Jan 2024 01:00:39 GMT
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
922388414852dee7ed615ac2a6c36cdd
content-length
7858
x-served-by
cache-iad-kiad7000030-IAD
pragma
no-cache
x-timer
S1706490040.763501,VS0,VE57
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
Close.svg
widgets.outbrain.com/images/widgetIcons/ 		765 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/Close.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 28 Feb 2024 01:00:39 GMT
date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"f740f788e2e26736856f7a3a12457a63:1701762072.96669"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
765
access-control-request-headers
X-OB-STG,X-OB-PRD
eyJpdSI6IjQ0ZTE3NWU4MmM0MjBlZTg5NWQ1NTUxZmFmYWViMDhmNGJiOGVjN2M1MTQzYTk1MDE4MzM0ODBhODliZGVjZWUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ0ZTE3NWU4MmM0MjBlZTg5NWQ1NTUxZmFmYWViMDhmNGJiOGVjN2M1MTQzYTk1MDE4MzM0ODBhODliZGVjZWUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.240 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Thu, 28 Dec 2023 21:12:36 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=1986684
access-control-allow-credentials
false
x-traceid
0dae31e0d2c34fab51588fef4ef929ed
timing-allow-origin
*, *
content-length
173332
eyJpdSI6IjQ0ZTE3NWU4MmM0MjBlZTg5NWQ1NTUxZmFmYWViMDhmNGJiOGVjN2M1MTQzYTk1MDE4MzM0ODBhODliZGVjZWUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		169 KB
170 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ0ZTE3NWU4MmM0MjBlZTg5NWQ1NTUxZmFmYWViMDhmNGJiOGVjN2M1MTQzYTk1MDE4MzM0ODBhODliZGVjZWUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.240 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ca1ba3868967c05a722f0fbfab76e8fa8ba769f37fb5ffa251b4cb7907a0b57

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 29 Jan 2024 01:00:39 GMT
last-modified
Thu, 28 Dec 2023 21:12:36 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-173331/173332
cache-control
max-age=1986684
access-control-allow-credentials
false
x-traceid
0dae31e0d2c34fab51588fef4ef929ed
timing-allow-origin
*, *
Content-Length
173332
pr
s.amazon-adsystem.com/v3/ Frame BD0E 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b01e847c2d14d80b3a99a2eeea3cc4333e6dcae78c4f82c88962b477fa24cba7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3195
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 29 Jan 2024 01:00:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0WTAW2MNWNDRP1PY9FY5
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame E262 		610 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
355
content-type
text/html
date
Mon, 29 Jan 2024 01:00:39 GMT
etag
"48053d50141031b1511dbd30f9a31288:1706431273.463241"
expires
Mon, 05 Feb 2024 01:00:39 GMT
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
track
servt.unrulyvideo.com/ 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=63270a3c111cb340ec60ce24&cb=1706490039805&r=nypost.com&stagid=62af35d851923c62777207b4&stplid=62b08bd1ff25cd1ac30f2fb8&d35=&cd10=622640&e=playerLoaded
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame DCBE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
content-length
1004
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1706431275.85211"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:40 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 60E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
content-length
1004
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1706431275.85211"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:40 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 5C46 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
content-length
1004
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1706431275.85211"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:40 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=05963850338839627&referrer=&marketerId=004ec41dbe72b567a8c4abdb82ffdf73ba%2C00c0feecc40196b47a738de28ad44794ac&name=PAGE_VIEW&dl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
9e05febc7ef94067f11ef29d1342a630
Content-Length
54
Content-Type
image/gif;
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0E99 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
content-length
1004
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1706431275.85211"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:40 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F98D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
content-length
1004
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1706431275.85211"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:40 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 72B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
content-length
1004
last-modified
Sun, 28 Jan 2024 07:43:59 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1706431275.85211"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 29 Jan 2024 05:00:40 GMT
ecm3
s.amazon-adsystem.com/ Frame BD0E
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3494916401524150000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3494916401524150000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y474P0PM67JJPM0TVSR2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3494916401524150000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:40 GMT
c
ids.cdnwidget.com/ 		448 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=172183057&GCS2=OTQ3MTQxOTEtNGVhZC00NzcwLWIxMjctNDBmOWY0NmY1YjMyLmxvY2Fs&pe=false&wsid=2045&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2045%2C%22loadID%22%3A%22xlJkTjA1aFaipz5%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A54%2C%22IDStageStart%22%3A54%2C%22obsReqpage%22%3A672%2C%22obsReqdata%22%3A675%2C%22obsReqview%22%3A676%2C%22netComplete%22%3A781%2C%22IDStagePrefire%22%3A781%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A-10%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%223083166010840309329%22%2C%22visitid%22%3A%221706490039300702%22%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
138b622cf91f0118f60a772ccdf5bdaafa971e208c964898a17c76757c324735

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
448
events
api.permutive.com/v2.0/batch/ 		101 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
27638e738af9deb7e04702084dcb1e9be671cac2871501d49fa8f1edf0012d07

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108
amzns2s
rtb.gumgum.com/usync/ Frame 6178 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.212.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-212-230.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f5ce53691565beaca8f499184134469a61f8df3519e8bb97dfe8407d577ca403

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 01:00:40 GMT
etag
W/"06124269b8e4b76c18b1e4d87aeba2e4e"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 7030 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f1c1fe3d0d6b57c990dfa0ee0992386598ecede7671cf28f9068798a1c3dec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a207bc674a4-MIA
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 01:00:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62YfepycfJhrdxo9On8Y7s5jLERR0%2FODzjUBGqRc6pC5j%2B3Hg68FEIyGMEBF%2BsqdhHzaaTN0lggLpQRHxTDsrABrXWAWQ9VAsucxZ47PyodnqQ7%2FZdvF0GhnQQDTFI1YrtMKgcxGXYh%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 6561 		801 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
74d23d616fa633eda7c0704909543f369520ce0152dc158ffdf9a4639843c85c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
801
date
Mon, 29 Jan 2024 01:00:40 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6523 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48095
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:40 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ms-cookie-sync.presage.io/amazon/ Frame F834 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
398d9307892369e5e3d5c483235429688b89cde5628ca0329588c903d3f14b9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 01:00:40 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 ddcac3e1d2d0eae07c0ba394a446dda2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
0At9AU-CBD6MNh6QEXheLVVcg8jpMFtFgNMSl_EpGr84eHwwXFYrNA==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Miss from cloudfront
X-Powered-By
Express
usync.html
eus.rubiconproject.com/ Frame 823A 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:40 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame C381
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
849 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
10ac56b8fd80725629c80492c1299c30ea99aa2f0cb9235be4baf0dea38511bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
849
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6658dc8946-9wsrs
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-6658dc8946-9wsrs
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 8435
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wZU9pcXRKRTJ1S085dDNTeHBzTjlUckowdFo3MVFsTn5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wZU9pcXRKRTJ1S085dDNTeHBzTjlUckowdFo3MVFsTn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
972KG4YYB7S7MC65BTNN

Redirect headers

age
0
content-length
0
date
Mon, 29 Jan 2024 01:00:40 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wZU9pcXRKRTJ1S085dDNTeHBzTjlUckowdFo3MVFsTn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 200D 		824 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
604576513449e219e31b72725101a3f2da5d0c59e371a686642d5aae0a65b1df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
465
content-type
text/html
date
Mon, 29 Jan 2024 01:00:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame EF24
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=569908430852131164&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=569908430852131164&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
HK77BF3KN4ADP9RMB99Q

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
c885293c-ae8b-4fbf-bea0-5b82892caa90
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:40 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=569908430852131164&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
ads.js
static-cdn.spot.im/production/ads/tags/v22.10.0/ads/ 		231 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.10.0/ads/ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5774e2f5fb14a259ab459c07991401f90442c38e86734d9f167540c6c1a56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
V2u_CNcyeybiBneBbaaEBXutLGwskwBj
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 11:43:07 GMT
last-modified
Tue, 16 Jan 2024 09:29:09 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
47976
x-amz-server-side-encryption
AES256
etag
W/"c2fc7ea8b4f0b5da59197f84fc0678fa"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
Fxr0KGOHJGUunxY3BPVS8oI5bm00p8snRKgHPZx2YhXzKgc8tz7Q2A==
ads.css
static-cdn.spot.im/production/ads/tags/v22.10.0/ads/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.10.0/ads/ads.css
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a3a21f3ed31652354a2a93d4fbe06d9849698a825dab43599364c49ca2d422b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
EiiW0LZOnEc1eDB5OhEtMcQpAPfpjQGj
content-encoding
br
via
1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 12:20:48 GMT
x-amz-cf-pop
PHL51-P1
age
45593
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 16 Jan 2024 09:29:09 GMT
server
AmazonS3
etag
W/"0681c3b48c466ca5f06be3da5c416960"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
xuQRHC0PQPw0r8Wyoc1zagD6g3BO3DwN_cRW9qh18XPB5s3_PoMlbA==
/
eventlog.outbrain.com/logger/v1/widget/ 		16 B
331 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eventlog.outbrain.com/logger/v1/widget/
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 29 Jan 2024 01:00:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
81047d3b6745804bdd3caf711f4ac636
ETag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Content-Length
16
Content-Type
application/json; charset=utf-8
icon-vi.svg
widgets.outbrain.com/images/widgetIcons/ 		229 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/icon-vi.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c1179965bbbc155a93a33852b756160ec48f09d26d41f96273d14f732fa74c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
content-length
182
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"91990280dce13a095a0da3a6b2fc6816:1701762086.268676"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Wed, 28 Feb 2024 01:00:40 GMT
ChevronRight.svg
widgets.outbrain.com/images/widgetIcons/ 		524 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 28 Feb 2024 01:00:40 GMT
date
Mon, 29 Jan 2024 01:00:40 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"c1dc41410784b37a37e29a21baf9aa1f:1701762072.288333"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
524
access-control-request-headers
X-OB-STG,X-OB-PRD
icon-x-white.svg
widgets.outbrain.com/images/widgetIcons/ 		559 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 28 Feb 2024 01:00:40 GMT
date
Mon, 29 Jan 2024 01:00:40 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"854eb39a3d94a8ec9977261db0c8acc8:1701762086.906992"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
559
access-control-request-headers
X-OB-STG,X-OB-PRD
ecm3
s.amazon-adsystem.com/ Frame 49E9
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=264943876892460233441
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=264943876892460233441
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
D34Y54XWYHX74TP6NJ98

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:40 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=264943876892460233441
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
l
mcdp-nydc1.outbrain.com/ 		2 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=326b9a5ef5889ccd0423247153f0aec0_770_1706490039809&tm=2509&eT=0&widgetWidth=341&widgetHeight=294&widgetX=629&widgetY=7047&tpcs=0&wRV=2010628&pVis=0&lsd=5c6c44da-5154-421b-aa75-2ed668f63e76&eIdx=&ccpa=1---&rtt=671&oo=false&lo=2818&obreq=2404&mvreq=4928&mvres=5598&cet=4g&to=1706490034806&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
b3f532723612c2498f7fe833e527d19e
Content-Length
6
get
mv.outbrain.com/Multivac/api/ 		139 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&idx=3&rand=41472&widgetJSId=AR_7&va=true&et=true&format=html&lsd=5c6c44da-5154-421b-aa75-2ed668f63e76&lsdt=1706490039639&t=NDE5Nzk4NjQ1NDRiNmE5YjQ3MDQ5ODE5Zjk2OGI4N2M=&px=0&py=2469&vpd=1269&pubInState=0&cw=1600&seid=d943cfe0-ae58-ffa0-0000-018d52bb88a7%7C1338%7C1&em=1&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&wdr-cosc=1&activeTab=true&version=2010628&sig=ipuIslOd&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a35cc1c7c21d0e0fc8806bf73abda1e3ab4a862b8b3dda54b6417b7db3e7e2f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000030-IAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 varnish
date
Mon, 29 Jan 2024 01:00:40 GMT
traffic-path
NYDC1, IAD, USA_EAST1
x-timer
S1706490040.439919,VS0,VE281
x-cache
MISS
content-type
text/javascript; charset=UTF-8
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
c4bd289ccdc76ed7abf26a1b76549a15
accept-ranges
bytes
content-length
22467
x-cache-hits
0
372.676d5f78d12ed9cac8fa.js
libs.outbrain.com/video/obVideo/current/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/372.676d5f78d12ed9cac8fa.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7406a8f6d259e49ee9bc7b197413e121fa51a6f57f2f53d70568c0b9bd999de7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 13:33:31 GMT
server
AkamaiNetStorage
etag
"c11b36079c9ecc30f1958a5a6f5ec839:1706449250.203915"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
3586
expires
Mon, 29 Jan 2024 05:00:40 GMT
668.5ed52ed9252e2dd94c3b.js
libs.outbrain.com/video/obVideo/current/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/668.5ed52ed9252e2dd94c3b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ce5142122ef0c4f0e6bcba0d78deccb30df17ec09d11616934a0870c3f552fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 13:33:31 GMT
server
AkamaiNetStorage
etag
"7e32461961a53584921dcfe556986bec:1706449253.699261"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1511
expires
Mon, 29 Jan 2024 05:00:40 GMT
848.3afdcf384a3929ffdfc8.js
libs.outbrain.com/video/obVideo/current/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/848.3afdcf384a3929ffdfc8.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7985043efef66ad58774b40d56458709f7ccaf754a993e06d09d1a705ec94628

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 13:33:31 GMT
server
AkamaiNetStorage
etag
"8b9e904b82636b004672a7b28af7dae3:1706449256.974881"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
3399
expires
Mon, 29 Jan 2024 05:00:40 GMT
334.776c810a94ad8fe1a05f.js
libs.outbrain.com/video/obVideo/current/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/334.776c810a94ad8fe1a05f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.185.54 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-185-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
17c49423ca83bd645f43eabbd3369af92b0616779c63008c769041608e58d138

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 13:33:31 GMT
server
AkamaiNetStorage
etag
"225191d8d90abf6b5efd9a5a7b834f52:1706449249.56784"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1418
expires
Mon, 29 Jan 2024 05:00:40 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=03604125308914674&referrer=&marketerId=004ec41dbe72b567a8c4abdb82ffdf73ba%2C00c0feecc40196b47a738de28ad44794ac&name=PAGE_VIEW&dl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:40 GMT
Cache-Control
no-cache
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
93ccc93790674858761dc6113c469be8
Content-Length
54
Content-Type
image/gif;
ecm3
s.amazon-adsystem.com/ Frame 200D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=27035ee4-1fb3-c844-3d5d-8fbc5d121bee
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2QESKCT0NQNB91S60X49
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
eb1244dd-93b5-e1f7-cc84-1bdeca761d47
pr-bh.ybp.yahoo.com/sync/openx/ Frame 200D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/eb1244dd-93b5-e1f7-cc84-1bdeca761d47?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 200D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=27035ee4-1fb3-c844-3d5d-8fbc5d121bee
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
849Y85K2BYFPM846D9FW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 200D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=7fd52299-0319-73be-fd53-0d2b3521d00e&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=41e24d93-d54c-44df-8e10-335978a5e3ce&ttd_puid=7fd52299-0319-73be-fd53-0d2b3521d00e&gdpr=0&gdpr_consent=
43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=41e24d93-d54c-44df-8e10-335978a5e3ce&ttd_puid=7fd52299-0319-73be-fd53-0d2b3521d00e&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=41e24d93-d54c-44df-8e10-335978a5e3ce&ttd_puid=7fd52299-0319-73be-fd53-0d2b3521d00e&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:40 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 200D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTNiYWYxNTMtY2E2ZS0yZDFhLWU4YjMtNTc5MmZmYzMxZTZl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 200D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOIMATgIsNRfwSuBVlKcJA&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOIMATgIsNRfwSuBVlKcJA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOIMATgIsNRfwSuBVlKcJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B20995705.385374959;dc_pre=CJyLtOWygYQDFQINaAgdua4OqA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/ Frame DCBE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374959;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_...
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374959;dc_pre=CJyLtOWygYQDFQINaAgdua4OqA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[ti...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374959;dc_pre=CJyLtOWygYQDFQINaAgdua4OqA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H3
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374959;dc_pre=CJyLtOWygYQDFQINaAgdua4OqA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B20995705.385374962;dc_pre=CKuRtOWygYQDFZ5eRwEd3bMOEg;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/ Frame 60E0
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374962;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_...
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374962;dc_pre=CKuRtOWygYQDFZ5eRwEd3bMOEg;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[ti...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374962;dc_pre=CKuRtOWygYQDFZ5eRwEd3bMOEg;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H3
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374962;dc_pre=CKuRtOWygYQDFZ5eRwEd3bMOEg;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B20995705.385374965;dc_pre=CN2StOWygYQDFTouiAkddyYNpA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/ Frame 5C46
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374965;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_...
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374965;dc_pre=CN2StOWygYQDFTouiAkddyYNpA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[ti...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374965;dc_pre=CN2StOWygYQDFTouiAkddyYNpA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H3
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374965;dc_pre=CN2StOWygYQDFTouiAkddyYNpA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B20995705.385374968;dc_pre=CKaytOWygYQDFVMJaAgddIYHBw;dc_trk_aid=576616723;dc_trk_cid=207984472;;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/ Frame 0E99
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374968;dc_trk_aid=576616723;dc_trk_cid=207984472;;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for...
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374968;dc_pre=CKaytOWygYQDFVMJaAgddIYHBw;dc_trk_aid=576616723;dc_trk_cid=207984472;;pn=NY+Post;sn=NY+Post+Opinion;ord=[t...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374968;dc_pre=CKaytOWygYQDFVMJaAgddIYHBw;dc_trk_aid=576616723;dc_trk_cid=207984472;;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H3
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374968;dc_pre=CKaytOWygYQDFVMJaAgddIYHBw;dc_trk_aid=576616723;dc_trk_cid=207984472;;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B20995705.385374971;dc_pre=COeutOWygYQDFa0baAgdpuIKwA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/ Frame F98D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374971;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_...
  • https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374971;dc_pre=COeutOWygYQDFa0baAgdpuIKwA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[ti...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374971;dc_pre=COeutOWygYQDFa0baAgdpuIKwA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H3
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N810774.1984505OUTBRAIN/B20995705.385374971;dc_pre=COeutOWygYQDFa0baAgdpuIKwA;dc_trk_aid=576616723;dc_trk_cid=207984472;pn=NY+Post;sn=NY+Post+Opinion;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7azz5g&campaign=prime-outbrain-us-desktop-nov23&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
gsght.com/imgp/ Frame 72B9 		43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsght.com/imgp/7azz5g&campaign=prime-outbrain-us-desktop-nov23&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
100.21.192.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-192-180.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:40 GMT
x-content-type-options
nosniff
server
envoy
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
43
expires
0
b-250cc79-36c7d7db.js
tagan.adlightning.com/nc-nypost/ Frame C9CD 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f66e180a1821e2befe2b4cd5ab7477d5ddc4b7061154facbb1f89cb9a4019ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 00:39:32 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
ZhPwUSVdbJofcN00FZJsXJD.YmbtV5Av
x-amz-cf-pop
PHL50-C1
age
951669
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25845
x-amz-meta-git_commit
250cc79
last-modified
Thu, 11 Jan 2024 20:33:36 GMT
server
AmazonS3
etag
"835f0ee42949520ad1b13d6bbfe3b912"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fGby90sGGKlt0P5xVQmLroz9y4-BqysOXlI-i6oqF_2OaOZLuxuwZQ==
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame C9CD 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jan 2024 01:00:40 GMT
x-content-type-options
nosniff
content-encoding
br
age
8229
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9365
x-served-by
cache-fra-etou8220028-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type
version
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C9CD 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:40 GMT
container.html
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:40 GMT
expires
Tue, 28 Jan 2025 01:00:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E43 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:40 GMT
expires
Tue, 28 Jan 2025 01:00:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2CA5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:40 GMT
expires
Tue, 28 Jan 2025 01:00:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-250cc79-36c7d7db.js
tagan.adlightning.com/nc-nypost/ Frame F91A 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f66e180a1821e2befe2b4cd5ab7477d5ddc4b7061154facbb1f89cb9a4019ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 00:39:32 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
ZhPwUSVdbJofcN00FZJsXJD.YmbtV5Av
x-amz-cf-pop
PHL50-C1
age
951669
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25845
x-amz-meta-git_commit
250cc79
last-modified
Thu, 11 Jan 2024 20:33:36 GMT
server
AmazonS3
etag
"835f0ee42949520ad1b13d6bbfe3b912"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BTdxF7-OnLdw9Eq2h_vBK3RdktqY9eo9WliM5nfv0i6F_cab1AIABA==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F91A 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:40 GMT
b-250cc79-36c7d7db.js
tagan.adlightning.com/nc-nypost/ Frame 6E27 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f66e180a1821e2befe2b4cd5ab7477d5ddc4b7061154facbb1f89cb9a4019ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 00:39:32 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
ZhPwUSVdbJofcN00FZJsXJD.YmbtV5Av
x-amz-cf-pop
PHL50-C1
age
951669
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25845
x-amz-meta-git_commit
250cc79
last-modified
Thu, 11 Jan 2024 20:33:36 GMT
server
AmazonS3
etag
"835f0ee42949520ad1b13d6bbfe3b912"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TB0HzKSFUAmOsmZ12uKFtTWrN8dS15HDgiVz_-jIGSYEVWwtN1oBvA==
ttj
ib.3lift.com/ Frame 6E27 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=NYPost_Sidebar_native_header
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:a000:d:c38f:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3080da5055d7afa95568d0aac138214a68ca0181b5c4d058eac1938ff2d0a2ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:50:16 GMT
content-encoding
br
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
626
etag
W/"11a6c0da40d7f31630d479d340024243c6959a28"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ekwrq_jf4xXNF-vPZYQ75zMz8oZDXLqScpvbQb73uhGfOVdEgdp9-A==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6E27 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:41 GMT
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/b27468f8-7e45-475d-a0d7-2c9803dcec62/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-67.phl50.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 08:30:54 GMT
via
1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront), 1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, PHL50-C1
age
59387
x-amzn-requestid
6d4c7277-2cf8-4c8c-bc6a-a68714b65313
x-amzn-trace-id
Root=1-65b610be-23ab125f5291cb625c57931b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
SPeNyF4ajoEETqQ=
content-length
30
x-amz-cf-id
SLHw2ANqf6pMDVwVKrnojSpjlwKV83cmNk-jDuCBhcAFo1G0HPaSuQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
crum
dsum-sec.casalemedia.com/ Frame 7030
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Zbb4t.4rlh.cZ2F6j5eVAQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1&google_hm=2
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD8ltr6mn3qK5PEyLJR%2FwwPclRYPj39GLLMSM8%2BRUV2a3frhPB809cfhX3fz5d7Tc69OGVoaT8rf573UyCwL%2FX6z5hOuYZN9Z0Cx%2FULZf29fRSw%2FotrSQGA7iNTRoq5UxPFY%2Bq2XqQ9feA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a26ca5674a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7030
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BfkcQAtAtj5y5ECy8%2BRneYfzN0pvOxHVhIZsUIt8mYhIi82sK57WisT0qPW5sJDCvkJ%2BcsF%2FJc9RN%2FwclxtICuSW%2FhtL3F%2F%2F9LaOKaXngKcIF14TCj8FO5TRPAs5VKqEYpDZN%2FCaRg1wg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a26595574a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7030
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&expiration=1709082041&gdpr=0&gdpr_consent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&expiration=1709082041&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyGJmiHMi99zlaTki9cQQaP0BUNlqephA%2B4NXdRxMycXKZaxGRYjOs%2BB0KPRCducUhOgYb%2F9kHDrLX%2B0POHCoeCk3O9PTIGpDW2iVneoV5OUhSxKy4OqETlztUrIjYzxM9Pt7Wg1qnGvDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a26da6974a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&expiration=1709082041&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:41 GMT
server
Kestrel
content-length
323
dcm
s.amazon-adsystem.com/ Frame 7030 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YZY01B7PCRCX614XBEB2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7030
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969751697415783635
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969751697415783635
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PD%2Bvd49veEIRblfhUGo3IMnnf4%2BoXTbgmamSAIy2%2BqWCJ6dwr16qQjgugA6Leyk0XgpW3%2FKXGJHWqR6Nt1JXNRrEwE7gyfueg2%2BWKj5L5N1eAjTD%2Bb%2BKyu8%2FixFfr1qR4%2BOIbHzNtwpKSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a274b8574a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969751697415783635
Date
Mon, 29 Jan 2024 01:00:41 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7030
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
date
Mon, 29 Jan 2024 01:00:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieIndex
rtb.adentifi.com/ Frame 7030 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.178.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-178-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7030 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ecm3
s.amazon-adsystem.com/ Frame 7030 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V2GZ06DMEMW5B23X3CM9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 01:00:41 GMT
ecm3
s.amazon-adsystem.com/ Frame 6561 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ABC0TRH2E2B55MYKAFJ0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 6561
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:41 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 6561
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NzBiYzU1M2QtMTdlYy00MjJiLWE3YWMtZWVlYjVlYzFjMDJi
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesyncredir
bttrack.com/pixel/ Frame 6561 		35 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DFGhqNjC2WnFmmvNpTL32LMME%26source_user_id%3D%7Bglobalid%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.67.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:11 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
v1
match.sharethrough.com/sync/ Frame 6561
Redirect Chain
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=569908430852131164
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=569908430852131164
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
an-x-request-uuid
b6ad99b0-1b91-41ed-b775-ed4c174cd3f4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=569908430852131164
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=569908430852131164
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
an-x-request-uuid
e66b6947-1fb4-43ad-a33d-a94744d6fa53
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=_yqhSoo3r-oo_L9rgKV70
  • https://usersync.gumgum.com/usersync?b=bsw&i=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Date
Mon, 29 Jan 2024 01:00:41 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
content-length
0
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=2686f86f-e79d-485e-ba10-74b2c691a418
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=2686f86f-e79d-485e-ba10-74b2c691a418
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=2686f86f-e79d-485e-ba10-74b2c691a418
Date
Mon, 29 Jan 2024 01:00:41 GMT
Connection
keep-alive
X-CI-RTID
704e029a-95c8-4432-ad68-414c0a114113
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 6178 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:40 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
usersync
usersync.gumgum.com/ Frame 6178
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2405212159101885593
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2405212159101885593
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2405212159101885593
date
Mon, 29 Jan 2024 01:00:40 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 6178 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_409f2738-bb72-42b8-beec-9dce4873490b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
72B5GM13XR41J6S67ATK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame C381
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=WnU1eHJGMUM4d0xGcTNUcFVhOGVvZw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAS2oUkwXmmHC5Pi8aFgQXg&google_cver=1
49 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAS2oUkwXmmHC5Pi8aFgQXg&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAS2oUkwXmmHC5Pi8aFgQXg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame C381
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=179e2a365635108b&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHaYfdwKIClQMIjRPkAAAAAAA&expiration=1706576441&nuid=&is_secure=true&gdpr_consent=&gdpr=0
49 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHaYfdwKIClQMIjRPkAAAAAAA&expiration=1706576441&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHaYfdwKIClQMIjRPkAAAAAAA&expiration=1706576441&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame C381 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H8rkIRuldlvq&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VCD6C4WEC1SQ9TAFPXF2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 823A 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76185
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
ecm3
s.amazon-adsystem.com/ Frame F834 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ogury.com&id=681e0275-e311-4b50-a4f4-e8072169643a
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0HV4D2YY70MJR7290V1R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-switch
ms-cookie-sync.presage.io/v1/init-sync/ Frame F834 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/v1/init-sync/bid-switch?iab_string=undefined&web_uid=681e0275-e311-4b50-a4f4-e8072169643a&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Via
1.1 ddcac3e1d2d0eae07c0ba394a446dda2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL51-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 14 Nov 2023 09:23:53 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
t7LkZqcfjQD0JhjG1BstiTB_ET15flik8dijNVhHq57FJeaWgdHI9A==
Expires
0
init-sync
ms-cookie-sync.presage.io/ttd/ Frame F834 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/ttd/init-sync?iab_string=undefined&web_uid=681e0275-e311-4b50-a4f4-e8072169643a&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Via
1.1 ddcac3e1d2d0eae07c0ba394a446dda2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL51-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 14 Nov 2023 09:23:53 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
IBEI7okhJTv2183-5iSSPYevD6a15HhGU_FSMGD_diVr6Vswh2wb2g==
Expires
0
user-sync
ms-cookie-sync.presage.io/ Frame F834
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9858090441216&gdpr=0&consent=undefined
  • https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUfc6cf69a06944a8a99d5012486ed4622
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUfc6cf69a06944a8a99d5012486ed4622
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Via
1.1 ddcac3e1d2d0eae07c0ba394a446dda2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL51-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
S3nD6WP5vxOus9qA-XjKiTb_fuWuexeHQEK7cNs5EI_T89p_V2PwkA==
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUfc6cf69a06944a8a99d5012486ed4622
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
162
expires
Mon, 01 Jan 1990 00:00:00 GMT
user-sync
ms-cookie-sync.presage.io/ Frame F834
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26g...
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26g...
  • https://ms-cookie-sync.presage.io/user-sync?raudience_id=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&gdpr=0&gdpr_consent=undefined
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?raudience_id=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&gdpr=0&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:42 GMT
Via
1.1 ddcac3e1d2d0eae07c0ba394a446dda2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL51-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
vnNAythCtyVMWAVDXHY8_HitxKMoXKk2RQeXFLUvGMU-9pGyz-Hgfg==
Expires
0

Redirect headers

location
https://ms-cookie-sync.presage.io/user-sync?raudience_id=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&gdpr=0&gdpr_consent=undefined
date
Mon, 29 Jan 2024 00:59:00 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
usersync
usersync.gumgum.com/ Frame E277
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 29 Jan 2024 01:00:41 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame AC4D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80MDlmMjczOC1iYjcyLTQyYjgtYmVlYy05ZGNlNDg3MzQ5MGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB16 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48094
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:41 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 66FE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Mon, 29 Jan 2024 01:00:41 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
server
Kestrel
usersync
usersync.gumgum.com/ Frame 8DEB
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Zbb4ucCo5swAACZwrzgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Zbb4ucCo5swAACZwrzgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:42 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:41 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Zbb4ucCo5swAACZwrzgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad446.dc4p.scaleout.jp
X-SO-IP
38.132.118.73
X-SO-Key
Zbb4ucCo5swAACZwrzgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.73","key":"Zbb4ucCo5swAACZwrzgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad446"}
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad446
usersync
usersync.gumgum.com/ Frame 4443
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 29 Jan 2024 01:00:41 GMT Mon, 29 Jan 2024 01:00:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=gumgum
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 7077
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:41 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 3BB5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:41 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame FCDB 		707 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.101 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.101.rdns.racklot.com
Software
/
Resource Hash
d78063ea383cd02feabdc01754606691b4f7f5cb39dfbb246a55207c3105248f

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
707
content-type
text/html
date
Mon, 29 Jan 2024 01:00:40 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ Frame F834 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:12:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=25727
accept-ranges
bytes
content-length
2416
expires
Mon, 29 Jan 2024 08:09:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C9CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuSTd7C9tiM-ofxiKaWJwKbKg5sptxDCmh3kBP01iJgwItvdgf_z2JdmK9jxQwtMCXUXD986VPsN6ngKNVK2sJBDNaNAA_2K16dhhae6eAy0iLvNIldhdmCzcJZS81WUx1lXsoJ58RPcpnHI72XX1ssVjaB49daY7tSNQ92VBgf8rA71VWIL64x6ScfowoVuWEhbXY2x4BE26fznuIFXxJEJU2RvY2nkyT7jdX-HgV3VsNpXafxCluuJcmHY0tNZPJTKUw8IMf4rk-PSlROdds-BnBOWPSXfC3qAHYwfzFhpKFX9hqs-dcNux51vuWW4a-qN5oPh1epxsj6pxVP_Rhk-jZyjver-n6R5SEDMEEEDkmO-whCkf9xRFPL6M_XRKPiSJNGw&sai=AMfl-YQf3MbdfN0x5Gmh_csgQjwm9KVjkt8xUvDn6UN-sF_6RW8ppT8z7QudOLNMvOXZXoxek4Xafv7t0mPyfjNDZsKNuNtc_pFLZnkb1ib6rHCMH5i0AXjaz9ZwxKhTKk_z535w-x_YiUVpg9_dqqLQkU8&sig=Cg0ArKJSzKkkkHbM06myEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F91A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZekGOa05AaJGiViyM3ZoOn2BHWRGUkNvOs2LFlTzaHai6EVTkQJSlxQY7r4N7VnkKU6iRKgdPgn5jFjXMeXSBcazzeEIGpoEI2DAGwSGpIS9FsfF2c4Vtr1JM-YibS8CcqbeN-QGuXJCl8iDUbTZYqWY7v7xlncaqcNYtSX6DJ4hJF0rSzIFAd04mxXEG3gsmZd6i2yvTqv7CEy_a1r2eVrkIYzy0ipG3igl-MxYtlpj1QuPqqwc3R0-8svPMZxMJtcdyiACLX05GK02KttZ2A-c1dyvFbrpqQKj-ZeyakUABzI22mGVEZ7EBpLAm8P6gorlp907YqwXDXn4otF6psqymNL0fjGXlyxGaurI&sai=AMfl-YSDrXSGXP7xsPFW3p8RfQ2uJ9M8KcmAv3G4TuM-J-JjW3DhoEi6sOXqNPvcshnN8_iF9akOND2V2nl8ovTa4ORFxQZfyyBzLmaYkdHy3tmlT9hPzp3cfZU_FDq9jF-aWDH6uNBNqfFjq78kL8gIbvU&sig=Cg0ArKJSzATxpMqFiUyPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
capi.connatix.com/tr/ Frame F91A 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=e76d8a5c-7d10-4203-aeeb-d1d5576ed2a1&cid=b582666c-87a2-4193-8dad-2c835c276570
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a27aff8258e-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame 6E27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDWkKYkY5X76xFNSlDp_KjWtJcSfmw-rBMTU82LwOyuTxi7dgWM8GpyXTW9ESvVJPXQ7RSOJfTYbMa4b2wMV5mM4GJm4dfY2MlPWKYMHDHHgKWy5Qf66NsnYoRoeg4RJDkOweqiy0hkRkaM1nBO7lEeBZkDRibSRgPjPP-lpz-1kBIYcqGZyqSqkaX-DTLGY66DsRjxnPsUVxLHKqv_JxzA28mgBfJ_aHWKf0HPYvTKMA8DoCPqx3BmgaEi5vHw0VW_IUaYe-FU8drynSitaIDnggm8XFrTBYJYUnoAsbJLah7FXLTqUJ7IzOfJPOEdfA17u3NbSHSOAHcRhQFWpTx44TvcouVREpdN76nAWU&sai=AMfl-YS3vRwRJbJVHwI7AVM1Y-6Yju6aCyEZYa5MAZT2b9hLbQPJ_tiQoZtOC_7L8siakjSFntuI8cseRxvtgB1MfyD6UxKNH9JKv1lmxSjJFnkOO6GU8krJSKDgEYI2A6EQ6blKNqtOeK21HNhpASamAGs&sig=Cg0ArKJSzD6OA9q_hMFqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bl-904ac2d-836b3a7d.js
tagan.adlightning.com/nc-nypost/ Frame B3CA 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-904ac2d-836b3a7d.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61db1239fcfeca84556d6ab5a43123fac064538f61d9774b98459def7b0e6600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 01:40:50 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
VE_8h5Qlmo116cSZLfeFXJ.bcbjJ6Cp6
x-amz-cf-pop
PHL50-C1
age
83992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39058
x-amz-meta-git_commit
904ac2d
last-modified
Sun, 28 Jan 2024 01:17:38 GMT
server
AmazonS3
etag
"db214d0faa1b77f74a18b40bfa970a10"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
C7n4QZL0cyKXOs65UAB5T40L1rIBrKEOcmRU4P8qYwgtyzfcTK0qSQ==
b-250cc79-36c7d7db.js
tagan.adlightning.com/nc-nypost/ Frame B3CA 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f66e180a1821e2befe2b4cd5ab7477d5ddc4b7061154facbb1f89cb9a4019ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 00:39:32 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
ZhPwUSVdbJofcN00FZJsXJD.YmbtV5Av
x-amz-cf-pop
PHL50-C1
age
951670
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25845
x-amz-meta-git_commit
250cc79
last-modified
Thu, 11 Jan 2024 20:33:36 GMT
server
AmazonS3
etag
"835f0ee42949520ad1b13d6bbfe3b912"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
grQTsZb9eGqmeX3M0PNbQepBRvaQbAefNW2Ax8mvDHpjxISlaTWnGA==
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B3CA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
70491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Jan 2025 05:25:50 GMT
creative.js
us.tags.newscgp.com/prod/prebid/UniversalCreative/ Frame B3CA 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/prebid/UniversalCreative/creative.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-84.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dca2854a6a840fd41137b18c73642fc6b7dabcb5a1d3e12db80a72b1f419a96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:32:10 GMT
Content-Encoding
gzip
Via
1.1 bbd89b29eb16bb369cdc097594fa8260.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Aug 2020 22:33:55 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL51-P1
Age
1712
ETag
W/"723923b002b9b25d0432fe21c65780e3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
y_9QdZ5A-BH4HiSAeVaXukCO0580JOJ6rw5s7dXxosRmF0Kl1q1Ltg==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B3CA 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:42 GMT
bl-904ac2d-836b3a7d.js
tagan.adlightning.com/nc-nypost/ Frame 8E43 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-904ac2d-836b3a7d.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61db1239fcfeca84556d6ab5a43123fac064538f61d9774b98459def7b0e6600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 01:40:50 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
VE_8h5Qlmo116cSZLfeFXJ.bcbjJ6Cp6
x-amz-cf-pop
PHL50-C1
age
83992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39058
x-amz-meta-git_commit
904ac2d
last-modified
Sun, 28 Jan 2024 01:17:38 GMT
server
AmazonS3
etag
"db214d0faa1b77f74a18b40bfa970a10"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
f-hgJ8jc5e7WQwScItorkhjZLmvBurVmdLuskBauMfhuTgmudosZ5w==
b-250cc79-36c7d7db.js
tagan.adlightning.com/nc-nypost/ Frame 8E43 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f66e180a1821e2befe2b4cd5ab7477d5ddc4b7061154facbb1f89cb9a4019ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 00:39:32 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
ZhPwUSVdbJofcN00FZJsXJD.YmbtV5Av
x-amz-cf-pop
PHL50-C1
age
951670
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25845
x-amz-meta-git_commit
250cc79
last-modified
Thu, 11 Jan 2024 20:33:36 GMT
server
AmazonS3
etag
"835f0ee42949520ad1b13d6bbfe3b912"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UAaZpsBJ7707VVc7pZmJ6R9Is2Atp2Vi_XSYOrxJ6SMOXrYi5ExWMQ==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 8E43 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:38:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
26512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 17:38:50 GMT
css
fonts.googleapis.com/ Frame 8E43 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 28 Jan 2024 23:37:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 01:00:41 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 8E43 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:59:57 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 8E43 		378 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134582
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:26:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8E43 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:41:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
26359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 17:41:22 GMT
l
www.google.com/ads/measurement/ Frame 8E43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2OOCIlueXvxyUyBSBEp0M-zUVEiucAw_qKCOm_gd2mdV6t2g5gI_eFw_WJvPg1TIPZ__lNt4Goe1sHgN_JSJsrGDQ4w
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
bl-904ac2d-836b3a7d.js
tagan.adlightning.com/nc-nypost/ Frame 2CA5 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/bl-904ac2d-836b3a7d.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61db1239fcfeca84556d6ab5a43123fac064538f61d9774b98459def7b0e6600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 01:40:50 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
VE_8h5Qlmo116cSZLfeFXJ.bcbjJ6Cp6
x-amz-cf-pop
PHL50-C1
age
83992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39058
x-amz-meta-git_commit
904ac2d
last-modified
Sun, 28 Jan 2024 01:17:38 GMT
server
AmazonS3
etag
"db214d0faa1b77f74a18b40bfa970a10"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UuCjIQN3imT3mFar_2jItHSjpyFR5dioHfcsE9yCu_UfQCSSA6WpGw==
b-250cc79-36c7d7db.js
tagan.adlightning.com/nc-nypost/ Frame 2CA5 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f66e180a1821e2befe2b4cd5ab7477d5ddc4b7061154facbb1f89cb9a4019ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 00:39:32 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-version-id
ZhPwUSVdbJofcN00FZJsXJD.YmbtV5Av
x-amz-cf-pop
PHL50-C1
age
951670
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25845
x-amz-meta-git_commit
250cc79
last-modified
Thu, 11 Jan 2024 20:33:36 GMT
server
AmazonS3
etag
"835f0ee42949520ad1b13d6bbfe3b912"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kxMhO5ss-Xfk24iYdFl6d95WSVWVAuC0mzHl2F0baJxXPWHdsAILZw==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 2CA5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:38:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
26512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 17:38:50 GMT
css
fonts.googleapis.com/ Frame 2CA5 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 28 Jan 2024 23:41:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 01:00:41 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 2CA5 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:59:57 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 2CA5 		378 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134582
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:26:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 2CA5 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:41:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
26359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 17:41:22 GMT
l
www.google.com/ads/measurement/ Frame 2CA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS64NkleDqLXOPsOv6WTxFfkoiiIN0UA75gcHCqwKpmOEChTHBT8vqX8OQwYgpmLh_h7J6owHEBghHHnnvl-FGdqfNgPQ
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
aniview.js
player.aniview.com/script/6.1/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
63d06182aa189f102b1790b003051b3ad7783a99c5a528b3c55ba14bd84a3af5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:41 GMT
date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPr5ubk4Akqs6nBkbBK5i-u2s93G6fY5jf42Lg-vTx2dK39uUdGn57F4Y4fsra3tRVzrD1g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
13581
last-modified
Sun, 28 Jan 2024 08:10:27 GMT
server
UploadServer
etag
"3e195ee5372f688c30c00f24f9db0372"
vary
Accept-Encoding
x-goog-generation
1706429427838099
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=k4ZIYQ==, md5=Phle5TcvaIwwwA8k+dsDcg==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
13581
accept-ranges
bytes
quic-version
0x00000001
vpts.js
static.vidazoo.com/basev/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vpts.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0ecd0b7c8e4db72578c8d28429bff3a47a2d8f306e3c9ecce4f34403b9ed83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
C3QQMF5FY2EN7Z84
age
65580
content-length
10884
x-amz-id-2
UFNvVQGAv8vW3PwLtu9ihWeAmGrNuFN7H/ybKaWmGbvvOKjKQkFFs4rPwKJ4UCt0YjWNTP54f2s=
last-modified
Tue, 08 Jun 2021 05:47:52 GMT
server
cloudflare
etag
"c5a750a1ed58c511f163f50523350222"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84cd8a283a914c32-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 30 Jan 2024 01:00:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6922 		663 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKGWowEQ2aidoQIY9eTImAEwAQ&v=APEucNVZZs7qwoQgxQ_IG7BOUelWLgHJ6xBV_MnvKEWCdf4nmmUBnGfFGYo2d6Rc54zKVIMQbYfuelvh92GLt6CApguuINQC6g
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C9CD 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9CD 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwTTYy38P6HyydQLAUFzTXGt4k1ezKU7CIqqaM0zCit4K_vlBIy-19JJx9vIxZ6kie2KKL92BhtW5vlE0G22gtwxl8o0WKTbqX9xZzEYJ5rtmSkog
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0cff77c6-7c81-4061-9466-2e3d85489baf
beacon-iad2.rubiconproject.com/beacon/d/ Frame C9CD 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/0cff77c6-7c81-4061-9466-2e3d85489baf?oo=0&accountId=11076&siteId=26782&zoneId=199546&sizeId=15&e=6A1E40E384DA563B50CC156E66EF7F702396CE9C83EBE7D784BFDB17F04E6B7833B856963AC3024E0753FA3689605DC3E9F89206FC79094ABADCA0DFA24688162EE41E454F18853B19724E95960A05FB648457E7F1C943F8A7C40DBC7E0DF7F8A6172A49290A6C99D959B29D5F9CB3967DD0B3F26142B1583C866BC9E6E51F3939C80475A490F8C21A3D20F1FD18EC2DF6495147F0D69CA73CCD62AAB65D944430E98263E8E00EB2BDB80FCB65D9F1468657F22D009B2DC6CDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::44 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame F91A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13bf29a6c0d922b08b38998323cf01dfe04ba03528cf56f45ada24862b622c19

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
user-sync
ms-cookie-sync.presage.io/ Frame FCDB 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?equativ_id=2405212159101885593&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:41 GMT
Via
1.1 bbd89b29eb16bb369cdc097594fa8260.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL51-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
uNQNpl58RtLvhju1Iy_lBDa8Ea_XJkoZBCgNI0hGUvtZ705eDYIr8g==
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame FCDB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
216.22.16.72 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:41 GMT
server
Kestrel
content-length
299
/
rtb-csync.smartadserver.com/redir/ Frame FCDB
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0a1822040049791feeac8450&gdpr=0&gdpr_consent=
43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0a1822040049791feeac8450&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
216.22.16.72 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0a1822040049791feeac8450&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:42 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
p
a.audrte.com/ Frame FCDB
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MGg3SU9GOTFzM0VTVm1FQTlqdnl5SmEwdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDBoN0lPRjkxczNFU1ZtRUE5...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=6499456437357126316&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=0h7IOF91s3ESVmEA9jvyyJa0w&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=2405212159101885593&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
52.209.41.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-41-250.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:44 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 29 Jan 2024 01:00:43 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame FCDB
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3966009720
  • https://sync.1rx.io/usersync/tradedesk/41e24d93-d54c-44df-8e10-335978a5e3ce
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-4949403a-4...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
216.22.16.72 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
date
Mon, 29 Jan 2024 01:00:42 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
connatix.player.js
cds.connatix.com/p/418625/ Frame A815
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=b582666c-87a2-4193-8dad-2c835c276570
  • https://cds.connatix.com/p/418625/connatix.player.js?cid=b582666c-87a2-4193-8dad-2c835c276570
1 MB
329 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/418625/connatix.player.js?cid=b582666c-87a2-4193-8dad-2c835c276570
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b42ceaa3cdaf410182576ab90163161869e5f665f914ecfa74b1793f93e85963

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
x-amz-version-id
fiFAVsxuHsMtkFYiudOKWlHu7o7.Pc18
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 17:26:21 GMT
server
cloudflare
etag
W/"4ad74fbc2ff189992fe7c19abf6e2ff1"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
84cd8a2a8d682884-MIA
access-control-allow-headers
range
expires
Tue, 28 Jan 2025 01:00:42 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/418625/connatix.player.js?cid=b582666c-87a2-4193-8dad-2c835c276570
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a28d9f42884-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
PugMaster
image6.pubmatic.com/AdServer/ Frame 6523 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58336461&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f471505a54743d89e160b0e9c30e3ac84916c10281db46b7299a448724e9a289

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 29 Jan 2024 01:00:40 GMT
content-length
1731
content-type
text/html; charset=UTF-8
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:41 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
bundle.js
ib.3lift.com/rev/458f880ef4a101951162c31c5218b9aa361ddd34/dist/ Frame 6E27 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/458f880ef4a101951162c31c5218b9aa361ddd34/dist/bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:a000:d:c38f:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53fa82bd2f08c22a774a32a3a433987d3f7c00f7cd7775e927f4056bb1cf1382

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 22:26:24 GMT
content-encoding
br
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 22:24:40 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
268458
etag
W/"d95e7c1910a9db4ea0282cc7842669bf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
20aVtNPCHDr1KVzhVRiOKgP_rTP6m4EHrezyO8BEzFIsIgBo1HMd5Q==
truncated
/ Frame 6E27 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8554344093a05b794192c16dc5a907857f3f08e37a42aeb62435f2e5af3b493

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/b27468f8-7e45-475d-a0d7-2c9803dcec62/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-67.phl50.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 08:30:54 GMT
via
1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront), 1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, PHL50-C1
age
59387
x-amzn-requestid
6d4c7277-2cf8-4c8c-bc6a-a68714b65313
x-amzn-trace-id
Root=1-65b610be-23ab125f5291cb625c57931b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
SPeNyF4ajoEETqQ=
content-length
30
x-amz-cf-id
xssBBFTSsxDQq9DmV0u0i6o_Eu5ydqu8H4gigTLdwi9mVjVXyXMB4w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
13511
check.analytics.rlcdn.com/check/ 		25 B
386 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13511
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-23.phl50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-trace-id
Root=1-65b6f8ba-2162c445765c19473912f9c4
x-amzn-requestid
b301c96b-df34-43bb-98a8-2e97091781ec
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
SRvNHFivDoEEPPg=
content-length
25
x-amz-cf-id
Mg15WNMsaJ_ZvV06fG9lMw3JYPih7nRrlvTzBWfKp1is3ErHzHLmfg==
view
securepubads.g.doubleclick.net/pcs/ Frame F91A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAdxZF_f26A_TW_Y5ZUZZjfHn_iC-C_Exn02EJP2QS58ogsbAO5xYnJELmypOBy-W9yWuSmqObAvc7ke75IWcVdbqlDp1T_NkCECUu-E1O0IP2gJazZQsPjXEJOpXauTM8ekfMrbZwR7JwYOhJX-AFp0MsHuls_4kALCoVSdoMxLQVITuYeHjDKbhPrOXt3ss75CPSZtcig9-hhUncT90EompqXJcPkYnj8h2OMk_Tsiuxn0SXtRIHrLBeY9hmFymwF1ViEMVmsAVzUeVXzndCuPMKEfph8ef4mfvr_p8UgMOEOvQfkfrN0aQ0-0eX8alvn8OvPvInQHg3BZ-TQdK2XGIOQFfMRPPu8n7EVBNGng&sai=AMfl-YSH2krMoQkVbVBr8nvkI-oaY9HUvhMFbQjFCAtqaMgH_qPBpzrS0fRW_iUTyqpcPDhABoSW1S51cIkvUz2vDz5Rt8WxDTWTUXadGCPGIQuh-BD4UlT-Q61Krm5UPzrdLIjQPBkK5M20E9xAAZR_7bE&sig=Cg0ArKJSzGJinaR-9igdEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 29 Jan 2024 01:00:42 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 29 Jan 2024 01:00:41 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-id
RMUgwRsXFUWaFPrdnvw1ZXRdyM8eHW6ZOCDpd1OEXtIoxZm_8-rXuQ==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/ 		28 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.10.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
27d6e04117f3668e5a9c9f509f39de6857b0aab7004732a1febb0b30b8d79449
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-guid
71f3befa-7111-46eb-8308-02c08342e2dd
x-post-id
22800468
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-access-token
null

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
gzip
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
x-request-id
d32aa0a6-be41-11ee-b081-8e7179c6b195
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
OjnFmnY6Vq6Q87bzIMaMYomZVD2qOuKu7XaYQuX4EEc-iVPYgh6rAA==
cs
cs.lkqd.net/ Frame 6922
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFNNohK6F8p3qiNrheBmyug&google_cver=1
43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFNNohK6F8p3qiNrheBmyug&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKGWowEQ2aidoQIY9eTImAEwAQ&v=APEucNVZZs7qwoQgxQ_IG7BOUelWLgHJ6xBV_MnvKEWCdf4nmmUBnGfFGYo2d6Rc54zKVIMQbYfuelvh92GLt6CApguuINQC6g
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFNNohK6F8p3qiNrheBmyug&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6922
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=WHlaQ3pDWjh1cm8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=WHlaQ3pDWjh1cm8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKGWowEQ2aidoQIY9eTImAEwAQ&v=APEucNVZZs7qwoQgxQ_IG7BOUelWLgHJ6xBV_MnvKEWCdf4nmmUBnGfFGYo2d6Rc54zKVIMQbYfuelvh92GLt6CApguuINQC6g
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=WHlaQ3pDWjh1cm8
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 6922
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKGWowEQ2aidoQIY9eTImAEwAQ&v=APEucNVZZs7qwoQgxQ_IG7BOUelWLgHJ6xBV_MnvKEWCdf4nmmUBnGfFGYo2d6Rc54zKVIMQbYfuelvh92GLt6CApguuINQC6g
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlzewVzSaAnIv9pWaN2nhAFDqKbgDYzEqOOOr%2BKmEmr%2BWsRyLf2Qv4EMdAAxVzLZk51pqnD6KXjLWutCGMgcpr%2FM%2FpYRhiiDG53quAgdzSiO5OnQbU5LlJx5uAFSma2bUHyaNYNcj%2BqxEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a2c0f3974a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6922
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbb4t.4rlh.cZ2F6j5eVAQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1&google_hm=2
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKGWowEQ2aidoQIY9eTImAEwAQ&v=APEucNVZZs7qwoQgxQ_IG7BOUelWLgHJ6xBV_MnvKEWCdf4nmmUBnGfFGYo2d6Rc54zKVIMQbYfuelvh92GLt6CApguuINQC6g
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpKbqVLnXLLaZNjpgU4epsydUyE%2FLzGvXtpR3oG4ypNO%2BTylcjvop9e5IrdXUPZL3hSHhllYes9cS5T%2Fv9MrV3qcpDdArtJ31kDncGvt%2FFEX2f%2B4LB3EheFowTGM7ei7fbyzrWAFYjZuDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a2c784b74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQyDRf1FKUJZ6tG-krDtqo&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
pb-logs.media.net/ 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&dn=nypost.com&ref=&screen=1600x1200&cid=8CU3I8M1G&lper=1&plper=&gdpr=0&ccpa=1---&ajx=1&pbv=v8.27.0&pbav=1.0.0&flt=1&supcrid=div-gpt-ad-rec_atf&tmax=2000&ismn=1&vplcmtt=&sts=0&ets=1058&tts=1168&wts=3414&aucstatus=completed&acid=ed16bba1-dbb8-4d69-bef6-876791b55ddc&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=RA&reqId=307448a83b669a&ogReqId=&adid=59d2bd177b20f5f&pvnm=rubicon&src=client&ogbdp=0.18&bdp=0.18&cbdp=0.18&dfpbd=0.18&szs=300x250%7C300x600&size=300x250&mtype=banner&dId=&winner=1&curr=USD&rests=787&status=1&iwb=1&bidflr=&flrrule=&rtime=&targ=%7B%22hb_domain%22%3A%22nypost.com%22%2C%22hb_auction_id%22%3A%22ed16bba1-dbb8-4d69-bef6-876791b55ddc%22%2C%22hb_crid%22%3A%222249%3A319959669%22%2C%22hb_dsp%22%3A%222249%22%2C%22hb_adomain%22%3A%22northfortlauderdalesubaru.com%22%2C%22hb_format%22%3A%22banner%22%2C%22hb_source%22%3A%22client%22%2C%22hb_deal_priority%22%3A%22%22%2C%22hb_size%22%3A%22300x250%22%2C%22hb_pb%22%3A%220.18%22%2C%22hb_adid%22%3A%2259d2bd177b20f5f%22%2C%22hb_bidder%22%3A%22rubicon%22%2C%22mnadc%22%3A%22div-gpt-ad-rec_atf%22%7D
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Jan 2024 01:00:41 GMT
content-length
35
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 7077 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76185
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
sp_Sx8YukwE
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 29 Jan 2024 01:00:41 GMT
server
fasthttp
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-id
r2dv4cH3kj5ydOqoC_4YUNS8NpaaG-k-c_bvJ_Emn7mM5KsgFI72ow==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
authenticate
api-2-0.spot.im/v1.0.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 29 Jan 2024 01:00:41 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-id
lDTL7pDxC0WohhQyCg572y4m89UDO4DwSOwxdG5yO1elg5LU-GArqQ==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
sp_Sx8YukwE
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ 		25 B
792 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_Sx8YukwE
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Accept
application/json
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 00:58:12 GMT
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
150
x-cache
Hit from cloudfront
content-length
25
x-request-id
79c79d36-be41-11ee-aa12-2a59d1f885bc
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
K527aVQqN6_WbljTt2q2libdXloDYNG5k5yCS5RmxlQywsVTlFwwmw==
authenticate
api-2-0.spot.im/v1.0.0/ 		356 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/shell-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
f7bc5927ca658577bb40ec1252e6eb8086cdd57b778c385910131b9be297a6ba
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spot-id
sp_Sx8YukwE
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-post-id
22800468
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
356
x-spotim-token
012401297M6NdO.1a1f46074f720b62663dafc6484025bedff6f557f692ac1fb65fe7b39244aecf
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfUFZlelZ6SG9aWEVRIiwiZGlzcGxheV9uYW1lIjoiUmVkR2xhc3NlcyIsInVzZXJfbmFtZSI6IlJlZEdsYXNzZXMiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjUmVkLUdsYXNzZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNzA2NDkwMDQyLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjQwMTI5N002TmRPLjFhMWY0NjA3NGY3MjBiNjI2NjNkYWZjNjQ4NDAyNWJlZGZmNmY1NTdmNjkyYWMxZmI2NWZlN2IzOTI0NGFlY2YiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTWFWcWRZV1ZIeXN6QzR5RG5JdWgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzM0OTEyMDQyLCJzdWIiOiJ1X1BWZXpWekhvWlhFUSJ9.ovscRX6d9pLUkBVvHqkeh6l6UZM9BhB_oV0ftXBtu_4
x-request-id
d35438dd-be41-11ee-acf0-bee5aa331a89
x-guid
71f3befa-7111-46eb-8308-02c08342e2dd
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
Bar6nxl5bJFvT2jTbCTeJ2coN1GOoFtxdftK4XIpxxyONjDgzNoR-g==
usync.js
eus.rubiconproject.com/ Frame 3BB5 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76185
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
hash.gif
pix.cdnwidget.com/
Redirect Chain
  • https://pix.cdnwidget.com/redirect?CID=2bbiBC2yVMrXwhq8yxcSY5MdPYa&DID=2bbiB7GCilGdiXnVecd4SJxgZ4U&v=&iv=&deviceid=3083166010840309329&visitid=1706490039300702&wsid=2045&apikey=2^HIykD
  • https://pippio.com/api/sync?pid=5749
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
68 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
34.149.254.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.254.149.34.bc.googleusercontent.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

date
Mon, 29 Jan 2024 01:00:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0DZ7LHF5PZ&gtm=45je41o0v895130382&_p=1706490036249&gcd=11l1l1l1l1&dma=0&cid=649758697.1706490038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706490041&sct=1&seg=0&dl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&dt=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&en=Outbrain&_fv=1&_ss=1&_ee=1&ep.event_action=loaded&ep.event_category=widget&ep.outbrain_id=AR_3&tfd=7095
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1848559469&t=event&_s=2&dl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&ul=en-us&de=UTF-8&dt=The%20trillions%20in%20COVID%20relief%20money%20led%20to%20billions%20in%20fraud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Outbrain&ea=loaded&el=widget%20AR_3&_u=aHBAiEAjBAQCAGAAI~&jid=&gjid=&cid=649758697.1706490038&tid=UA-3922003-6&_gid=2119401761.1706490038&cd88=649758697.1706490038&cd8=desktop&cd3=benefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernment%20spending&cd2=Veronique%20de%20Rugy&cd1=article&cd5=standard&cd6=Why%20the%20trillions%20in%20COVID-19%20relief%20money%20led%20to%20billions%20in%20fraud&cd7=&cd12=Why%20the%20trillions%20in%20COVID-19%20relief%20money%20led%20to%20billions%20in%20fraud&cd9=2022-06-24&cd10=19%3A%2051&cd11=22800468&cd4=opinion&cd15=Coronavirus&cd87=Outbrain%20Guarantee&cd16=747&cd17=no&cd40=no&cd44=no&cd54=true&cd76=In-line&cd21=yes&cd46=false&cg1=article&cg2=opinion&cg3=nypost.com&z=1048373391
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 15:03:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35820
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 01:00:42 GMT
918-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		137 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/918-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94472b67a72a6e77e8421965e7cc558f19aed093e270e4609fcb37026e77ed13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 10:15:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
OMXxAtnXcw8gaPYK_yVv2NWv1GN1a.nS
x-amz-cf-pop
PHL51-P1
age
4891535
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
34928
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"d1ffea3e241c3ee17ad7fc94522b1521"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aDTm2olpNW9XzMSowmO8AND9WnNMNl9lZSpJiOagUfoB6RQfw3RfXg==
with-all-vendors-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		393 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/with-all-vendors-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8365b122b9687e93abba4b7c0e296b244a803044a5c02c3618be1cbb489b3d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 10:15:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
AGpMMrvsvBRe80D_2_p32h0C1YO_IGJm
x-amz-cf-pop
PHL51-P1
age
4891535
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
218
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"9eeb9df073fd3a68df33c4f1d4a24d85"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qTI3_dFUMNFQOLSlUOQtTRZi2M1xGCTz3E3QlyRfcxlIYjosqyQtZw==
notifications-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.25.0/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.25.0/notifications-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f56c8bb18852cef3379f647bafab5204903ca6b8890d363e353c9c134093f54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
EJqofBG7m5P8EOfXDb.mG9frOmF94D3y
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 07:35:56 GMT
last-modified
Thu, 30 Nov 2023 10:14:12 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
62687
x-amz-server-side-encryption
AES256
etag
W/"85f7a052916c6e7fc664e2ddec76d598"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
0y3e4Ma6OVTGsM5auzYF4dcbnyyKZiHyRqx4fAt0agYKkGRbdAzCwg==
khaos.json
token.rubiconproject.com/ Frame 823A 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9CD 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8369082252707&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9CD 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8369082252707&version=m202309260101&ct=76&x=8&cor=17829347448228086000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C9CD 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxfN4j83gqVonobBFhZmJ4TWHNuLXvoz6xEcd9twmW1dY9I-g0jFmWhqndU9PPGUtwL8cdojQI53PRvu_7QUis71Pa4Jm9wH5oXOtiDGZSP4BcmVDNapIiaT1LVW6qg9snDcqpEAEoND74wgtSJRmpKrsa2jbL5wmj-1Kde4uzuJBpeq8&dbm_d=AKAmf-DTlcz19jUqmGSsGmTJZFmxSuoex2D8-x2E1DOOuxKJwTYKPCFgc-nHFJ1He2I3llKZlsZ-pm1DoUr1osp6yyPWTsY8rLKSof4vPU6B83SCv1Wy4pT4PnstgOXAeHJ8gtb4thkgFoGUDMGUNVC4MblL7USz_BOi7XaGCAUM35ALdbm7QZzwEDZqJ7-BZNVQe0ftPjsK2H6DFs8MhnXV_sZLC_EJU5TO4IxBumaTnXCN7XUeYPQ8ZOc_-6HqBwK4g3F0ti60F2P8JznjE_VU7EO2rPr1sO7aDEZBf0baEDvp6vkRVRQshKybJVW5W4Lkby37qXqnoi_mIXLljhRhhFbEj-fUCRTEP7D9MFZA7SAycRDUA7fekB9WWj_qLyZhCiRFtbiBRhG--CvxyeKbE02snYkzR-_9wHb021WUyYiJ3bf8Mfbgh7R1t_L9GySxTOu4o9Yiwc5-BT5qn_zel6KXrZ-jUPd5ZAYRURUFAgoom3LktoDFLbQcj1l8KkzjGrjhKRL4qk3bxHW1dKjok3toErXuz-VXYs-fmFJMEzmAIfNraQSuKHwv1cknmyEoeGGdyTH6WbnN4k6JdVyeMfnW87K_Jycs4mR3pxfRfvh9_Hk9_Y1VxxbQ43ZCp49fyUZxFmeOKk3qpRmUFitFWJxIVS52uq2fE4UVCpqsShROYLi8ViWnR1bgdt7Ak2cxPBhi3ewRl6xdn6aJWMl4G87w0e0Op5Uxo8oQAHftYKlqbZhV2kDF9riCni8M5i9lfcv5uKqzcdlNG-3a1sI0gR7EwUeuTdJRDwYL-zSjA96X9k7xp8tUCt5YrGKtbiNB-K_3MDLtN-CmmA2OJktNpXFr9P8iR0jTAuJS2Hk3VYYV3DLaKJLtrtMlyelY3hy6IvlsI0bToCMPYad1byJME5ieuiqkWx6izHIc55s6qsc28To5HoEsbnGis1BqEYUyBc6drEPbKOToNSkXHJz4eFvnYR-YmCF0yd5Gca9j4tYvd52V49Kly89P-PfWA87aTLTFc-88nhvefhlrWA1xOAOFYq3P9ATJZdN89KHyXWO3SlOpEEZ5tz0adG2OG69HSsraH24jjGgk-papwa1GvpMGdQxOAODoxuHEZ31ZQGJyuQ79a4x1oQjD9NKa2XBPHQBPHHwM6ahVO2aILpehQzZA1EfL5Z_dFTtxSyDewiQXX6yHs189CA2TnB1w7_GHC-Ml67Dmo40UXVleYrS5lEG1ia-ti32ZJG6a5jNJGiCHorLWjp2kjhjkw3ujikybk1pemYjnCa_Ab9qaY-KTyfeSfgQa2fRYilH2mwspu06TFW-cmS8lVj5TrO3Y_oROjZ7DjD16PAIKxhoi99ioZceJFQ0JfnBr3lmhMxmTPt5HUps7fHhXu75jPlwmZ67srn484b9nLZV7jEz8LnsHNsVPxkMhWQbG6Oc4bQAzYBIwskXqGUp9-PhWwdPC1ORKI1MX1YM3Dq5MjtzYY0mRAck-lvEfzO_YWMyCO4v0Dr6dlhDn8m0m0fDofDi5783Ag-bb2QDLR_F94kCi8JgmXAtdmXr6UIUAfEJF80Gj-fvrTgM55XbggB3NgTPFj3l6Prj4lu6hD2Y17jSYCdqJt3mKEBeMKhzNpvhS20YAo3Gibn5ocDTMp9JG9NzrcLlUqsvlqbocRzjMm-9adMp2WOQ8j9xEDyRbYkxVq7AbFO1vmRkKwkvlLTM5a6JJJwSAyV_gxbPyMezoMOnxZ-jalSMl-lh8BV62sWQ7Rtg3EaXTTiiO4V2PQ5a8h7Lm8LWuKHwHpzCHN7xX_TsiD4IOdRYCB-0b8u6x59msbRPfoU2b4ptr5SIcY-s-aemI_l-R2j7vtv22qIpxOP8tYAtAn1cmbZunSC7SAhaKeik6GiC0qkryGW28yZw1_E4TQOpuQTPqWuTI4AOU96JXdQeEDMiUk3JVzPdivLJ4Oy2qoDB5sDnglyMaZTLjsf8UJVhIbLjwzqJZ5TbGpq2gar8xYySjjjEerm3LxUW1f0OTfps7E2sBOcb0GoZuIX0bNMrysz3FaMV0ploc6qTus0nvJ4Nqmotz1M0mciKL1cK23Rscm0FBeXCFVDqZ4uUOWczUbHvwQCbNIU5h3veJynXL5NBdz8mcEQRoOS3e_vst-Yknxl4f5TzCXoKB3PvVCaS93IbjD9hoheF4tm2KRK4LrwufMBn2aiEWJ3ts2MwzsFWaa1fUtcPZlfAGwJIpjI7dr9UMYK0tj86OAc9QlV2ba5wzUb8c6meOciK_4rOtn_u_AgVGc_Wp7TsC5tUl_zYOewjLCLvL-ORMvtf2hkk_KpGaiZ8IQIXs4Xodh3p0jbObYpreATu4FkHYuglQv4rn35PfUZODFDxD3kEySV4QBH9D21hjHy91RQo80Vol2-LAUThcQHv6XTaqgZw3-eGIhlrrqCvOpnAfwW6CuwnGP4UjTTvkz-FvSv6buKcWEDsK1O_-ZsdzUXXL-zcxDmeKM1JlRelkcbEETVx5Sp64RJSixbjGD60cz2j0lJ_rrl8UY00ynulmCDNBSjaAEIbVIJ47JJOLY_k6PT7CeXCc6_ai8EFJ5iJjreZtSXlvKAOOepFVS2PoglrwJhaSciI3wQlZ6rc_HoXJAc0I0uxaA5DXPQvFt2KqidE5O3LNwIF1RV-DAPnFaAoSWGsXuA5A6XRml5aq8hTxmi6f1vXwukBObGfbW21jxwlMfBO47RQdNtW7i76lL9c-0usVjzBkGzKvme0O092mxBFEh2H9damr1M7X4N-3BrJUQB7afVa3alJH-lxF_QBeMM0gYLEcgEdWLCC2PbMyt3GKzUvnoDAZixj8dl0qJ69yxf22RG4Wl6cjGLYCwdrsutYHd27FdQuPftI5Rslgr9F9zRtF8r1zkBO_FCVn0xs6cyedlBC38FA0wPV5WjRmBS9wY6scD5JnTMYptOKtc7kRHI3G-PNopcHVaraiuch62xsJCW17__cvwjTh46RYSnTc4pJkQCOyMId9dpLrrFO93J-yCMMvkQW27NYlC49mGV64shSQlsuUiRfI2ZCjbmXFf7DnjyBpPU-vKTr9WCXw1wKyN3gDMgJpheXvrje64vFnLpoGMH19ogIKEUL3obyMHW47mLdDwFZs19H9Y-lSq5H17G_iMOm1xO3-OH0uM4EXqszQejy4RyuwFaNYTqRlrd3mCOx3bt3GZmqKrw-LCIndplg3ou8mcaGaVYlFFr78dIFrrXABpepjPNgVjwBOTExHQm7OOn4Q_IeoIc3-4h718FTJflVg96V-OsK2Wkq563RId12zEOI-1Cj_L8UdJ0O45biJB5WhFVPHuCsn4WjU6K9uQjCD2--mk6D2lfF5R90Y6utywzx8nf84blmrR_HUV7JBgPlT30F155xKQFdqBkvjaD_SiFMKlI94npUfG5etF75WgA5UiiCXjQeUoQ3QsD4H7fJyNlbYgDyqNOyouuORBr1TZB-YxDJJTITa7v-hxih0nXpmOfndFKCyR_Xzq1Lnr8CSJxWQ-mI-dGFFGjVQyUTBd0QkaFPA0eM8MfYdzZCnnWAlKypoHUd_M__PUS_TAn895ic4aa6kmnubQRAFvRsyuaCfXcBqdvmAv12T087UI5P1kU5uFiA1xWgHgJ6gOr5Ja7EXUIx59oJZBdB9apycoNrBOe55NUbBecPrYOeFTb6AAe5WD9FKvSAAlNhdPtYo74hMGDoP10H65swMisH12rwWB8Xfqpa3GHM14fF2WcI&pr=8%3A3D972AA0A77975B3&cid=CAQSMgAvHhf_vdOefkr1fD2BMKpCPuP7VySEXAzmxD3gGuPQf_St0EfJkoqtDg8gXJD4RkM8GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&ds=l&xdt=0&iif=1&cor=17829347448228086000&adk=268840262&idt=263&cac=0&dtd=10
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdbb1dee237ace90489fde5009306fcf2269bdfeaf5540e0402c74cf8e56cfa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39620
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2B38 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48093
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:42 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
json
server3.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/ 		45 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://server3.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
174.138.64.21 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
60ec707f0fe7ad4f3da29c272f000e77941f56ea051808aa88a8092e5dc9df73

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
26138
AVmanager.js
player.aniview.com/script/6.1/ Frame 5AFC 		469 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e88c160059fc55e84a997db69473cf4f136bd809e880a6b4a5a9fe5bebeba51f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:42 GMT
date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPo8Dvr2DoByaA27hKG4tI6oYFlL7ne0mFZQ3Mbsw83kjG1pMqoZ0lYwRcYI6nOWPNV4634
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
137771
last-modified
Sun, 28 Jan 2024 08:10:28 GMT
server
UploadServer
etag
"1a235f5864ccde8171eff866eeaa1eac"
vary
Accept-Encoding
x-goog-generation
1706429427958642
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=QiLEhA==, md5=GiNfWGTM3oFx7/hm7qoerA==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
137771
accept-ranges
bytes
quic-version
0x00000001
auction
tlx.3lift.com/web/ Frame BF37 		50 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/web/auction?inv_code=NYPost_Sidebar_native_header&referrer=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&rev=458f880&fe=0&ft=1&cb=6614058125
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.210.107.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-107-42.compute-1.amazonaws.com
Software
/
Resource Hash
e128ffb93c7e233fb60f7edd820b2aac067d255166cd749cabdf1bed1d9824a0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
content-type
application/javascript; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
50
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6E27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6IAHsf354pCvf5t82Uwzx1-Dr3it4o9_0VPtQ3nxh6iPqj0Ixz8LFVXsdvjJa0xys5zqbhQZnSBhSAbLL0lKhdeqjosNbv67L-W2qjwIV2y7E3qOH7NgUbGLsWfGAfIobCdZREZUVdTCEiAoAA2lDZFYwog0O-ft86F7Vv_2Rfhog9aKp2LC36rvJBNysrtawrMPTYaRv7bpAN_aFa55u5M3gLHuU1gP051Y948u5VAzdHP5KSreDxnluqNZhJlrzI2Neurwl77Mqbdi04qQQSB2Dyl9uA6JFehfGok9J85iVY1xec9hgpgrjtvHjY2uZXqot43YQZta0CjXuNWH3vJgjs9Ojj-ucHzoOxUGmJQ&sai=AMfl-YTMqCKQhUDSymNmVs_OQayTw8uZb-aw_subRmm1NcXS0ix-m6ko4xX5tU_ITyocUB87jQHXxwIP8r_4CJ5zgo7XD9FtK8TT1VFTgZuk4p-MGYibxezo_64SIOFTNPncnrG2MkXDkDcPuh1S92acqNE&sig=Cg0ArKJSzBGQzWR2tUvAEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 29 Jan 2024 01:00:42 GMT
json
server3.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://server3.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
174.138.64.21 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://nypost.com
access-control-max-age
86400
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:42 GMT
log
hblg.media.net/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=sre_events&itype=RTD&abte=CONTROL&adt=desktop&cid=8CU3I8M1G&ct=MIAMI&cc=US&ugd=4&pht=8146&pid=&dn=nypost.com&servname=ssp-serving-yin-6854c7f786-pgt8r&svr=2410_343&sc=FL&version=4&vh=1200&vw=1600&vsid=&vid=00001706490037818006462152416927&requrl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kwrf=&winner=None&isEmpty=true&size=&dfpAdPath=%2F5850%2Fpost.desktop%2Fcustom%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-custom&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=0&winner=None&isEmpty=true&size=&dfpAdPath=%2F5850%2Fpost.desktop%2Fskin%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-skin&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=0&winner=None&isEmpty=true&size=&dfpAdPath=%2F5850%2Fpost.desktop%2Foverlay_fullpage%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-overlay_fullpage&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=0&winner=DFP&isEmpty=false&size=300x337&dfpAdPath=%2F5850%2Fpost.desktop%2Frec_btf%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-rec_btf&slotType=Prebid&supcrid=div-gpt-ad-rec_btf&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=2707512692&winner=DFP&isEmpty=false&size=300x337&dfpAdPath=%2F5850%2Fpost.desktop%2Frec_widget%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-rec_widget&slotType=Prebid&supcrid=div-gpt-ad-rec_widget&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=2707512692&winner=DFP&isEmpty=false&size=1x7&dfpAdPath=%2F5850%2Fpost.desktop%2Finline%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-inline&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=3290077899&winner=DFP&isEmpty=false&size=1x6&dfpAdPath=%2F5850%2Fpost.desktop%2Fnative%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-native&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=2709739563&winner=Prebid&isEmpty=false&size=1x1&dfpAdPath=%2F5850%2Fpost.desktop%2Frec_atf%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-rec_atf&slotType=Prebid&supcrid=div-gpt-ad-rec_atf&adid=59d2bd177b20f5f&acid=ed16bba1-dbb8-4d69-bef6-876791b55ddc&pvnm=rubicon&dfpbd=0.18&ogbdp=0.18&curr=USD&bidId=307448a83b669a&mnrf=0&mnrfc=0&bdp=0.18&icurr=USD&dfpcmpId=2783510112
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 29 Jan 2024 01:00:42 GMT
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		59 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
c5effedc7290293314f709c194d0c6f942abf969da8afed4ef31270337ec3071
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-post-id
22800468
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfbXRtTVpjaXR0NEdyIiwiZGlzcGxheV9uYW1lIjoiQ3lhbjhCYWxsIiwidXNlcl9uYW1lIjoiQ3lhbjhCYWxsIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0N5YW4tOEJhbGwiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNzA2NDkwMDQzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjQwMTI5SHBZcFA4LjliYzJmN2RjMWI2NzhmYjYwOTFlYTdhN2JjZWI2YzRmYTY2ZDlhMjVmNzBkMzY0YjA5YjEzZDJlMjZkN2VmMmMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfWTltcE5meFpZeXpGa3VJZ1hWZWkiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzM0OTEyMDQzLCJzdWIiOiJ1X210bU1aY2l0dDRHciJ9.A09490LMBmQwQmm6R9bTEV0zlkkgnEMg0L19Mcya-3A
content-length
59
x-spotim-token
01240129HpYpP8.9bc2f7dc1b678fb6091ea7a7bceb6c4fa66d9a25f70d364b09b13d2e26d7ef2c
x-request-id
d3bad649-be41-11ee-9df9-d67d7faea604
x-guid
71f3befa-7111-46eb-8308-02c08342e2dd
server
fasthttp
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
x-amz-cf-id
pcDPkj-J3iJmuQdaXmD8oUycIsISZ-mLlLj6GcOyubb4JrMfup4BNw==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 29 Jan 2024 01:00:42 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-id
kkkCFzZy-7DTH_nKAQd9WYqoEZl-cKVmuCe9XHsA4XNyIHDegLmAKQ==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
view
securepubads.g.doubleclick.net/pcs/ Frame B3CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvy2bcW-dY6O_K_fJ-0QA_ZAGpEMHPcvjKMxR7nJBwHgC4rAlBBFgZ-HQ_zgYGdCZ_kHvGpiPPIczzT5p7I1LcdC-xqB2zUrot6ucuM44rgxYV-IowvCm5jM3XiYX1MLDLGszsBqV9vYps-vkL4GX7t8esZ1ceVl1RrM27a_WVqSCJ2Hc6Pb8d574BgQ75p5ogXXGkjUPhrFGcfIxnQYXENpV8M0BuafrQyhgEduaHQoJl1fAGWRdiHyx0h2hnp_OKKeNt-YvfKlufB4DNurek-lwopy-vpo0osUjRaUtLmibwrJ1xXXYWeh-NKsdbQQnDDxOiCwfKYhgooLGyAf8sKpiX1zPGdbtp5Ic8HhLI_jycjMAKH9ZOlU1k210UpMzd-Axa9PXIf&sai=AMfl-YQblbpCb_Q49QNNfLMDJMhgKrCKfEJOvrzMnc0NRFqb9S4trBRRZ6OmsDFlfhf5kvhW8cjD-qwyvkjcEQqKTxvrQfojcYsseL2CsAFN10yQCoT2dcXzy2wEn7yN1BDnl9WzGm-zTOUi6s_4kPyn0D0&sig=Cg0ArKJSzOcKd4IymHQbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
id_sync
events.bouncex.net/track.gif/ 		42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2bbiB7GCilGdiXnVecd4SJxgZ4U&source=web&agent=cjs&deviceid=3083166010840309329&visitid=1706490039300702&websiteid=2045&pageviewid=undefined&sequenceid=undefined
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 823A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRY83WXS-13-DGE9
  • https://s.amazon-adsystem.com/ecm3?id=LRY83WXS-13-DGE9&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRY83WXS-13-DGE9&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1JT2V9B3CQT54W7EPBTJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRY83WXS-13-DGE9&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
csi
csi.gstatic.com/ Frame 8E43 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lry83zym&c=8021027767136&slotId=4010513883568&qqid=COjUheWygYQDFf-u0QQdPLUJfA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E43 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 02:45:38 GMT
x-content-type-options
nosniff
age
80104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Jan 2025 02:45:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E43 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:38:52 GMT
x-content-type-options
nosniff
age
285710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:38:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E43 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CsJV3t_i2ZaidLP_dxtYPvOqm4AfG7ozbc4r43begEvAuEAEgn_vZH2DJhoCA3KPEEMgBBagDAcgDmwSqBJ4CT9DGv_FRY5U3AEnYqPKtUpK03Y7tuMdqkQB8Bze0GGU4BLIU-bu7Or0PAgZzFDKqufHBqSEwij8gkOMu1-ojR_sj8nUf5_jCIHe61AlqrUPjiDZrqQRLieLQRuCvNbb0yMSLJ7iCqOOWr6ooEts-Bwd9zctnmDjx7dx8Nvz40EsYLYuqYGrlRD69ZWlZ1adYR8kEPZjKKtpknmPkGDtXmDg5fTQIn5MQkTAhHggChHMAH9frn_cLnIZluepNanFX3gnyUcy_LaNTeisQDt12C_8snfk1bwVlDRBukfvNICmahbnJSCnnd7kq59BPFWm3i4mDfXx_cpf-BnUjhZ9VsBmleSk8k2tjEIypFzMALeL4g7AcntuvD9_GhMD6DcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNrNguWygYQDgAoDmAsByAsBgAwBqg0CVVPiDRMI78GD5bKBhAMV_67RBB08tQl8sBPZiccUyBOShrLjA9gTCogUBtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1706490042807&ai=CsJV3t_i2ZaidLP_dxtYPvOqm4AfG7ozbc4r43begEvAuEAEgn_vZH2DJhoCA3KPEEMgBBagDAcgDmwSqBJ4CT9DGv_FRY5U3AEnYqPKtUpK03Y7tuMdqkQB8Bze0GGU4BLIU-bu7Or0PAgZzFDKqufHBqSEwij8gkOMu1-ojR_sj8nUf5_jCIHe61AlqrUPjiDZrqQRLieLQRuCvNbb0yMSLJ7iCqOOWr6ooEts-Bwd9zctnmDjx7dx8Nvz40EsYLYuqYGrlRD69ZWlZ1adYR8kEPZjKKtpknmPkGDtXmDg5fTQIn5MQkTAhHggChHMAH9frn_cLnIZluepNanFX3gnyUcy_LaNTeisQDt12C_8snfk1bwVlDRBukfvNICmahbnJSCnnd7kq59BPFWm3i4mDfXx_cpf-BnUjhZ9VsBmleSk8k2tjEIypFzMALeL4g7AcntuvD9_GhMD6DcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNrNguWygYQDgAoDmAsByAsBgAwBqg0CVVPiDRMI78GD5bKBhAMV_67RBB08tQl8sBPZiccUyBOShrLjA9gTCogUBtgUAdAVAfgWAYAXAegXBQ
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8E43 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lry84054&c=8021027767136&slotId=4010513883568&qqid=COjUheWygYQDFf-u0QQdPLUJfA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.2j8&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 8E43 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AwmYkdkJ0QC7M--xtO-u_0VoYcBBa28zCrGZOoXSfJVj1lghihZznH_togOMpTKg0GkAad5z-cDyxhZuTNsccig-WY_w&cry=1&dbm_d=AKAmf-BS1D6IeBy8GmW9UHh5a26IfIv2CTEwvnE1gW1Vq3TB0wWLyw0I6OOFqF0WFRPdM4DhXcKphpvwghm4wmfsi_vVzWiL7u3bXpJxtGcUQl_Tl2oMorxK614EDGcQeuTGh7VBOz6FzpBj5ZH7yvAMtnwty_8a8GCygx7-yO9VBB9jfPHBqgWHhtYRRpngSfimqZlYOer34Fwm_XljqZYiKHgP5EA0mHaULrcNPnAynfNkNGnpJeTg4er462CLc3q7LJhYJkBSaR7Eq6aq5oHKDqrt6k9qDIpk5bYTz-t3xYp0VS58oGv4qi0KdN05LNGAIKd1afKVlq6IE8_YalVFAJ5fxZ0iKizeOgtXJPqRcT6jk1rBXjbEignCXkIQmh-gXjZ3LqtQOif9KvJaQroLAv1XFClEYf-Gl5GuC35nj5QCiydGaNv49eQROV8IYj8DBxq5pm97Rnl1f2B4xxk-SuHaaf-2lg7hOjkS_GbupeD5X0Gpge9L_zefCu0rxWYFjMnZVjBpZXwDnszelrXLi7mIkL10XS2JQHkst7DT7KrtBYX_jzlxmhHdNncTJmwmdxTPWtPgGXlX8KZxOgDy58usKamAFU7fBDq9n1L9PGY05W4YGy4GHAXmkHb5mAsGB6-O65q0jzUe6zyCr9OrA39dAiI-oYMcjPL1rmaHa2fnS7Eb9Q6TupcPHQRxulbGvhZ267zGq90_DGddWBilCcnl8Kq3CU7xLS60U0Y9CdrEUAl3fRwHRnzRkiACPVH-6wvp8OgCEaaDQ_QaZjcqCyhbMsvpMA4Dvs4z6qVm2eHvntBo-fioG8n6ZvB1h1jWKrtmTsAo8LaaU5ctomgCzWzPjpIhN-lp6F3c2cWnL5-P1Un9cg4ZsVdHKtXt4vOS2_dcwbdWg3OT69GyZinc6TfPYcTsChZ-I98uZesRdNA5nIcktxyAukRHQeRsVkbfowi3SXogI3Dt48UrHnGy_3bGXxBukgU5y5fymTSw6tCy_Ngv2L8aamcnzyMsg5Rf6qHV7I6vy9LiPrKir2GXb7uKxv_zhiaoNF5hpm3kQlKsOpcUdCcYO7mA3huqphK9bxVhJA-YnVH6_X1h9hJsHC9pgeGw5I9UJkSP7tsAkfXZcdCDxw-4hc_MZBm9aeI6lsLbn8jNoJa_aMezE6sDq3MFP5d-EBs3VMRjeWwBY25twJ7CQWQ88tglWrg01QAc7oIJ8OtQxRSm8CluAPisxNJfq2KRke1D8HPrFOXCjPqgyZeAfp7ntXeIRFH1XY-MTJl90gtGhAt6alNJeUL1vHbGqIRF_A_6UkT0p9eMkpNz4-8bYPa0KvQW7aa7UCQ7mAay33tYc7AJBAqsSgoF-ZtpQaF7JZaiO9cQoNk358tvb3t30eLIwKgX-JJM8Nfz5y93XazOzcB4-w__xXseQjMTborrVu5Be9Q0EudACNND05KZO-EiyLgOCEA9VQ2M65hpZBgHTSZIEz_72kmoHSm5QKEL-1SZqBU0Wc-X8Ry8QA9ifsU1V4M41E_ItP-g47XlSW7bc37BvXyJ1VT8QuNAbVql4Ib1kyrOiDVW090C3wDRB9BcK8Yk3APYDxqE-6P8lVouTCmxKkGnNAQXNcNcgtBMY66nidAvaaOM3e723z-pRP2IcKQW2u6PqoyUHu88yB1xUaDTZbt7oR0OZB6Pa0PMvQfbfQ57L1hxk_2gBOcV0vrAVs_pY4Y3dF_c7sHMiwAU7S1mME21tLYxmUBGhJGnDjIg1y0OXHO3gXEMBpd9xOH27rhe43oxB88zBv-OlLvGBw6t6akjCQ4tRcFX-fRZ21H-pT4eWfXvM6BiDC6kkKCHDbPv_wI9QHUmb7LAYEPFkJLMPS6UgPQSj9x6-Jt0dbLTyq515jkiVYxs_OoBgPAIvZ6U01ULTDuGoX8cnz50nUNozVs_VidA8J6kLAQgaWiZTHZ1vDqwesJ_yR4MywYXArfShHOOkUnhAQpwQIdhYpHAlt0RlTHkSIKN3BfvUYEgNNFvRGjaWLMVrGSmgJjeYvAfaqJc0wMgcgAEOTyHesGNSHagOZBF5Mf018g3x4rmjBtqC0OTIjrvJf70HbY-kV0Ngznk074Jdw1OIRbv91u1MvsRpq1tZwOyvYEgMi5wikJU0ymnza7-kftxVZ9f3DtDQz2oKCBz1N-GZxkeBXZ8aZhNb7axL0IiDAFw-kZrD4sZ9D6zWGMdkeR5AY1OUn_3TII8NZj3vJV02IlrwCqkyXMijKH9ujDOgrEts3NSlAckAx-61MldjCCnlo2Kb-2tvD3ZFQG6Wfl96xWBOc3Ld-Y6q_fP2s5mlQK9yNGF56fThWa1AGOdNBJcqgDgSq1dG6MoZn0zA_25StIs4LWF7TgAJHIsk9y9His5eY2rT1hcjRK6E_cb5d4qcAvxIhHXCBjTsncecsD8tu3TkqIR0gjcQY8zzuKYd5sha1FJ4O1wTmJt9Clf-oFlhU8pBdcmw6n57zwzwA8fAM89jxt7ANIN1Dd19CO1SeT0ouMqiCP2HvNzY7_-1CzwdFs5QFvOhN5RTuLTO5vFwXzwr3_nuiI_bakWffA7cftky5zGX5jJKArDTqA0PgRmsiaCFLMuQhpj6Z1MUmkMoaIFrtppFCgOmRXHc3-_atogacA9A-HF9vRdL9_1BjbthE2HluqL7GwxJqbHaO6LLTtGtgEYJM-Xb1uLfor8ZcKuZyThOjFJHOQulohGIvP94cZU0TtVWscBvZlxdxi1DUxea3pZJG7H5c8Du9XS4USAebrzmlp2hse1B9ZWmmCvT15wc8PESvg74flRmMy9SPY-tCqj7W1DuZcbGeFoPuiihAAjeu1gUwaSA5ifqDnM59zC4zrH3KI26Fzd2xvNi3B9otOzs-Xkxi_VqNhOegy15yrBRbGAceSPJLYycSV2gvU67MpIVRuSsOGfNHAysTsTUzsn2dMER7INoybpkmML_bABWVfYPgzCMwblG-_SgXSgRwMQMXQDZ4EU12F5hJC3QwxtefrE0V5DXPpxz8U9zNS7jYPAHlXz1MVOF6Sd0f98CPEPFOE3w3hNkSsmd3vkBr_nTz-aemnKyZqRD8u_kbI5LJQQyJOtVGwJZq72L5N99eSmwSVY3XIEocOo7swRVnYkANYqLVY0fDexSOWrfzCtkXG2Dz7cOifkkwVmmPAGwAUOTgTnwEO-_f99BB9aTDeJk4bjXkhIfEtJ8eovtpEnYrcuO2n2nMuu0oS6yOQRlTogQx-uCYCSwTNXzO9xHlfKcRxz9brjvODiWHKuNMOx0r_L_6Vqr51RBfM47JKiQQFNHj-a6h1j0eQa6BU8x-fxkh_MWu1EZ_nMrXmurvVL6vg-oTIPi5cjEFTsyaE9qSx4CI8otciBfhNj3sr4-gX50afQHEQuRqrtGHgxuosv9h6rX_NGHzh9Pbx05XP88noZCutst95ysSwbHIfJ1s9Asm292is7rCgR4VKcy2L5U8pIqc_qPi5dcwN84Ty9K7jloF4wlyf8_WXvlAVZV9wdyQ8vfKOvC0kXBbC2aJiX6a9GuYO5iAsTAsrECS6aukslh3PO4Gza8p-kavCrf9z1-GXSyJRmhxb-EexN2Y-R-1rl_md_eiXq9_7vHIwlaVmXRUvHKJGGEBPDQVAwgu6gjKr2stYHsmlFz7T2n4aN5xTPWUuoZXSDNSnFky8K4hHFfRwS6e_5T3zQMe8dyaX8PVopGUSVXytC_mTgozUCVRPFeKSy-Ob2sZYlJwfKHRRhCQbYdVNXtQlZHVJN5fWpp8XW8jNFq_mH9ZfvoKvuA2scaUjZaehgSn7s9wl9hOzLnh-zOZEgmV_6OD3u&cid=CAQSTgAvHhf_lv2LaoWoSCWbdWRL0cmdgauwZiRN01-qUMobrk2QZhzZVb_vJEhvSQQ68qW371hbsH9fn1M7TEdtxCdj46Gmx2_AHGtoJWRoYhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
5be38698097ebc72fe65d62fe004e5c1f30942912ede576b70ab6bf498e48152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17638
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
id5-sync.com/api/config/ 		136 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
6779cc904eecb5800327de0db33adda9ce6d334e28aacb954c96d35027196255
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
15308
idx.liadm.com/idex/prebid/ 		140 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/15308?duid=37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6&us_privacy=1---&resolve=nonId&resolve=uid2&resolve=medianet&resolve=magnite&resolve=pubmatic&resolve=index
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.6.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-6-32.compute-1.amazonaws.com
Software
/
Resource Hash
420a9b409f488329becad2b9b6db2ce0503163e7143835aef508039f276c4caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
6
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
773a55024d46f420
content-length
140
expires
Tue, 30 Jan 2024 01:00:43 GMT
rid
match.adsrvr.org/track/ 		108 B
715 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=c2ldiee&fmt=json
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
0427136e102e34438ee16c6fa85c90cc0e1498b55e8be0918762c3c5bb35c865

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 28 Feb 2024 01:00:42 GMT
envelope
api.rlcdn.com/api/identity/ 		0
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13511
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.165.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
load-cookie.html
elb.the-ozone-project.com/static/ Frame E20C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755daaf915dcdfcfdf2d35da49a47e023db898936d55dfd32346c2367d67d175

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84cd8a2fe8029ae3-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:42 GMT
expires
0
last-modified
Thu, 25 Jan 2024 11:13:40 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8FE1 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:42 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame D990 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a557c4f6928435565b4db3f77e684198add367728a004daef196a0391dc018ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
12136
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:43 GMT
expires
Wed, 31 Jan 2024 01:00:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame E153 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
850
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84cd8a304a10495a-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:42 GMT
expires
Mon, 29 Jan 2024 05:00:42 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 9E27 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
4d84b6071546678f7d643c1aa0c4b083ba2e5a2080358c66b4bf840c07ef4133

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:42 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame CBBF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.175 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-175.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 29 Jan 2024 01:00:43 GMT
ETag
"623de86a-cf34"
Expires
Tue, 30 Jan 2024 01:00:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
X-Check-Cacheable
YES
ibs:dpid=903&dpuuid=41e24d93-d54c-44df-8e10-335978a5e3ce
dpm.demdex.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=41e24d93-d54c-44df-8e10-335978a5e3ce
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
44.196.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-200-15.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0036234de.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
1JhIyOjZR+M=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=41e24d93-d54c-44df-8e10-335978a5e3ce
date
Mon, 29 Jan 2024 01:00:43 GMT
server
Kestrel
content-length
189
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtheme...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=a0d7576d9e1f4d62b901874e2cf64d14&ssp=themediagrid&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&consent=&gdpr_pd=&expires=7
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=354&user_id=a0d7576d9e1f4d62b901874e2cf64d14&ssp=themediagrid&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&consent=&gdpr_pd=&expires=7
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 29 Jan 2024 01:00:43 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://x.bidswitch.net/sync?dsp_id=354&user_id=a0d7576d9e1f4d62b901874e2cf64d14&ssp=themediagrid&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&consent=&gdpr_pd=&expires=7
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
khaos.json
token.rubiconproject.com/ Frame 7077 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
csi
csi.gstatic.com/ Frame 2CA5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lry8401e&c=5291839751052&slotId=2645919875526&qqid=COnUheWygYQDFf-u0QQdPLUJfA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2CA5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 02:45:38 GMT
x-content-type-options
nosniff
age
80104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Jan 2025 02:45:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2CA5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:38:52 GMT
x-content-type-options
nosniff
age
285710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:38:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CA5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=ChwAGt_i2ZamdLP_dxtYPvOqm4AfG7ozbc4r43begEvAuEAEgn_vZH2DJhoCA3KPEEMgBBagDAcgDmwSqBJ4CT9B2FqxHo7wJpVaie3oqIaa8UWhSn4aq0rs-J34TB3iDAzCLwnxkEX8R0VjlkM-mmU43i2uoBK3aNor09qhULWF0gYQkbyopB-A2EACvv4baePS4h3-2G-fAV4I-JsINS3sWJhLrKfYcc3sB-N4F5XGZluo3YBSj30lrFzXS513E7e2eFwKei30RCjvFbDhjDrBn-JQ4mXf4fjTOz7cd58kw53RwCgxDiUUdHzUY_lB0Hw3d6R17fQrDJxr4zVIeKWh8zuC8JUkBrYnhuRtYUWXTFoHY0s9tRNM6clSdxmGprxbF2lyg6Ict7JnTEh56Gw7mFZFpL0vhSugERv5sDOvQ7yV4ZNBJng6oL3JOr0Jj-qht6_omHxsGIAUmdsAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNrNguWygYQDgAoDmAsByAsBgAwBqg0CVVPiDRMI8MGD5bKBhAMV_67RBB08tQl8sBPZiccUyBOShrLjA9gTCogUBtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1706490042858&ai=ChwAGt_i2ZamdLP_dxtYPvOqm4AfG7ozbc4r43begEvAuEAEgn_vZH2DJhoCA3KPEEMgBBagDAcgDmwSqBJ4CT9B2FqxHo7wJpVaie3oqIaa8UWhSn4aq0rs-J34TB3iDAzCLwnxkEX8R0VjlkM-mmU43i2uoBK3aNor09qhULWF0gYQkbyopB-A2EACvv4baePS4h3-2G-fAV4I-JsINS3sWJhLrKfYcc3sB-N4F5XGZluo3YBSj30lrFzXS513E7e2eFwKei30RCjvFbDhjDrBn-JQ4mXf4fjTOz7cd58kw53RwCgxDiUUdHzUY_lB0Hw3d6R17fQrDJxr4zVIeKWh8zuC8JUkBrYnhuRtYUWXTFoHY0s9tRNM6clSdxmGprxbF2lyg6Ict7JnTEh56Gw7mFZFpL0vhSugERv5sDOvQ7yV4ZNBJng6oL3JOr0Jj-qht6_omHxsGIAUmdsAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNrNguWygYQDgAoDmAsByAsBgAwBqg0CVVPiDRMI8MGD5bKBhAMV_67RBB08tQl8sBPZiccUyBOShrLjA9gTCogUBtgUAdAVAfgWAYAXAegXBQ
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CA5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lry8406j&c=5291839751052&slotId=2645919875526&qqid=COnUheWygYQDFf-u0QQdPLUJfA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.2kj&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 2CA5 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DNFrwVWneRr7ZjuFMREO3eQKTbWWTZFiwRbyJ960COBYAeI_Rap2Z-Qs31pcBlO6JB3qbyyYGNi2PV4uAJuc1HE0yIBA&cry=1&dbm_d=AKAmf-CVefdMly8PrwLcdlpqTjs3F-ixahE0RvWL7PEzZMKp6IYZLSZGA2tch_BURRy9xIhZnF5ro9x8umIaH6AaZYoWzqKwDIabensuH8zeYl2XzvnKnacVrW9mcFIyrkbqd1xMgmBKCzpi0h_t74qLFjknJjEwqegJlklpeCRiuzh-5zDwDdNBnr5KU0kM1Ca61PZbaj73NheStmY1jJ5SUf9cwp6wjah7aKeSds5GJ8S2qgLaXZvnN4uiqj1D8Z5DujsQZ-Y6dryzpecMn6OvouxCdPGsnMduGFcyKhS22JrYlmiERivaiqkiEZgYpohk6zdWNoDTCBjc1GOWj2DTTP69tHHie0IwXe-06VkWV90gwJAp1mJZspWe8LBQyNaVjnTQMuZtBXLuwtFcxf6ZMcSwjU7eFkNVvDIFQrbrhv8LaV2-B-bP0t2-zjrbxFvDVGCnHb0TyBSfD8BL6fDCqrM0Cm3igB3ag_ufoi8FxRJJ3YGiWVzGbZikf4xjn5l6XfyuXvo3TJIBrbAW-VT4-y3gI9W8h0Gk9v2dMsmZpZJ09hkPXke3RtO-1srAqch3Dfup5USIuYKz_uBQrCrsdUEOQh_FsqYkSf-epC-H2FEI-PjRRXyIJji10-5v-NASYEy6ZzsO9bP5xQYwPs42xSind-k6_PT0L2Tic1VgkDbCYoFcdSZ-ZjZRd7hFR8BtLJSS26nJ1ZGkESBUV0rJBta-1XSesszxZuAOpB21i-agSyI2a0YmQRlKriW9sSrgzC7W6QCTnmij70dn_HpwR59guEtQiHhV0fRyQ6ATmKoebvaNorlGok7R1AJF3TWFVhbMBRNpwin4oA-9nWcRc98BVQjmggAtdQMB0wVjezWeWp4G8fDCEeeziN_B5-7RHHTuFa0TXXETc0wgK2eUD2RX9AU466zUqUdkcYIxodiHlq-hKmPzCsal6YlMtocG71kJrqXx7YC95SuqvfGSeCkRbU9FKjP30afjyS97G6H0dLhAQsNh4gJ3ohxFU9JLgaewN2aa92zIt17k4zMHsLl6EPLNpjR0UzJ1u-dLtDuTDPRk5TImKzg7UbcKmaXmx5ty7xa95WAFym0qQz7Lg8KV94vu7kn-4euhOCxDrQud02cpiM1D35WbzDglCijeINRB_IU9YWrOzRzpwnUN9bAx_tL6HbLMF13Er3KmowqUp3_ywBUPtDUhFZYJR6IL_DEIW0dwpD0xkl_KYfa75UA7GZRb6dezSeYvWoShbgRceDUyzFGOiETrdSgBffS6HkUuzX1U9kyTQLFESAEOvBLavKnDCXilv9H8R30H3KPAueiiLJCoc0XaECUE6ii1GTASXdcExuTI5J0cxzcc6oaxHpI_g6muU1RkHQgPRsHtY9Crnfb9dryJit67_2bXHMuL8od1-KMmrFMlgGgDboQ4Gc4tyFB-anqlWNLU0EhC-4N3QqJIR6pZmqLVGAt_gvOkf9FcKtA8UhgAgFSA9vlJuOPRGidu2RxeF4RoqUTol5XlkMAn0OZHaeTZ0EzcAHIxCyrhx7F_QlrLWaMGhiDO47aS8CMu-0xHfPn7bmwJWpB3AY3D6e8HEtst9YHqL-pyw4ewaq7Rz-FEYLCQ4ToSgbNpVXQpP6UZz49p_DLEYhpoN76Pz4lBGhfqF5Edj2NGxZ_Y9cdWUmS8n9GMqiRFx-tI1QECBH3oHi7PQOF2Yt0Ltc7Fep7JQ8jJ_3adFwK0ReQjEkZxmYKl0-1iC_BK0dx8NHSr0qmM5uMfkkkwD5x_y5y13CzeFv0psQKHQjRHKYfqLmPbdSFLXaPrT8Ew0t8IooIrEHiSegCoa5_nyE3QXSmC3QfnpD2mm9sGJn1TCAS_Xl1xXLFzyeHfWD3bdzNKilUhs8ug6OzK7glclPesYKcJd8llIo8GL1d3s3G4tnLiLYtSLJLyHxBWn6VaM9Hlpawwjw_eyf6lfSEF3DeLNbU6TLzw-Il0_-4NyRFQI5-kfTY7GEIE2r1MByZK89mMZTvgF_3RsaTuz045ME0uX44f2RMScsPGpfCYYmF_dj3UX5NH9C4pwEbpEp1boMEIk_iyhpwoQyk7WegZyc_0RZCtds6RdHerCXFA4-BVu8ASzJBV3Nv5XlJ8TtIHIJ1uK-srN1eqTq52npsR45H2mQfL0gRfX8sYCIPVe3f2jOTS930B6R6llD7pR1hJ4OfjEqLd-QIY2gj8e5WgFExfc0Yni7xaUQ6lru3hQspk_9N4WAB_XoLK-WO7IYxXoFj9FH9-eoW-0jjU7sG-oYHpLqOXkmF4bqfSJaO9QL0b90y5HCe39kh-HHG_bhei_haUuESFrN43pCIOvy-NNj2gvMDDJTlQg824vGRo6dFF-cMgB_ki-f8nQ65lu6ZduWQDIhdvUH8UEIt1pBCIIjHif1npxr-8JG3WOxi4sHWizmCPCY2Mwrjgcl-FUF4SJCHDknJx0z9PHGe1kygIMycZNN_JY0blt3IzEqKhMoTU4m1j-C2XS7AzyZXDpb0TpzGUSnvGZ0N_YyHQo8IlKl3Gl0Pj6-3SV4pCDz5Sj1Oj7Nf_BvgNNPdjrRsmlPKwV67nsiXlpi_NMhWr6PqRvP92O-C3FX1GO4lvAs4ZLnB0cXGLnLaS8ixhPLk4U-IDmd7Ab6ajHdAZMtgspJiUsDJ63ztDyEkb1tsVDzqxO2ms191-QPR32GPe3-D1FLy0DAQYuh9Rc_3Itg0L4hpSWveXs-vZFzvlHFdJEO098pTMEGNj4WHPhcFz4cSjRU_7jSt9D-ueBIj14NwsxyOMDDuFA-79_IXblS3G_lk0oUbqjqZsEqmfzPmeBWryZHZWKKIpTyefnlUbBCnCwZG21ffkHeSG2xMHomsb5_VvJb6R3MsrbuF_vvXDLsw5rdUs07kG9YrY1QlLdvVulrDAWdlPikKvXbkAJ9bwLZuim0hKxByzN9W8GHa_D0iIbuNutTNW6ltGcjDBISjXF5gVjhI2yIGmpE9M-Z3B0h4LsuBDOpduQmQn1BfAV2N24ifPSUoqAL3OlKSnnxDY8j8jtE-ijCiw0ZZupMDvw271VLKnJCJNKDELm18prAZynt_BfkEdaxx7weZY8-yuo2csk4ivfauWZt_CgxvYnS-Ui0mcEqBDIGStMD33qFUGxT0CqgIjCGrdK0caYzLltxbLhaZHAvQJpXHPMQjo1vc6FD41PzfOlgHdEdlU_NkSTvgAuaQwbtOoRC8kFDe4ABTHKS2KUsWhE-K8-h0hmrQyL3y04JFAtmyNSXNypsr8iSI6MhyYY-cECfP0qNfzZY6I9COcbaGe4jt40ZHovacPoyMFSQLLE15299Y6U0Zuqlb_HYriNnJB0883v5eThmYGIwJXkb2lsFlgaBpBjskJzhHybwPunVoTtKYiCjK_VMk4_qe6O8iKp3THGhFHoTozCBh5AN79cvadobr2D1V2XKE2ycI8f7lClcnqLkuJ-c_Y_Wl6G3Iz35OIXv3rlb7m6vVLr1Nzvulxui7CrRNonAq2w5gFzuHZfmHm5b3XIWZWNSUoeV2vzYxxjAW-GkFiaH7VKBCP9PRkhGw-J0v2zbjxcW8qEy7zqlpEw4QkH60PJFJFzu8ZibZAiDC-6CEwNvnF4_PW6VCrR28H6WgapXR9JvUr-b7zKk-TDGFq4gVUtp36AfCbY8uUqcCCJJ97nQbROztw3PZKSooNlw8r7_UAS3pqimWwVGp8AjelzbiOTqMyup9yQVc8l1XSxRfijWgaS7zrDvrChdsaQefR-XnZ09NHU45us5Q_pDEl5LQq3X-FMgesfOudH-Il6Jc9NM4RVaQ0KrAiLsP4CHzWGSREzjLk&cid=CAQSTgAvHhf_lv2LaoWoSCWbdWRL0cmdgauwZiRN01-qUMobrk2QZhzZVb_vJEhvSQQ68qW371hbsH9fn1M7TEdtxCdj46Gmx2_AHGtoJWRoYhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
98bf41be47b3a97de02598dfadcbddaedbddf560e1314367e99b1e32a11cbc23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17720
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9676 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HFFJJWFTJEGF53RWFDTG
ecm3
s.amazon-adsystem.com/ Frame 73B6 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
BAXQFV9BXKH5VVW5GN3N
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6523
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tsVChOG0TomNlZxuT2oksg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48092
accept-ranges
bytes
content-length
5622
expires
Mon, 29 Jan 2024 14:22:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 6523
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=509c862a-d03a-43aa-a731-974d8d72abf6%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=41e24d93-d54c-44df-8e10-335978a5e3ce&ttd_puid=509c862a-d03a-43aa-a731-974d8d72abf6%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=41e24d93-d54c-44df-8e10-335978a5e3ce&ttd_puid=509c862a-d03a-43aa-a731-974d8d72abf6%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=41e24d93-d54c-44df-8e10-335978a5e3ce&ttd_puid=509c862a-d03a-43aa-a731-974d8d72abf6%2C%2C
date
Mon, 29 Jan 2024 01:00:43 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 6523 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 6523 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 6523
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFgvbstX_IMB5gzVqKDvmng&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFgvbstX_IMB5gzVqKDvmng&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFgvbstX_IMB5gzVqKDvmng&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6523
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:59948840237444FFB186652355CB1705
42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:59948840237444FFB186652355CB1705
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 29 Jan 2024 01:00:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:59948840237444FFB186652355CB1705
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 28 Jan 2024 01:00:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6523
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:42 GMT
server
Kestrel
content-length
355
B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6523 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 6523
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7WMCTkVE2uU_84mFGaMcup5nIDsvu08-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7WMCTkVE2uU_84mFGaMcup5nIDsvu08-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7WMCTkVE2uU_84mFGaMcup5nIDsvu08-~A&gdpr=0
date
Mon, 29 Jan 2024 01:00:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C9CD 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 22:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 22:42:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame C9CD 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 23:33:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
5244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 23:33:19 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame C9CD 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 15:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
35599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-xss-protection
0
server
cafe
etag
11828260617052087593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 15:07:24 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C9CD 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 00:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
89156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Jan 2025 00:14:47 GMT
usync.html
eus.rubiconproject.com/ Frame DD2E 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&us_privacy=1---&geo=na&co=us
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:43 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame C9CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFbXrtmj6Ag28tcgmcR8HtgGSEnMLU3TjMJzJtcImZPf-n0jZi16C1LnynrN-32la4ObBy7Px6W5jmskOa_hIHJ-DYtK152ArSjVVpRlNWAtvEcSh4rRyWkPnQB12Nlxm9TYOmtGjKvb_3ssvNPOD0whfiu72Nuo46GchnDPi7JycMfXDy6Ur435kVaid4yfXBZwvaNnPnaeeZWSVLRdeEF7u5t2lZmTO1bS3gUlH8U5_mIu4svGzZO5jqi9B0q7k_LhIGN-weL9x6WWZXAZaauMOm1clnO6UQ9SJ_0OLJoCHbQeMfTGMG6cR6DCaT6e1Zb9YkQyOU98yIUoPrU5Qh7dLYkb8z0wIF2PDQVCiN0K2hvo2F9rkjQC-R8JaGmWsy6UdI1hkd&sai=AMfl-YRtjaAVOLnTgIzjwsyIHd92QteOaUq1jHoPwklrxotC0NxXQIyXuVGfkqF9tEiTl1NSOSz0MdAZseBDGxh98FXqPm26rnHClt2Vsxfxpa1jDbUKNiYEZzkv43AG5JjA8cJvdovbQaIXtar11z-JV8E&sig=Cg0ArKJSzL0wbuJbd7ueEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 29 Jan 2024 01:00:43 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame C9CD 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:23::b819:7f4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0b6e98cfd3fdb7b66ea67a1df33b1c3c8041ab9d0bb453627dde4a84afb897f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:43 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 11:58:39 GMT
Server
UploadServer
ETag
"735316270f0dd49e020eeea1967839d2"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3639
Expires
Mon, 29 Jan 2024 01:15:43 GMT
truncated
/ Frame C9CD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d62aa01c2584be70b451ec8777681d64c04c6bfe52b6b76c639b9c99ecf47876

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
cSyncRemoteEntry.js
cds.connatix.com/p/418625/ Frame A815 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/418625/cSyncRemoteEntry.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-amz-version-id
g7kI3ZuDXtFFUd.0kRPBaAIDfvO2iau8
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 17:26:25 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
84cd8a33bf022884-MIA
access-control-allow-headers
range
expires
Tue, 28 Jan 2025 01:00:43 GMT
hls.1.3.4.js
cds.connatix.com/a/ 		263 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/a/hls.1.3.4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-amz-version-id
08mQY6.qD2K9uG9Q090ZpTuzVoe6eKbG
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 30 May 2023 13:03:31 GMT
server
cloudflare
etag
W/"2065fde20cf0becb2eb29a9fa8b9936f"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
84cd8a33bf0c2884-MIA
access-control-allow-headers
range
expires
Tue, 28 Jan 2025 01:00:43 GMT
player.css
cds.connatix.com/p/418625/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/418625/player.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05fdc9f7ca49801b81fb9d865efc20d9988a89713020446863865bb38fc3b6b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-amz-version-id
aaMm.TpW71DbdHZvf6yZ4ki14AXlj_df
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 17:26:22 GMT
server
cloudflare
etag
W/"0ab4f36529cdb5207561b3205fd102a8"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
84cd8a33bf0f2884-MIA
access-control-allow-headers
range
expires
Tue, 28 Jan 2025 01:00:43 GMT
sbt.js
static.vidazoo.com/basev/1.0.853/ 		665 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.853/sbt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3283011899714a2c28a0be79d4044705ae94fc3c01ad3c4d656e533ae9c531d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
EAMB7GEG0FN64BAQ
age
50007
x-amz-server-side-encryption
AES256
content-length
143415
x-amz-id-2
Kjgt2RMqdM4Qxn8+jKMZly6zt6UTbEpszJg8ah0X8VG8I52VEOI7aq+xTGfkQhsb2fwhPSeqjkoemea795HHEgFb+6Kt61Rh
last-modified
Tue, 07 Nov 2023 16:30:50 GMT
server
cloudflare
etag
"d796acec96055edefa2a450517df72b8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84cd8a33fc384c32-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 30 Jan 2024 01:00:43 GMT
truncated
/ Frame B3CA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8b6e3130ca80c67c490981b56a9272493c1d0df3882ce72563b6c9e51ec9c59

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4BB9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
70990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 05:17:33 GMT
etag
48472445140208031
expires
Mon, 29 Jan 2024 05:17:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 3BB5 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr_consent=undefined&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78008fe701b681dce86a72fc23cacc40
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1945 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
70990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 05:17:33 GMT
etag
48472445140208031
expires
Mon, 29 Jan 2024 05:17:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 7077
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRY83WXS-13-DGE9
  • https://usersync.gumgum.com/usersync?b=mag&i=LRY83WXS-13-DGE9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LRY83WXS-13-DGE9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LRY83WXS-13-DGE9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
pixel
cm.g.doubleclick.net/ Frame 823A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJZODNXWFMtMTMtREdFOQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMDh6KNDR9SFdPcLtpbFn5A&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJZODNXWFMtMTMtREdFOQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJZODNXWFMtMTMtREdFOQ==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJZODNXWFMtMTMtREdFOQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
pixel
cm.g.doubleclick.net/ Frame 823A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWUwMzM0ZWZmOTMzYjI5M2YwMTI0ZmE4ZTgxMDEzMjJiNGQ5ZDI4OA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWUwMzM0ZWZmOTMzYjI5M2YwMTI0ZmE4ZTgxMDEzMjJiNGQ5ZDI4OA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWUwMzM0ZWZmOTMzYjI5M2YwMTI0ZmE4ZTgxMDEzMjJiNGQ5ZDI4OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 823A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kq0HEKcsx6gaN28x2q_NScn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ozZhArpE2oKhrRe4h4.cN.ivod5SZT7wtBFDJQ--~A
42 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ozZhArpE2oKhrRe4h4.cN.ivod5SZT7wtBFDJQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 29 Jan 2024 01:00:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ozZhArpE2oKhrRe4h4.cN.ivod5SZT7wtBFDJQ--~A
content-length
0
xuid
eb2.3lift.com/ Frame 9E27
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=41e24d93-d54c-44df-8e10-335978a5e3ce&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=41e24d93-d54c-44df-8e10-335978a5e3ce&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=41e24d93-d54c-44df-8e10-335978a5e3ce&dongle=0cfd&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:43 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 9E27
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY0OTQzODc2ODkyNDYwMjMzNDQx
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 9E27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAbwNbFzOXCdVyFc1aaIGpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAbwNbFzOXCdVyFc1aaIGpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAbwNbFzOXCdVyFc1aaIGpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9E27
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY0OTQzODc2ODkyNDYwMjMzNDQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY0OTQzODc2ODkyNDYwMjMzNDQx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY0OTQzODc2ODkyNDYwMjMzNDQx
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 9E27 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=264943876892460233441&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8525B3E3319B4940848FA44248F9D28D Ref B: MIAEDGE1309 Ref C: 2024-01-29T01:00:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQCyzhNw58swpf8cQXdA==
xuid
eb2.3lift.com/ Frame 9E27
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/264943876892460233441?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-SF4ZTMlE2oSU_bX2g5BPcPcep3j4N9JHi29BJTU_EQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-SF4ZTMlE2oSU_bX2g5BPcPcep3j4N9JHi29BJTU_EQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 29 Jan 2024 01:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-SF4ZTMlE2oSU_bX2g5BPcPcep3j4N9JHi29BJTU_EQ--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 9E27
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=264943876892460233441&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=cfd08bcc-90eb-4708-b389-0707c71d75d8&ssp=triplelift&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://eb2.3lift.com/xuid?mid=2409&xuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 29 Jan 2024 01:00:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 9E27
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=3fbfc4ff-725e-459d-8cd2-1da079402854&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=3fbfc4ff-725e-459d-8cd2-1da079402854&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=3fbfc4ff-725e-459d-8cd2-1da079402854&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1361229
content-length
0
expires
Mon, 29 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 9E27
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=569908430852131164&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=569908430852131164&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
an-x-request-uuid
7624f0ec-56c2-4a07-a321-d17174914835
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=569908430852131164&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 9E27 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=264943876892460233441
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
an-x-request-uuid
d4092c87-99f4-4d6f-a220-db5f86a2920a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 823A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRY83WXS-13-DGE9&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRY83WXS-13-DGE9&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7Z5F6ETRYQQF4VGGA67K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRY83WXS-13-DGE9&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 823A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zQYLimNvT7yCjAOY-0Y73w&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zQYLimNvT7yCjAOY-0Y73w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zQYLimNvT7yCjAOY-0Y73w
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C5162SMWWJJ8JA3J4046
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zQYLimNvT7yCjAOY-0Y73w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 823A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRY83WXS-13-DGE9
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRY83WXS-13-DGE9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A4B58A7327824E6DA8F8859ECD561728 Ref B: MIAEDGE1309 Ref C: 2024-01-29T01:00:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQCyzjVh5IBG04wML77g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRY83WXS-13-DGE9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08c627b67f10e75995ce6908d3f9f7b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 823A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SSFBQGZ0YEFW61E9MC1P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 823A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFVYo1uzixdyOZ-Djmhp1gw&google_cver=1
42 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFVYo1uzixdyOZ-Djmhp1gw&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFVYo1uzixdyOZ-Djmhp1gw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 823A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=&expires=30
42 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=&expires=30
date
Mon, 29 Jan 2024 01:00:43 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 823A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGDg07LbfEAABOt5hXgMg&expires=30
42 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGDg07LbfEAABOt5hXgMg&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGDg07LbfEAABOt5hXgMg&expires=30
Date
Mon, 29 Jan 2024 01:00:44 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame 823A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRY83WXS-13-DGE9
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRY83WXS-13-DGE9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRY83WXS-13-DGE9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 823A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=2686f86f-e79d-485e-ba10-74b2c691a418&expires=30
42 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=2686f86f-e79d-485e-ba10-74b2c691a418&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=2686f86f-e79d-485e-ba10-74b2c691a418&expires=30
Date
Mon, 29 Jan 2024 01:00:43 GMT
Connection
keep-alive
X-CI-RTID
b1a0a97a-5138-4a81-aff3-d5dd830e6f60
Content-Length
144
Content-Type
text/html; charset=utf-8
pixel
capi.connatix.com/us/ Frame 823A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LRY83WXS-13-DGE9&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LRY83WXS-13-DGE9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LRY83WXS-13-DGE9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a38597067b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LRY83WXS-13-DGE9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a37cf4a258e-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
receive
pixel.tapad.com/idsync/ex/ Frame 823A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRY83WXS-13-DGE9
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRY83WXS-13-DGE9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRY83WXS-13-DGE9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
magnite
prebid.a-mo.net/setuid/ Frame 823A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRY83WXS-13-DGE9
0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRY83WXS-13-DGE9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRY83WXS-13-DGE9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
cksync
hb.yahoo.net/ Frame 823A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRY83WXS-13-DGE9&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRY83WXS-13-DGE9&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UVWpYeGhORTJ1RndCbWxkOHExY0VxY1RWMlBxLnBHaH5B&ovsid=LRY83WXS-13-DGE9&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UVWpYeGhORTJ1RndCbWxkOHExY0VxY1RWMlBxLnBHaH5B&ovsid=LRY83WXS-13-DGE9&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_n-Ogury_rbd_ppt_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.45.13.146 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-13-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1UVWpYeGhORTJ1RndCbWxkOHExY0VxY1RWMlBxLnBHaH5B&ovsid=LRY83WXS-13-DGE9&dpid=58160
date
Mon, 29 Jan 2024 01:00:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
activeview
pagead2.googlesyndication.com/pcs/ Frame F91A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKmtzvEKe_rRuo_FjOjb4w-kUouqlz7yY-M7CZ9TuMUjgotTaK6nqd-EFVBqOlzEneNAsZwG5R8-4V1vxrUiTb-hW5ib8S1RV2Z5wv3zC3wkOJSZiuwhblHVarWv-L--j6WyQhYkbY4j4-UKM8adBiD-q6&sig=Cg0ArKJSzA3gX-r2CGRiEAE&id=lidar2&mcvt=1650&p=556,0,563,1&mtos=1650,1650,1650,1650,1650&tos=1650,0,0,0,0&v=20240124&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=622647110&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170649004100&rst=1706490040890&rpt=933&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8E43 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lry8405m&c=8021027767136&slotId=4010513883568&qqid=COjUheWygYQDFf-u0QQdPLUJfA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 8E43 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:26:00 GMT
file.mp4
r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 8E43
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13BDF4934087DEBC2C9A2292EB8FF4EE691260E3.82A5449321D20AC475122010655E66FE38C9009C/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4fl6nsd/ms/onc/mt/1706489288/mv/u/mvi/1/pl/48/file/file.mp4
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
2607:f8b0:4000:b::6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:44 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8221378
Last-Modified
Tue, 17 Oct 2023 17:08:40 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
location
https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13BDF4934087DEBC2C9A2292EB8FF4EE691260E3.82A5449321D20AC475122010655E66FE38C9009C/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4fl6nsd/ms/onc/mt/1706489288/mv/u/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 8E43 		453 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9386487545679073
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:12:06 GMT
x-content-type-options
nosniff
age
2917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:02:06 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame E20C 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84cd8a362cc5b3c2-MIA
csi
csi.gstatic.com/ Frame 2CA5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lry8406v&c=5291839751052&slotId=2645919875526&qqid=COnUheWygYQDFf-u0QQdPLUJfA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2CA5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:26:00 GMT
file.mp4
r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 2CA5
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B7C7C83AFA485A23FE5B5D1A62D5497906CC9B8.78F557D974AB883011D3C008D310AD02689E029D/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4fl6nsd/ms/onc/mt/1706489288/mv/u/mvi/1/pl/48/file/file.mp4
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
2607:f8b0:4000:b::6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:44 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8221378
Last-Modified
Tue, 17 Oct 2023 17:08:40 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
location
https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B7C7C83AFA485A23FE5B5D1A62D5497906CC9B8.78F557D974AB883011D3C008D310AD02689E029D/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4fl6nsd/ms/onc/mt/1706489288/mv/u/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 2CA5 		453 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9386487545679073
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:12:06 GMT
x-content-type-options
nosniff
age
2917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:02:06 GMT
usync.js
eus.rubiconproject.com/ Frame 8FE1 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:43 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76183
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
96e1e4462f01c24fc55039c30f197d4e9e1b86c77ee2163903963144b87b04aa

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
206ffce5e8f0ffa7abe4980b8640db09.webp
de9a11s35xj3d.cloudfront.net/ Frame DAD0 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de9a11s35xj3d.cloudfront.net/206ffce5e8f0ffa7abe4980b8640db09.webp
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ce00:17:b93b:fa40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee230f8cfa9dfe5ab02da94732abbfeaaff89283d8f32e577845a2371b11f7a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:53:34 GMT
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
54431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1304
last-modified
Tue, 23 Jan 2024 15:17:12 GMT
server
AmazonS3
etag
"4453339c7b99fcc7c694870798dc42c0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
cfHyL9mGdSSfl6vt1XxX8UBaS_2AAXRn8OZi2-1ssewBh9cq3p1_XA==
button.png
d31otfhas71ais.cloudfront.net/images/ Frame DAD0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31otfhas71ais.cloudfront.net/images/button.png
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:3a00:6:1e88:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9658821b2d9d149eb6d868c6ce8811406c6e8fb1f74104eb480264f94836428

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 02:32:38 GMT
x-amz-version-id
null
via
1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2017 11:50:30 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
80887
etag
"b2b37aa9f64082eeedb9670c620baca1"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1549
x-amz-cf-id
1Cxe_aP7j7wF_HSigzWKq9ciI8zr-IDuz3-O_KTSCTp4eFdAbGtFHQ==
x-amz-meta-s3b-last-modified
20170427T114916Z
3cf5a85f0de1d39454073f561bef4d9f.webp
de9a11s35xj3d.cloudfront.net/ Frame DAD0 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de9a11s35xj3d.cloudfront.net/3cf5a85f0de1d39454073f561bef4d9f.webp
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ce00:17:b93b:fa40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e99c5e449f17c9203058ba818d4e388061d156fad22b9355b3b02c5c2bbb4531

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 04:31:01 GMT
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
73784
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
49524
last-modified
Thu, 28 Dec 2023 14:26:21 GMT
server
AmazonS3
etag
"f214bba17bf5da36ced200fdd9d18063"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
Szw3IIK-dTxO8eXxWE_Q6y_dsdGtHKBeAPlBwC2UjeL_Pgv40iiFWg==
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame DAD0
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=bidswitch&seller_network=bidswitch_trustx&bid_id=adf9f0c0-b67e-4357-aead-70441bf6bfe2&initiator=me&us_privacy=1---&gdpr=0
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=210aed4c-1290-40df-ade0-996605a0ba01&gdpr=0&us_privacy=1---
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61813

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Date
Mon, 29 Jan 2024 01:00:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame DAD0
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=bidswitch_trustx&bid_id=adf9f0c0-b67e-4357-aead-70441bf6bfe2&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=210aed4c-1290-40df-ade0-996605a0ba01
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=210aed4c-1290-40df-ade0-996605a0ba01&ckls=true&ci=YuCD0eRlkT&nc=false&trid=1624310220
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=210aed4c-1290-40df-ade0-996605a0ba01&ckls=true&ci=YuCD0eRlkT&nc=false&trid=1624310220
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
13.224.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-26.phl50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
9_RD24z1PnBh7u_h2AstGEpeshA3GeJW037zRNZ_bV4YtOMhSUjfLg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=210aed4c-1290-40df-ade0-996605a0ba01&ckls=true&ci=YuCD0eRlkT&nc=false&trid=1624310220
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
IYYooRAzCXmyLqKk9flgWQ-9vn8TYl0XDaJv6ZoTbe8jjVXcj8nWYA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame DAD0
Redirect Chain
  • https://us-east-sync.bidswitch.net/sync?ssp=trustx&dsp_id=250&imp=1
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=trustx&bsw_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=210aed4c-1290-40df-ade0-996605a0ba01&ssp=trustx
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=210aed4c-1290-40df-ade0-996605a0ba01&ssp=trustx
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=210aed4c-1290-40df-ade0-996605a0ba01&ssp=trustx
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
r5bMv1v5hDH-JqppeMMik14lHTIKRxWwRWOy9dcqku9SPVIZ6xANB8l3ttQOPLHjgh9OaxiJxRHzwVTdQTsNJ9jfi9NoUVL2kS59oztC-BbGqquOWoiZ0OQkeyLFToXRzfFpvMJeVcyHUmMl9DBx5GRmk7RAJp5O5wriCbYf5zk8tn4jcV3GrN9cEO6onq--ywfMx...
pdc.bidswitch.net/mimp/ Frame DAD0 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdc.bidswitch.net/mimp/r5bMv1v5hDH-JqppeMMik14lHTIKRxWwRWOy9dcqku9SPVIZ6xANB8l3ttQOPLHjgh9OaxiJxRHzwVTdQTsNJ9jfi9NoUVL2kS59oztC-BbGqquOWoiZ0OQkeyLFToXRzfFpvMJeVcyHUmMl9DBx5GRmk7RAJp5O5wriCbYf5zk8tn4jcV3GrN9cEO6onq--ywfMxTLz4IDFKt_U3-Jdp22KdZ6-TcJljF6RC0NH02Un-mvOEC5K23QNu3tvM8FWSTaIuL8sE38gvUj16uGygtzUHhuBqigvVAMC1P51wny7gDWPhrd5Q2-g4t_hZRTep1IZwjkCLxjIwrkz0O-q8Q7B4wS30FZClK9M31ePp_5LwFKQ7uTDigj8WkkidKHf1Q
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.206.254 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
254.206.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
https_A_B_Bpdc.bidswitch.net_Btracking__burl_Br5bMv1v5hDH-JqppeMMik14lHTIKRxWwRWOy9dcqku9SPVIZ6xANB8l3ttQOPLHjgh9OaxiJxRHzwVTdQTsNJ9jfi9NoUVL2kS59oztC-BbGqquOWoiZ0OQkeyLFToXRzfFpvMJeVcyHUmMl9DBx5GR...
media.grid.bidswitch.net/imp/o7h0Ye9VzW5WQGHR8qcyoMR9-5EGwuywt6uHzeffhIBk83DhXVD1qI9wUqJOzenA_UGFNy9Vyjpt-jLvg1go4gMQIjuOsgmMtYZvFU4iJHhqlne5Yn8eDoN4lP0zqJGX2Qme-h24Gt8ZVlXvXq0jMokugF54QBuegLirJveD... Frame DAD0 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.grid.bidswitch.net/imp/o7h0Ye9VzW5WQGHR8qcyoMR9-5EGwuywt6uHzeffhIBk83DhXVD1qI9wUqJOzenA_UGFNy9Vyjpt-jLvg1go4gMQIjuOsgmMtYZvFU4iJHhqlne5Yn8eDoN4lP0zqJGX2Qme-h24Gt8ZVlXvXq0jMokugF54QBuegLirJveDmpYEd8taxxSNvF6XO9SQEnXr6aIsPad0NoUTe6XpJKGJSQj74NeuO5hUg9KSsgV20eBeQD9R1sEyHRn5N70yD0HCStYbNetH8X_8NJXhJ2sDHjfCVE37FHThmiEqRXIzEoMc5dRzkOcxFJ4tqwUAQjswqP5bzlSxbJ7I1XVY-EDOhSs_CYBQ75ikRc8kkyeP7DGEinYxTpYBgdqKo45EK78m7EGAzpGS2BV8A0xTWUYXbVIC/https_A_B_Bpdc.bidswitch.net_Btracking__burl_Br5bMv1v5hDH-JqppeMMik14lHTIKRxWwRWOy9dcqku9SPVIZ6xANB8l3ttQOPLHjgh9OaxiJxRHzwVTdQTsNJ9jfi9NoUVL2kS59oztC-BbGqquOWoiZ0OQkeyLFToXRzfFpvMJeVcyHUmMl9DBx5GRmk7RAJp5O5wriCbYf5zk8tn4jcV3GrN9cEO6onq--ywfMxTLz4IDFKt__U3-Jdp22KdZ6-TcJljF6RC0NH02Un-mvOEC5K23QNu3tvM8FWSTaIuL8sE38gvUj16uGygtzUHhuBqigvVAMC1P51wny7gDWPhrd5Q2-g4t__hZRTep1IZwjkCLxjIwrkz0O-q8Q7B4wS30FZClK9M31ePp__5LwFKQ7uTDigj8WkkidKHf1Q_B_I_WAUCTION__PRICE_X_Bhttps_U3A_U2F_U2Fghent-gce-sc.bidswitch.net_U2Fimp__s2s_U2F_U24_U7BCLEARING__PRICE_U7D_U2FBSWhttps__A__B__Brtb-use.mfadsrvr.com__Bimp____s2s__Bv3__Bs1kZbcSKNXHfnXr6-wu1IN6gkPYY82yynGvUQ-5TRB-cS-qARiL6eftaATzuU83bKJF7pxcYumkXe5jVro6Jh9jUPYKjp6vcOLffQzWE9u2VLUVhcnHyeuuQlO60i5C____V3FlkGvzlBd0a0T8NE8KdcrLqKT8m1FS-inirpNfxRgwsZ____HQDYRPnmgdb6FcKNQqFzyCUOSZktfyVoh1qSJ____YKZu9VpFZmDpUZjq3EWEFkqVDqX8QVZKpZ____Ws9AjRimb6z9u2NcM4AUBfmqvKEXXMINL3SBOdff4rwigd____8BDvcEU2w4jDn-mxNhwzAesy8eLIcP4WxtZ-dTyMIo4o0j0MbSobnI6-AqOtbEpiXeg2IG-DY____dgSe0uac8cDeb-fS8F6KY____zFNRHAhHE7MNrPMJUjwR20VQ1MtPiOuL30____UFJYHCmMpBVDOwFzPkHHSyMNI2DxZl4RgfdhVhUGeGzZfBJPV81AqWEUTT0xjzpkKDf-RYjVJbC69lX____a6IKuJBLcG7mvMCd____dprq______B__I__WAUCTION____PRICE__X__Cq__R1_U2FoB-Q1EAw6xpHYsQtv4G224__1AoumHWfoRhOmUecrPEallkfAritEQuS__XcEDohJG2cDd2RSialhUUj7WBNMY5gGkoyYSEi92X7EGdOKPGEt3tr9n7f9tyZ2uaLAW0zBGqSBC01__1ffUMvEUsIpCgOjcFBUSYuaugZuRjUdeFp5PTyIwRVJaeRe3cYskOgkl1WxFvYu2KP7wQoAk__7tI8-hcM8BILczh6tZEo__5jcwDzGdp5ZTn8rgFc7pkzTDa5YGX40RoNXC__CKGrWM7ZhaF47GAGX5kSIPdVkBW1VxAmZXW231xKPaOQq__JB28h9pE68pPMTMIYSyoEQBI-5AEtyeeG__W72dyLrcvRc7hgN4j045j2WxE-zy8nkD2HQKGjVdXdYoiVJd19AP__5N4g1aBvA6xZwoTndZgcDqZd4YSORDviTUdzT4u2lhFhRAHAiyfCpq3AXxtsAWO211TVZDZzrFYXOqBukYejRjyG__qHAbGzuvPkQaT4TAwvnUk9QsN-Hw88R4__ksE3HsejZ6ST8__mdvULOXKpt00fCiXpmL8EF__qwPbbv8b4qiP0tPs__MWHVdYf9rawBv25kWm2MRX-7dCcPG__wAxUN__pG00kYi5OAO0ZKAxcAYWOolWMIJESccUK-BzxXH7cFYVNb9vv4hn24wn1YVeb2cJG8SXAMou4TkKJJMIY8MtXnHrbCOuT-WP3jTStEazzW581ez7PyTxCCuyiM7x875x0t__U__I1ys8Pe7ZAUgdHY5WxihELKuLEO7Zq3pN1dQlTE-BpSF65mXwoWUqzEClbFqPCb77C85VfyoOoFJ0A1Tq-0zV-FJoO86dUW4-2vSOvx__EQRevJUm__WPIF2G3oiQ2oLD27o__jDf6FjU-2YXu3VCMkLasmlQL-V3lUi93NvBo61cG5IUJ8Rqtk2xlU1iE5A-85AkCnIYHMaLU9__DWnrY2E88O6ulJ6TJAzd81MWHwvAtUvdSO9DXG6bjXU2yLzNj-rOArV1k1daZ0UDBq09N4oWCrOmfcGrlAy-F90lMiWEIuK1YCMPj8D0A6c3VGCSE8W8xfrqX7WI9timNluQ31Tabchz4z621ee2jQbZalHqAjY5sQ9Rq70XjeE9hSgPOC3MHIH2z4PwaSSCXn4eLUm666v__dVJfugUKgdotgPO-3HBYbYI1Vm3G6x1m0sBTP2chaRBLgTezfs0LiXmuFMs9A-SP7OtPOw3L7iVOLeIe____ULgRoXbZTTqvxETDHCiBR8YQaQo9SDbNjBxc2JyHresh5dE7YZASx0ICNAXVR97D-fmM1vC5btSzoa5vQt3iReF1cepAXzYQPMvQYrucy1QQYHWsg__wuu30U_U2F
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.85.235 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
235.85.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame DAD0 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=nypost.com&bid_id=4bcbe27c-0630-4e3c-96a0-21b60927b016&ads_txt_id=4K5VGQ&has_bsw_id=0&bid_price_usd=0.3429
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::2 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
usync.js
eus.rubiconproject.com/ Frame DD2E 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&us_privacy=1---&geo=na&co=us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&us_privacy=1---&geo=na&co=us
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:43 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76183
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=NYPost_Sidebar_native_header&aid=24983392985602283995270&rev=458f880&domain=nypost.com&ref=https%253A%252F%252Fnypost.com%252F2022%252F06%252F24%252Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%252F&pr=un&rr=auction&cb=29927
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVzy2t_i2ZaidLP_dxtYPvOqm4AfG7ozbc4r43begEvAuEAEgn_vZH2DJhoCA3KPEEMgBBagDAaoEmwJP0Ma_8VFjlTcASdio8q1SkrTdju24x2qRAHwHN7QYZTgEshT5u7s6vQ8CBnMUMqq58cGpITCKPyCQ4y7X6iNH-yPydR_n-MIgd7rUCWqtQ-OINmupBEuJ4tBG4K81tvTIxIsnuIKo45avqigS2z4HB33Ny2eYOPHt3Hw2_PjQSxgti6pgauVEPr1laVnVp1hHyQQ9mMoq2mSeY-QYO1eYODl9NAifkxCRMCEeCAKEcwAf1-uf9wuchmW56k1qcVfeCfJRzL8to1N6KxAO3XYL_yyd-TVvBWUNEDaQSacoA3q3K237_anlbTpfNyWajoRzA6WG3nxVnXoPXDt9NqralmDrBBKLyrqCqlK_tC4B-l4FfFIM-ljDQc5gwASy4NiwpQTgBAOIBYSMjJFMkgULCCIQAxgDSIWshwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChD2rxMY4Y-s8wHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNrNguWygYQDgAoDyAsB4g0TCO_Bg-WygYQDFf-u0QQdPLUJfLAT2YnHFMgTkoay4wPYEwqIFAbYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzQyODQ3NzM0MDc3NDU5MhiX0hPoFwU&sigh=uWh_J-f5xTA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_lv2LaoWoSCWbdWRL0cmdgauwZiRN01-qUMobrk2QZhzZVb_vJEhvSQQ68qW371hbsH9fn1M7TEdtxCdj46Gmx2_AHGtoJWRoYhgB&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 8E43 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVzy2t_i2ZaidLP_dxtYPvOqm4AfG7ozbc4r43begEvAuEAEgn_vZH2DJhoCA3KPEEMgBBagDAaoEmwJP0Ma_8VFjlTcASdio8q1SkrTdju24x2qRAHwHN7QYZTgEshT5u7s6vQ8CBnMUMqq58cGpITCKPyCQ4y7X6iNH-yPydR_n-MIgd7rUCWqtQ-OINmupBEuJ4tBG4K81tvTIxIsnuIKo45avqigS2z4HB33Ny2eYOPHt3Hw2_PjQSxgti6pgauVEPr1laVnVp1hHyQQ9mMoq2mSeY-QYO1eYODl9NAifkxCRMCEeCAKEcwAf1-uf9wuchmW56k1qcVfeCfJRzL8to1N6KxAO3XYL_yyd-TVvBWUNEDaQSacoA3q3K237_anlbTpfNyWajoRzA6WG3nxVnXoPXDt9NqralmDrBBKLyrqCqlK_tC4B-l4FfFIM-ljDQc5gwASy4NiwpQTgBAOIBYSMjJFMkgULCCIQAxgDSIWshwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChD2rxMY4Y-s8wHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNrNguWygYQDgAoDyAsB4g0TCO_Bg-WygYQDFf-u0QQdPLUJfLAT2YnHFMgTkoay4wPYEwqIFAbYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzQyODQ3NzM0MDc3NDU5MhiX0hPoFwU&sigh=uWh_J-f5xTA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_lv2LaoWoSCWbdWRL0cmdgauwZiRN01-qUMobrk2QZhzZVb_vJEhvSQQ68qW371hbsH9fn1M7TEdtxCdj46Gmx2_AHGtoJWRoYhgB&vt=10&cbvp=2&vis=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 29 Jan 2024 01:00:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 8E43 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
695678ba42518f11062a455ccdbc9cb8e3154b58e11230f676f9a6b1900571b5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2DiKt_i2ZamdLP_dxtYPvOqm4AfG7ozbc4r43begEvAuEAEgn_vZH2DJhoCA3KPEEMgBBagDAaoEmwJP0HYWrEejvAmlVqJ7eiohprxRaFKfhqrSuz4nfhMHeIMDMIvCfGQRfxHRWOWQz6aZTjeLa6gErdo2ivT2qFQtYXSBhCRvKikH4DYQAK-_htp49LiHf7Yb58BXgj4mwg1LexYmEusp9hxzewH43gXlcZmW6jdgFKPfSWsXNdLnXcTt7Z4XAp6LfREKO8VsOGMOsGf4lDiZd_h-NM7Ptx3nyTDndHAKDEOJRR0fNRj-UHQfDd3pHXt9CsMnGvjNUh4paHzO4LwlSQGtieG5G1hRZdMWgdjSz21E02Jz5vfOS0mdhGFpiO56Uz1Ufrmd-UnjhMDuM2oIQWVDwRy-V5NmZBV9CFZ8cZAMKFOH9WCDWsV8ZCN529HThQ7EwASy4NiwpQTgBAOIBYSMjJFMkgULCCIQAxgDSIWshwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCh-xMY4Y-s8wHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNrNguWygYQDgAoDyAsB4g0TCPDBg-WygYQDFf-u0QQdPLUJfLAT2YnHFMgTkoay4wPYEwqIFAbYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzQyODQ3NzM0MDc3NDU5MhiX0hPoFwU&sigh=eV0mtjx0VC0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_lv2LaoWoSCWbdWRL0cmdgauwZiRN01-qUMobrk2QZhzZVb_vJEhvSQQ68qW371hbsH9fn1M7TEdtxCdj46Gmx2_AHGtoJWRoYhgB&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2CA5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2DiKt_i2ZamdLP_dxtYPvOqm4AfG7ozbc4r43begEvAuEAEgn_vZH2DJhoCA3KPEEMgBBagDAaoEmwJP0HYWrEejvAmlVqJ7eiohprxRaFKfhqrSuz4nfhMHeIMDMIvCfGQRfxHRWOWQz6aZTjeLa6gErdo2ivT2qFQtYXSBhCRvKikH4DYQAK-_htp49LiHf7Yb58BXgj4mwg1LexYmEusp9hxzewH43gXlcZmW6jdgFKPfSWsXNdLnXcTt7Z4XAp6LfREKO8VsOGMOsGf4lDiZd_h-NM7Ptx3nyTDndHAKDEOJRR0fNRj-UHQfDd3pHXt9CsMnGvjNUh4paHzO4LwlSQGtieG5G1hRZdMWgdjSz21E02Jz5vfOS0mdhGFpiO56Uz1Ufrmd-UnjhMDuM2oIQWVDwRy-V5NmZBV9CFZ8cZAMKFOH9WCDWsV8ZCN529HThQ7EwASy4NiwpQTgBAOIBYSMjJFMkgULCCIQAxgDSIWshwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCh-xMY4Y-s8wHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNrNguWygYQDgAoDyAsB4g0TCPDBg-WygYQDFf-u0QQdPLUJfLAT2YnHFMgTkoay4wPYEwqIFAbYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzQyODQ3NzM0MDc3NDU5MhiX0hPoFwU&sigh=eV0mtjx0VC0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_lv2LaoWoSCWbdWRL0cmdgauwZiRN01-qUMobrk2QZhzZVb_vJEhvSQQ68qW371hbsH9fn1M7TEdtxCdj46Gmx2_AHGtoJWRoYhgB&vt=10&cbvp=2&vis=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 29 Jan 2024 01:00:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 2CA5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b557a09265fc978c7cb5e74eba6122e09c6e4570a1fd6bb58c6d35dcbe928f1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
src_next_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.25.0/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.25.0/src_next_index_tsx-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddd7bb68f20f8cddb31f4d25b7532b72fbf6ecf9409685e28dc6d5c72a86f13b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 08:13:34 GMT
x-amz-version-id
twGlhoEWD5O5Dq0b4n8Xq3jRHMHpBjNO
content-encoding
br
last-modified
Thu, 30 Nov 2023 10:14:12 GMT
server
AmazonS3
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
etag
W/"340d767a36df10ed12cf98ffae237b3d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
60430
x-amz-replication-status
COMPLETED
x-amz-cf-id
mNxEnHk62joksf8CHfAVmbIsZblTkbLWBZz2A6vCh7XwhrBhvow_QQ==
conversation-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/conversation-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
513eadc5033797f8560136999e9aeba1e85dc60d127e63c25f09bebee4da3f7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
4YnK5rzm.4eKk1WRnHaUWn9vKZ79SCt0
x-amz-cf-pop
PHL51-P1
age
651336
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
15639
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"658e55687450d4cc87f9d44b7c7a5b6a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
z_nEFE400ShY4n_wyjc78r2OaqyawWC2Ym7UF9f55K8ZyAa_pxxIRw==
reactions-bundle.js
static-cdn.spot.im/production/reactions/tags/v4.5.0/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.5.0/reactions-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b66c3a34582e1ab4c7e43dd1ed5f3821f757396101905109114ff9487528aa34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
3xA3kKH7WtwIU1fIXzi_r9sBI5Y23uO5
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 10:21:03 GMT
last-modified
Thu, 28 Dec 2023 10:56:05 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
53148
x-amz-server-side-encryption
AES256
etag
W/"8bbcd1698b6302b267e994e5ace0c417"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
-bV-XcayU2Un5QoE-JoAHE7_moNP0hf3kzTHoq19VWXdz9U3jnCxdQ==
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 		3 KB
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:16:07 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
mAL2oXUm0qyV4QvL3sjPHaP9lSkxSKNF
x-amz-cf-pop
PHL51-P1
age
5147077
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
549
last-modified
Thu, 30 Nov 2023 10:21:47 GMT
server
AmazonS3
etag
"2fb4c511e325b1064ff9babf599fbcee"
vary
Origin
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kaVUNLZYOiQ-xayPRkhdyS8OMc_f_fcLD66MiNVAn1Vc_733qYrnhw==
log
pb-logs.media.net/ 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&dn=nypost.com&ref=&screen=1600x1200&cid=8CU3I8M1G&lper=1&plper=&gdpr=0&ccpa=1---&ajx=1&pbv=v8.27.0&pbav=1.0.0&flt=1&supcrid=div-gpt-ad-billb_atf&tmax=2000&ismn=1&vplcmtt=&sts=0&ets=1058&tts=1168&wts=5263&aucstatus=completed&acid=ed16bba1-dbb8-4d69-bef6-876791b55ddc&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=RA&reqId=55bc805eb6e5437&ogReqId=&adid=60684a11fda5845&pvnm=trustx&src=client&ogbdp=0.3429&bdp=0.3429&cbdp=0.34&dfpbd=0.34&szs=970x250&size=970x250&mtype=banner&dId=G-TRUSTX-trustxgeneral&winner=1&curr=USD&rests=1002&status=1&iwb=1&bidflr=&flrrule=&rtime=&targ=%7B%22hb_domain%22%3A%22nypost.com%22%2C%22hb_auction_id%22%3A%22ed16bba1-dbb8-4d69-bef6-876791b55ddc%22%2C%22hb_deal_bidder%22%3A%22trustx%22%2C%22hb_crid%22%3A%22494_379_250_535428_ssl%22%2C%22hb_adomain%22%3A%22wellnessguide102.com%22%2C%22hb_format%22%3A%22banner%22%2C%22hb_source%22%3A%22client%22%2C%22hb_deal_priority%22%3A%22%22%2C%22hb_deal_trustx%22%3A%22G-TRUSTX-trustxgeneral%22%2C%22hb_deal%22%3A%22G-TRUSTX-trustxgeneral%22%2C%22hb_size%22%3A%22970x250%22%2C%22hb_pb%22%3A%220.34%22%2C%22hb_adid%22%3A%2260684a11fda5845%22%2C%22hb_bidder%22%3A%22trustx%22%2C%22hb_ds%22%3A%22trustx%22%2C%22hb_crid_trustx%22%3A%22494_379_250_535428_ssl%22%2C%22hb_adomain_trustx%22%3A%22wellnessguide102.com%22%2C%22hb_format_trustx%22%3A%22banner%22%2C%22hb_source_trustx%22%3A%22client%22%2C%22hb_deal_bidder_trust%22%3A%22trustx%22%2C%22hb_size_trustx%22%3A%22970x250%22%2C%22hb_pb_trustx%22%3A%220.34%22%2C%22hb_adid_trustx%22%3A%2260684a11fda5845%22%2C%22hb_bidder_trustx%22%3A%22trustx%22%2C%22mnadc%22%3A%22div-gpt-ad-billb_atf%22%7D
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Jan 2024 01:00:43 GMT
content-length
35
content-type
image/gif
cookie_sync
elb.the-ozone-project.com/ Frame E20C 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab04d079aad07418204d4ac538ac56785cf978392bf78e9876b39ddbc169fc5e

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84cd8a362bc59ae3-MIA
expires
0
user-sync
ms-cookie-sync.presage.io/ Frame 3BB5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&khaos=LRY83WXS-13-DGE9
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LRY83WXS-13-DGE9&gdpr_consent=undefined
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LRY83WXS-13-DGE9&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:44 GMT
Via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL51-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
8dWJDS1IZNW31qzcoXW18wElOIaaBF7rq4G7rbK3TCt25Vy5-bj8RQ==
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LRY83WXS-13-DGE9&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
pubcid.php
hbx.media.net/ Frame D990 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Mon, 29 Jan 2024 01:00:43 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:30:43 GMT
sync
gum.criteo.com/ Frame D990 		88 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8564cd81e40c9659b81194f6c622350bea671cb0c237d79edb3734e8c50e7e6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
4551285
expires
60
cksync.html
contextual.media.net/ Frame EC76
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560210&ev=1&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dppt%26refUrl%3D%26vid%3D649004376834949164...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=ppt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=H8rkIRuldlvq&ev=1&pid=560210
231 B
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=ppt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=H8rkIRuldlvq&ev=1&pid=560210
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
231
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 01:00:43 GMT
expires
Mon, 29 Jan 2024 01:00:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
location
https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=ppt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=H8rkIRuldlvq&ev=1&pid=560210
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
cksync.html
contextual.media.net/ Frame 9EE0
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Drkt%26refUrl%3D%26vid%3D649004376834949164015241500...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=rkt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=969751697415783635
231 B
678 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=rkt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=969751697415783635
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
231
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 01:00:44 GMT
expires
Mon, 29 Jan 2024 01:00:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 29 Jan 2024 01:00:43 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=rkt&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=969751697415783635
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame D990
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=734e1961a686108b&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.ph...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=con&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=AAAF4JnAkSDv2gMR2A26AAAAAAA&expiration=1706576443&is_sec...
57 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=con&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=AAAF4JnAkSDv2gMR2A26AAAAAAA&expiration=1706576443&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=con&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=AAAF4JnAkSDv2gMR2A26AAAAAAA&expiration=1706576443&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
b16465b6-f8b7-4700-825f-1f6d618c12a5
sync.1rx.io/usersync3/mediamathtest/2057.4/ Frame D990
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dr1%26refUrl%3D%26vid%3D64900437683494916401...
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2057.4%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=6403248818
  • https://sync.1rx.io/usersync3/mediamathtest/2057.4/b16465b6-f8b7-4700-825f-1f6d618c12a5?zcc=0&sspret=1
43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/mediamathtest/2057.4/b16465b6-f8b7-4700-825f-1f6d618c12a5?zcc=0&sspret=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Date
Mon, 29 Jan 2024 01:00:43 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x31 config_version:"539"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.1rx.io/usersync3/mediamathtest/2057.4/b16465b6-f8b7-4700-825f-1f6d618c12a5?zcc=0&sspret=1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 29 Jan 2024 01:00:42 GMT
cksync
cs.media.net/ Frame D990
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ5NDkxNjQwMTUyNDE1MDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOCrHLxhpsJXWnvWJ2NZlTo&google_cver=1
57 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOCrHLxhpsJXWnvWJ2NZlTo&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOCrHLxhpsJXWnvWJ2NZlTo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D990
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Ddxu%26refUrl%3D%26vid%3D64900437683494916401524...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Ddxu%26refUrl%3D%26vid%3D64900437683494916...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=dxu&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=MGfTdgLu1Rug0Y5
57 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=dxu&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=MGfTdgLu1Rug0Y5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:43 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-0174de7c622621521@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=dxu&refUrl=&vid=64900437683494916401524150000V10&axid_e=&ovsid=MGfTdgLu1Rug0Y5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D990
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=3fbfc4ff-725e-459d-8cd2-1da079402854&gdpr=0&gdpr_consent=&us_privacy=&gpp=
57 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=3fbfc4ff-725e-459d-8cd2-1da079402854&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:43 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=3fbfc4ff-725e-459d-8cd2-1da079402854&gdpr=0&gdpr_consent=&us_privacy=&gpp=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1030452
content-length
0
expires
Mon, 29 Jan 2024 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D990
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://t.pswec.com/bsw_sync?ssp=medianet&bsw_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=medianet&bsw_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=eef444ba-73d2-41cc-8090-949d0e38089a&expires=3&user_group=1&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 29 Jan 2024 01:00:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame D990
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=FGMyRixu_DgVHyivxn3d
57 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=FGMyRixu_DgVHyivxn3d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=FGMyRixu_DgVHyivxn3d
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame D990 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:43 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame D990
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3494916401524150000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=210aed4c-1290-40df-ade0-996605a0ba01&cs=1
57 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=210aed4c-1290-40df-ade0-996605a0ba01&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:43 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:43 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=210aed4c-1290-40df-ade0-996605a0ba01&cs=1
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
710489.gif
id.rlcdn.com/ Frame D990 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame D990
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=41e24d93-d54c-44df-8e10-335978a5e3ce
57 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=41e24d93-d54c-44df-8e10-335978a5e3ce
date
Mon, 29 Jan 2024 01:00:43 GMT
server
Kestrel
content-length
199
cksync.php
contextual.media.net/ Frame D990
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=medianet
57 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=medianet
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT, Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CBBF 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
an-x-request-uuid
fb7830e8-c648-476d-9264-a3e487d3ef09
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		573 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		528 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		398 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
observe.aniview.com/api/adserver/tag/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=770&AV_CDIM1=AR_3%23FMS_PS_1&AV_UID=9b29627bc462352049de8a40a1b998fc&AV_CDIM2=11741-89554-88301&AV_CDIM3=5192495&AV_CDIM4=footer&AV_CCPA=1---&AV_CDIM5=11741-89554-88301%2C12756-90591-90592%2C12838-0-%2C13002-93668-0%2C12495-0-&AV_SCHAIN=1.0%2C1!outbrain.com%2C004212d4e187697bc2ce1a454fa06c19d2%2C1%2C%2C%2C&AV_SECURED=1&AV_DNTCHECK=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5b50b14e28a0613c4969bad3&tgt=0&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=3&AV_GPID=/58a5addb28a0612d3529bc5e/5b50b14e28a0613c4969bad3/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=43833&omv=1.0.1&clsid=701229b8-7e41-4a6e-8f85-7310fda36753&rando=97&scnt=1&AV_WIDTH=728&AV_HEIGHT=409&AV_CCPA=1---&AV_DNT=0&cb=1706490043837&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.0.146.7 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
b358be939b8fb706ae9890c2a981d8f7ef4b8e7c0a89c6a304421827b847966a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:04 GMT
track
track1.aniview.com/ 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=770&cd1=AR_3%23FMS_PS_1&cd2=11741-89554-88301&cd3=5192495&cd4=footer&cd5=11741-89554-88301%2C12756-90591-90592%2C12838-0-%2C13002-93668-0%2C12495-0-&ic=0&tgt=0&app=&wi=728&he=409&test=&d36=6.2.166&apppkg=&fv=3&proto=https&clsid=701229b8-7e41-4a6e-8f85-7310fda36753&rando=97&scnt=1&pid=58a5addb28a0612d3529bc5e&cid=5b50b14e28a0613c4969bad3&stagid=&stplid=&e=inventory&vi=0&cb=1706490043835
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-23.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 16:29:22 GMT
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
30683
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
p4ikj2_lA_a0XjXeHRaghA25LRsAXntd-arPshFNGBb9RigewxH6Uw==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
7190953c5cd7decdd52734f3545f51b5cf589ba34e068d0e29daac178becad07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
952.js
cds.connatix.com/p/418625/ Frame A815 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/418625/952.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-amz-version-id
BUUQSvi6gWUznbmluALi05bnYXQCoZ6f
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 17:26:25 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
84cd8a36a83f572b-MIA
access-control-allow-headers
range
expires
Tue, 28 Jan 2025 01:00:43 GMT
402.js
cds.connatix.com/p/418625/ Frame A815 		47 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/418625/402.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7cda7b4974f7ca8c488b2ea37bd5736e0ebe3081d6878b3f9d4e4880277798

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:43 GMT
x-amz-version-id
O2yu.plFpTqtIqCYiSfKdV.QUBGrQK1H
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 17:26:25 GMT
server
cloudflare
etag
W/"a2347bec4394e771089e64c3d222645a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
84cd8a36a841572b-MIA
access-control-allow-headers
range
expires
Tue, 28 Jan 2025 01:00:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C9CD 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:44 GMT
banner-nfls-300x250.html
s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/ Frame 51F9 		2 KB
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/banner-nfls-300x250.html?e=69&leftOffset=0&topOffset=0&c=LucK0WAbjB&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d7b767281ef9365b52316d0b86c56d8add6165d18ac6e0a531e4487aa3cf505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
763
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:44 GMT
expires
Tue, 28 Jan 2025 01:00:44 GMT
last-modified
Fri, 16 Apr 2021 15:08:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C9CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsscL9s8fJqckHkyean1jZCIVpkAmXwjCLPtze-A86CKbNiLutQkvbIu8BLGe1Z7qFa7mwLMgOFjaca8lzVZjCj44mrMDstb8xVGmqzJELJ-iTDuHZ_9KgBX1OMJOydLF0KWi2Vx6iEcc_VM8l2lVnIsMo-c0KWdSjBl4J-4NUb4u13gTSlspEY1tKeCpa5rZSjA7k_gO2lQQWMLIsL_GyDO51wADBycsuUoScr4s1Bpjf2OP76t00T3S0g9BF7oIyxfGB2coaPwXE9kD9g0anRiYKy2JyKZ-3r13IB1jmTPE2qxfJKwEVLRx_Mnn2xLhGZiDaqHIX4EQDjJesUIMMoVWJwfbntOeJkx-nZw1Z9d-Dv1ijGq-GHu3a5qHhN3ODD6zF4U-tAxE8FlXM3lgXETWwpxOgRQ9L9WfrTODmRg_lUF75gEj9FahVpOqzYpilW4hlr1YirTC4BTiCQNfqvIcqdWzxL2wbi51DIboTfVSpLB7huQ0KjiAZm-YGJkIkXr6jY4CnbupRIhwSQ-YONjZBnzC19nsbi7QsUsqS74Ia1ruro3eKGhenmeb0Vkdk5Ynhf9ziKQLED8Caqx7xYfesio09JgMCat-j6DyXPKhBLADJc6RG9zNw40HS5VFEovOUoakBsMqgqnFiYHgWdgqsIXXNPv6R59VadocE-A44sgqZ8v9BgKZujis6J38vgvuqduq5f50tYPZ3Rcp-Foqg2yXEvzvrIV0-0933dtEiKxX-n9xRsnfEsKZYWnLndJyG7VSUyCWmQrGzz6DTiHdxa2TtnbdvnduGedpemrKdv026RJnFTSzxPvS0WQxuBzDKkfbUWybeEgOJuFmm_bI6YGdvFkckQHgGgl-borzUulc3rKSEOkWCiMzEE--NLv77auQLT98VzdfpNKPJUPzdbBlNV5Yi2qiYKEwbfhqesEfpzEMlxS69yn7TloXJCVf1THU8ar69D8NEPk7bPqOPLX5NF7zenWxQBDZB8q1_ai3XFeVUcwuqT1udwHvBMe-Jwi7IHZsQUdCM0dmXJnGpAJ7iMc6Q6ocOEWWHX1AWtGBrC7PBrhNO5XUndjGkUOU9aHI3D5jlD_eaIVaSum9Ep8gJQQSQV4iHIJujQfQ9ov3kRmdhD2cRsJJE-zZFndy6hzKYBRB_nI8l_n7mNZ3V_zs14SqZdVG41dytIAsz90dArOv-R_yx-WL4S3KgJTaDsA7C-lfK3elpiJrPBX9gqBiAxcyxaxqRQUB1lFmkqH_CSCAg2aAl6eCfySAyyVfPr9Q6xZpncq0e49xQREXCfNit9I8B4PalRL-gVSk3sbwhp3fuvqn1uOciTS_6Ya-Zg-dStFUwAx34FNa8JBLCxN9LbPH99ICJqbt0SQnSFHClOHpb6_C4S5gTe8CFd5zwY&sai=AMfl-YRPBRuK5X0rXev1okcNiA9QQMNOooEKfBn8jF_rlsiRohVWPbx-Uqej6c_FCm7fKFYrYq7cIN4YQvHGlxzT9cUr-OY0tiAQsS5KJiukpmRd84BHfvqdXN3gXCkRfuT1WmjjG7IhJiQFS8uM_CwIVHuTXgx8fD0EIpQm2E4PpADYiYfYPvU9g1V0kL616rxBPl4-4qrtjz9rfEa3HEuKKZeEKc7ycQGmab_8yBvW36GWUcY0-Z47MSjQpOM&sig=Cg0ArKJSzFThKB-GDfFZEAE&uach_m=%5BUACH%5D&pr=8:3D972AA0A77975B3&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=619&cbvp=1&cstd=600&cisv=r20240122.57581&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 29 Jan 2024 01:00:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 5311 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.10.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2031:d800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:56:42 GMT
x-amz-version-id
wKjSqZ6f.s9S8wEf1bV_oPeZRRWKrMN1
content-encoding
br
last-modified
Mon, 18 Dec 2023 12:16:18 GMT
server
AmazonS3
via
1.1 3752ccf5503decd10d1a32bdcf2a0cb4.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C2
etag
W/"229a75f6b428e87e913ddfb377e45f31"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
243
x-amz-cf-id
0QmkNDm5kSoOYCgO4WxE73uLNrRG_4D0L05OtbuH4vIhKDacZ6eNhw==
hb_270443_10247.js
player.spotim.market/prebidlink/474025/ Frame 5311 		2 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/474025/hb_270443_10247.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c65b7a186b7aeca04f1984c13b7d86917ab4c29031ef90bd49dc4cd9f3eeb4d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 01:00:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 09:44:38 GMT
server
nginx
etag
W/"65b62206-601"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5311 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f858bc87166818d46622add3ad84c098957a9913134255d991922be8f08d7af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29600
x-xss-protection
0
server
cafe
etag
751 / 19751 / m202401230101 / config-hash: 16415232170016434785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:44 GMT
wrapper_hb_270443_10247.js
player.spotim.market/prebidlink/474025/ Frame 5311 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/474025/wrapper_hb_270443_10247.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a96d2f83a20077680ad901db70dec6ff52e0789be6114461c863930b91651617

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 01:00:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 09:44:38 GMT
server
nginx
etag
W/"65b62206-a45"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
outbrain.js
static.vidazoo.com/basev/skins/outbrain/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/skins/outbrain/outbrain.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
Z52QMYE1CK4J0P8P
age
47864
content-length
19996
x-amz-id-2
YWnoMVeFzsMdrbaMi2sBsWN+ZTr8z7CW0XNRWj0EgRzlEkW9agCD17tEXls/cKzJEjy6yxhOb28=
last-modified
Mon, 06 Apr 2020 12:23:25 GMT
server
cloudflare
etag
"27c03d08ed4bfb0b9084b79ce358e325"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84cd8a37798d4c32-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 30 Jan 2024 01:00:44 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B6BF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa85e5ae448426aa70e267de6e91a470659f9af5deea3d40505bc5a34f60e6ea

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a37993274a4-MIA
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 01:00:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfSeaKBvgjL5B7WMEoDvCDembMubUWWCzNGAsxafwFJdQhmgJW399LTaYA2NGtCzltHjKpeCxv%2Fq1AiAdDfySn%2BlBJtiw%2BqpBvAgCBskiC1EVoH3LRUl0EbxIAT9pn9vKHN2LrbbJe4Erw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 1945
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBWOHQo4IG_r7LBHcveTFlA&google_cver=1&google_push=AXcoOmTGgzDl54puqBWz_7pHlmhprycIQLaESFCTx5xgGjawEL0vHoRr9YTdsLEwK5yF3M3JSWCXv9WzQNSPJU0NnV...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDFlMjRkOTMtZDU0Yy00NGRmLThlMTAtMzM1OTc4YTVlM2Nl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDFlMjRkOTMtZDU0Yy00NGRmLThlMTAtMzM1OTc4YTVlM2Nl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDFlMjRkOTMtZDU0Yy00NGRmLThlMTAtMzM1OTc4YTVlM2Nl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 1945
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEG0Onbv9S2Gkm0kvykqITuk&google_cver=1&google_push=AXcoOmSTnAEIBCg5DmQ19W2j71Qx3uc8IoolHr2OU8Gb9o-Yn2OD2zvgqy5HSAqlKN_xThYB6TjKYRMrd2JOHKabJq6QSsU8KzGX
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFdma3gxeVhEdGVZZVZRLXZQaTJaUQ%3D%3D&google_push=AXcoOmSTnAEIBCg5DmQ19W2j71Qx3uc8IoolHr2OU8Gb9o-Yn2OD2zvgqy5HSAqlKN_xThYB6TjKYRMrd2JOH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFdma3gxeVhEdGVZZVZRLXZQaTJaUQ%3D%3D&google_push=AXcoOmSTnAEIBCg5DmQ19W2j71Qx3uc8IoolHr2OU8Gb9o-Yn2OD2zvgqy5HSAqlKN_xThYB6TjKYRMrd2JOHKabJq6QSsU8KzGX
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:44 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFdma3gxeVhEdGVZZVZRLXZQaTJaUQ%3D%3D&google_push=AXcoOmSTnAEIBCg5DmQ19W2j71Qx3uc8IoolHr2OU8Gb9o-Yn2OD2zvgqy5HSAqlKN_xThYB6TjKYRMrd2JOHKabJq6QSsU8KzGX
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
243
pixel
cm.g.doubleclick.net/ Frame 1945
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&google_nid=index&google_push=AXcoOmS2m0n-e96if517r32u24f1GeD4R4byG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&google_nid=index&google_push=AXcoOmS2m0n-e96if517r32u24f1GeD4R4byGdTTRwSOiWk--ChjdHWIgMHyPTtAUBK6rsmCVF80KRGKCoxyFPKkIHbOePTxGXgB
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRnTUPEY5NIK6QUc7xmgxPhPhgdRhOrczJC4vEbgPb09IRs8A3EZ0GSLNGjFS%2BKti%2FoGLxex7kii3C5fXHP6gKHYlUqr2RSyskaiz%2BqzDrbqd89rf2vTbCc0T5Uhjjdwc6Va730F%2FDAd7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&google_nid=index&google_push=AXcoOmS2m0n-e96if517r32u24f1GeD4R4byGdTTRwSOiWk--ChjdHWIgMHyPTtAUBK6rsmCVF80KRGKCoxyFPKkIHbOePTxGXgB
cache-control
no-cache
cf-ray
84cd8a37994c74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
ebda
match.360yield.com/match/ Frame 1945 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEJsd7DdII4-HDRW99QZqhEw&google_cver=1&google_push=AXcoOmRkivlud2qrcgzbDfJa8YJJRsy2paJXYTnWzDIXi_1PRXFXpy_0fV_INky76IXl81SNH7kI1NkrMVK7e766uxdN8f4vzZk
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.90.24.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-24-244.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:44 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1945
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEL2OBtVacyYoBS7T-O488_E&google_cver=1&google_push=AXcoOmS6OJLkt1ZfeahOcSKMgw-6STf56zyIX2laRs3rguZGgITj08Jz2OHGsAOysUXx_jBx9v6rp563hNpnUu...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmS6OJLkt1ZfeahOcSKMgw-6STf56zyIX2laRs3rguZGgITj08Jz2OHGsAOysUXx_jBx9v6rp563hNpnUu9shAD1KcjvifSx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmS6OJLkt1ZfeahOcSKMgw-6STf56zyIX2laRs3rguZGgITj08Jz2OHGsAOysUXx_jBx9v6rp563hNpnUu9shAD1KcjvifSx
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmS6OJLkt1ZfeahOcSKMgw-6STf56zyIX2laRs3rguZGgITj08Jz2OHGsAOysUXx_jBx9v6rp563hNpnUu9shAD1KcjvifSx
date
Mon, 29 Jan 2024 01:00:43 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1945
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESENDY1chyQxONm5RDreSBZaE&google_cver=1&google_push=AXcoOmQ80L7YYotvmmiHB4_-z2gEOMSEoSDOJloMP113MPYWBQVvwXjoj4Qv_7P_KcT8Lcm0-uPpF1PGV-VEKEhXVy_OBiQY6nmn
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmQ80L7YYotvmmiHB4_-z2gEOMSEoSDOJloMP113MPYWBQVvwXjoj4Qv_7P_KcT8Lcm0-uPpF1PGV-VEKEhXVy_OBiQY6nmn&google_hm=e4ab3414abfc3f86df3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmQ80L7YYotvmmiHB4_-z2gEOMSEoSDOJloMP113MPYWBQVvwXjoj4Qv_7P_KcT8Lcm0-uPpF1PGV-VEKEhXVy_OBiQY6nmn&google_hm=e4ab3414abfc3f86df311480b97b5148
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmQ80L7YYotvmmiHB4_-z2gEOMSEoSDOJloMP113MPYWBQVvwXjoj4Qv_7P_KcT8Lcm0-uPpF1PGV-VEKEhXVy_OBiQY6nmn&google_hm=e4ab3414abfc3f86df311480b97b5148
date
Mon, 29 Jan 2024 01:00:44 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 1945
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJ8M6gxudYimohivTL2_dPQ&google_cver=1&google_push=AXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qiXyOiwv1ybg
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLp...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&google_push=AXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qi...
  • https://cm.g.doubleclick.net/pixel?google_hm=jBlXS5AhPLp5o70Kbpnl&google_push=AXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qiXyOiwv1ybg&google_nid=inmob...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=jBlXS5AhPLp5o70Kbpnl&google_push=AXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qiXyOiwv1ybg&google_nid=inmobi_new_eb
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=jBlXS5AhPLp5o70Kbpnl&google_push=AXcoOmSTlkTfvyve1CsaEqJF1bLXYO3NLlPlZPZh5I38LHLpLEyzNC-Bfd8DE_FLks32FkRzkT1OBO9hSpgwjE4S33qiXyOiwv1ybg&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
227
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 1945 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KS8fM38vAD2ibmGH11nvcup5ixo3oBa5jul4Qa_TW6UemgSXsqdJvrzk7sU3cRJ18vcm4J7w
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 4BB9
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENdO6_wi95iQnAGRx1XqHxs&google_cver=1&google_push=AXcoOmTP8DxLeQ8_uv2zDq7xJHdEcOHJ_1eOD_74oBxjtyh4Deb_UvBAW6FF70xm8tjlenKja08Cr...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTP8DxLeQ8_uv2zDq7xJHdEcOHJ_1eOD_74oBxjtyh4Deb_UvBAW6FF70xm8tjlenKja08Cr5cTfbUP8z74O_lg29vszvcqM6_bTD3KaEfmg-3AD3JWCVg9XsCaB8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTP8DxLeQ8_uv2zDq7xJHdEcOHJ_1eOD_74oBxjtyh4Deb_UvBAW6FF70xm8tjlenKja08Cr5cTfbUP8z74O_lg29vszvcqM6_bTD3KaEfmg-3AD3JWCVg9XsCaB89ZGJTscofAsWp6H5EocJ2esO_b
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:44 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DE948F90403D4955A1724CA1DE88CD0E Ref B: MIAEDGE1309 Ref C: 2024-01-29T01:00:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTP8DxLeQ8_uv2zDq7xJHdEcOHJ_1eOD_74oBxjtyh4Deb_UvBAW6FF70xm8tjlenKja08Cr5cTfbUP8z74O_lg29vszvcqM6_bTD3KaEfmg-3AD3JWCVg9XsCaB89ZGJTscofAsWp6H5EocJ2esO_b
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQCyzkx9U0FKM5qrMRgQ==
r.gif
sync.extend.tv/ Frame 4BB9 		0
0
pixel
cm.g.doubleclick.net/ Frame 4BB9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRoRd...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-CZ9EpshAAZMRmtHJMFdIz0hSE5PtgzZE2dktjQ&google_push=AXcoOmRoRdfWq4bE7puWLfh_uotl-UIwprNUyMDk2BNBhjxvRKJDpRLpRoiJ_hofuDIoQ9Z0qkFZzpZBJdxs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-CZ9EpshAAZMRmtHJMFdIz0hSE5PtgzZE2dktjQ&google_push=AXcoOmRoRdfWq4bE7puWLfh_uotl-UIwprNUyMDk2BNBhjxvRKJDpRLpRoiJ_hofuDIoQ9Z0qkFZzpZBJdxsf7_16_c7rJqV6ZZnm1l5Of_jV2e_qKTGEd8mwMMbhdkrNKZjuNvs8re62e6mDz26h4-wYZuh
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-CZ9EpshAAZMRmtHJMFdIz0hSE5PtgzZE2dktjQ&google_push=AXcoOmRoRdfWq4bE7puWLfh_uotl-UIwprNUyMDk2BNBhjxvRKJDpRLpRoiJ_hofuDIoQ9Z0qkFZzpZBJdxsf7_16_c7rJqV6ZZnm1l5Of_jV2e_qKTGEd8mwMMbhdkrNKZjuNvs8re62e6mDz26h4-wYZuh
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1166742
content-length
0
expires
Mon, 29 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4BB9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&google_nid=index&google_push=AXcoOmQAoSKQTilpSOxLjaOuanZ8zdwPZgDlI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&google_nid=index&google_push=AXcoOmQAoSKQTilpSOxLjaOuanZ8zdwPZgDlIDTdB-D6q5NL49a7h7CVl5Z6ff9EbNMzHbn-Sm_pH_KMiM_1E-1ipEGnkXfVo3A3XpgMsa-glpDTpNTMjM67sA483OMpZo-xvWBKTWRTC8VOKq0FXw-qLkt6
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKdSrX1LHuzo2hEetobaq0oEtRxWFb2Qp15pf1mMVRjFLcUlEj3eq94dI475zE3W%2Fe7EBk4pLvmdcxGGnDcGCDh91C0sXNr3j%2BljYXfLg8ynM52CdKb6YvBXiZ1s3xaJ6D61oPQ6ju6pBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&google_nid=index&google_push=AXcoOmQAoSKQTilpSOxLjaOuanZ8zdwPZgDlIDTdB-D6q5NL49a7h7CVl5Z6ff9EbNMzHbn-Sm_pH_KMiM_1E-1ipEGnkXfVo3A3XpgMsa-glpDTpNTMjM67sA483OMpZo-xvWBKTWRTC8VOKq0FXw-qLkt6
cache-control
no-cache
cf-ray
84cd8a37996474a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 4BB9
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKOrsOYBf9FWvGXgCUsLxP0&google_cver=1&google_push=AXcoOmRpMGQaShXfX-ajFOesETbcgUgEjx-xtpeIrlmXDd6APMawgbrd-YGLQSw5CQNnMLtVd5Ys3UMiWYJ2HiX7...
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=8ee963035d&gdpr=0&gdpr_consent=
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=8ee963035d&gdpr=0&gdpr_consent=
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61381

Redirect headers

date
Mon, 29 Jan 2024 01:00:44 GMT
via
1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=8ee963035d&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
mPI9jB6p58fLenMc3I4yO5fulxbhbLDBtHyJIKmfTl8noIKCAoZdLA==
pixel
cm.g.doubleclick.net/ Frame 4BB9
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJ8M6gxudYimohivTL2_dPQ&google_cver=1&google_push=AXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZDldTL7U4tYyk...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&google_push=AXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZ...
  • https://cm.g.doubleclick.net/pixel?google_hm=jBlXS5AhPLp5o70Kbpnl&google_push=AXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZDldTL7U4tYykWz6hfKkZWFIXONJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=jBlXS5AhPLp5o70Kbpnl&google_push=AXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZDldTL7U4tYykWz6hfKkZWFIXONJRpa18C7CjhXNEMBXdaoJpve5mgmP4zbTUGcPKWA&google_nid=inmobi_new_eb
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=jBlXS5AhPLp5o70Kbpnl&google_push=AXcoOmQu1RxCG6Yuc-YavUtd8VgRiL33AvzeN51kXa7Wa0k8FGSor4gR79vA_QoFQWOBzcm-ZukmkESRJPyGI0f07OwZDldTL7U4tYykWz6hfKkZWFIXONJRpa18C7CjhXNEMBXdaoJpve5mgmP4zbTUGcPKWA&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
283
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4BB9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMcpoMm11Uz84_x0D8pzqnM&google_cver=1&google_push=AXcoOmRaZubrabRrhz7GYq_-0GAtJnDtG-Ce9CB8RbzQWJndsctdv5HeyAZVorxjlJ0F2oB53P_kd...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRaZubrabRrhz7GYq_-0GAtJnDtG-Ce9CB8RbzQWJndsctdv5HeyAZVorxjlJ0F2oB53P_kdICSkdcUKRApGFDgBNRa1CPCZThNKqgjgHwTzi94qSeyB52-FUh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRaZubrabRrhz7GYq_-0GAtJnDtG-Ce9CB8RbzQWJndsctdv5HeyAZVorxjlJ0F2oB53P_kdICSkdcUKRApGFDgBNRa1CPCZThNKqgjgHwTzi94qSeyB52-FUhZiXcp1an_cFfS8ERPysbteN0fOzwkPQ&google_hm=RkdNeVJpeHVfRGdWSHlpdnhuM2Q=
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRaZubrabRrhz7GYq_-0GAtJnDtG-Ce9CB8RbzQWJndsctdv5HeyAZVorxjlJ0F2oB53P_kdICSkdcUKRApGFDgBNRa1CPCZThNKqgjgHwTzi94qSeyB52-FUhZiXcp1an_cFfS8ERPysbteN0fOzwkPQ&google_hm=RkdNeVJpeHVfRGdWSHlpdnhuM2Q=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
298
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4BB9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgSblFVRcAlZqeoYMLZLSyS1GUELL5ZsKwsT7xICOLkfUPV7PskxMifO_ENRkrR7b1PL16JMM
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dv-measurements5308.js
cdn.doubleverify.com/ Frame B697 		415 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements5308.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:23::b819:7f4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
77cddf33af1c6275f0d8092c331d085fbe0258a68230a773840f79c6801ad4bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 08:51:17 GMT
Server
UploadServer
ETag
"761f4a4b170a21c81cd023ef886d6f86"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101065
Expires
Tue, 28 Jan 2025 01:00:44 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 88CD 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
286171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 17:31:13 GMT
expires
Fri, 24 Jan 2025 17:31:13 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9CD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=BwwoYuvi2ZcTiEN_ZoPwPiPCyuAEAAAAAOAHgBAI
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame E709 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
285563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 17:41:21 GMT
expires
Fri, 24 Jan 2025 17:41:21 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 85C5 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
285563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 17:41:21 GMT
expires
Fri, 24 Jan 2025 17:41:21 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=644a60246e77108b&is_secure=true&version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-...
  • https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAFvn6aWhGzlgN3oAmpAAAAAAA&expiration=1706576444
0
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAFvn6aWhGzlgN3oAmpAAAAAAA&expiration=1706576444
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a39ba5b9ae3-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAFvn6aWhGzlgN3oAmpAAAAAAA&expiration=1706576444
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
blank.mp4
static.vidazoo.com/basev/ 		891 B
1 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/blank.mp4
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
HIT
x-amz-request-id
XNBKPA5R49Z9GEBK
age
46572
Content-Range
bytes 0-890/891
Content-Length
891
x-amz-id-2
UVv19qMrznyqMFz+Q/kBeMpMcIbky4B3M5zqFeOoRKtK/td9QyNwO3vYxS97l1G3Tf8MYryj5lI=
last-modified
Mon, 06 Apr 2020 12:07:11 GMT
server
cloudflare
etag
"86ec3fbb73842f6c776555cfb7f1950d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
cf-ray
84cd8a385ac44c32-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 30 Jan 2024 01:00:44 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 51F9 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/banner-nfls-300x250.html?e=69&leftOffset=0&topOffset=0&c=LucK0WAbjB&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/banner-nfls-300x250.html?e=69&leftOffset=0&topOffset=0&c=LucK0WAbjB&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 20:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 20:11:19 GMT
backup.jpg
s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_img/ Frame 51F9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_img/backup.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/banner-nfls-300x250.html?e=69&leftOffset=0&topOffset=0&c=LucK0WAbjB&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3a0c34c83d818bd9856a1db1c56e4e125d8b185dec5b3b00bbdf37bf2b8e063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/banner-nfls-300x250.html?e=69&leftOffset=0&topOffset=0&c=LucK0WAbjB&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 27 Jan 2025 05:06:57 GMT
date
Sun, 28 Jan 2024 05:06:57 GMT
x-content-type-options
nosniff
age
71627
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13441
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 15:08:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
jquery.min.js
s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_lib/ Frame 51F9 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_lib/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/banner-nfls-300x250.html?e=69&leftOffset=0&topOffset=0&c=LucK0WAbjB&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/banner-nfls-300x250.html?e=69&leftOffset=0&topOffset=0&c=LucK0WAbjB&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 27 Jan 2025 05:06:57 GMT
date
Sun, 28 Jan 2024 05:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71627
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30250
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 15:08:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
cookiesyncendpoint
sync.aniview.com/ Frame CC1A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26bid...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&rndcb=3250595750
  • https://cm.mgid.com/m?cdsp=146480&gdpr=&gdpr_consent=&us_privacy=&adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dadconductor%26user_id%3D%7Bmuidn%7D%26bsw_param%3D82ce5fbb-faf3-47e...
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dadconductor%26user_id%3D%7Bmuidn%7D%26bsw_param%3D82ce5fbb-faf3-47ec-acb9-51ab4b739685%26expires%3D10%26gdpr%3D...
  • https://x.bidswitch.net/sync?dsp_id=303&ssp=adconductor&user_id=o0sIVghABe0h&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685&expires=10&gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/82ce5fbb-faf3-47ec-acb9-51ab4b739685?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=200&key=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
0
311 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=200&key=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:45 GMT

Redirect headers

content-type
text/html
date
Mon, 29 Jan 2024 01:00:44 GMT
etag
RX4949403a4567441386a864a4c6123dda005
location
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=200&key=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cookiesyncendpoint
sync.aniview.com/ Frame E484
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D18%26k...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=18&key=IEdcARZHXsIbyiq9SwayWrz3
0
270 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=18&key=IEdcARZHXsIbyiq9SwayWrz3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=18&key=IEdcARZHXsIbyiq9SwayWrz3
cookiesyncendpoint
sync.aniview.com/ Frame B353
Redirect Chain
  • https://csync.loopme.me/?pubid=11455&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D56%26pid%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=56&pid=59c9148628a0612da3689288&key=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&g...
0
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=56&pid=59c9148628a0612da3689288&key=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&gdpr=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=56&pid=59c9148628a0612da3689288&key=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&gdpr=0
server
_
cookiesyncendpoint
sync.aniview.com/ Frame E332
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-9a4stuZE2uKU2FCaDPsyZX20TOX5Rc9Y~A&gdpr_in_effect=0
0
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-9a4stuZE2uKU2FCaDPsyZX20TOX5Rc9Y~A&gdpr_in_effect=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

age
0
content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-9a4stuZE2uKU2FCaDPsyZX20TOX5Rc9Y~A&gdpr_in_effect=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame 9997
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:44 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
sync
vid.vidoomy.com/ Frame C8A9 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 29 Jan 2024 01:00:44 GMT
etag
W/"a9290c6b5f8c75ebc321b414a16a5c2a"
last-modified
Tue, 12 Dec 2023 09:09:26 GMT
server
CDN77-Turbo
vary
Accept-Encoding Accept-Encoding
x-77-age
384769
x-77-cache
HIT
x-77-nzt
AyUTzgQ3Nzf/Ad8FAJySO983NzexbT1aAhPEcQA
x-77-nzt-ray
8e305f1cbe5f6a6cbcf8b665cd319f21
x-77-pop
ashburnUSVA
x-accel-date
1706105275
x-accel-expires
@1707142075
x-age-lb
384769
x-amz-request-id
tx00000233c775c208f3c08-0065b119bb-2bae485-prg
x-amz-storage-class
STANDARD
x-cache-lb
HIT
x-rgw-object-type
Normal
cookiesyncendpoint
sync.aniview.com/ Frame F108
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=0&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6cdfaa70225d6647ed904c432d8f0b&_fw_gdpr=0&_fw_gdpr_consent=
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6cdfaa70225d6647ed904c432d8f0b&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:44 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6cdfaa70225d6647ed904c432d8f0b&_fw_gdpr=0&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1706490044517085-156
auto-user-sync
ads.stickyadstv.com/ Frame 5A9C 		43 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:44 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1706490044520066-167
fa9f4b3548d146d8b0584acce84c4fec.gif
cs.admanmedia.com/ Frame 2116 		9 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/fa9f4b3548d146d8b0584acce84c4fec.gif?gdpr=0&gdpr_consent=&us_privacy=1---&coppa=0&puid=1706490044009-172030175079-000676-010-006630&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D57%26pid%3D59c9148628a0612da3689288%26key%3D%7B%24UID%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 29 Jan 2024 01:00:44 GMT
Server
nginx
Transfer-Encoding
chunked
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB75 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48091
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:44 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 171E
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=B81743F7-B474-4C19-8479-8697021ABDD2&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-00...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=31&key=a0d7576d9e1f4d62b901874e2cf64d14
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=31&key=a0d7576d9e1f4d62b901874e2cf64d14
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:44 GMT
Keep-Alive
timeout=25
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=31&key=a0d7576d9e1f4d62b901874e2cf64d14
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
/
onetag-sys.com/usync/ Frame C2DD 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame 9010
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=55&key=569908430852131164
0
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=55&key=569908430852131164
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f58e63f9-36b3-495e-a39f-9245bc0318f3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:44 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=55&key=569908430852131164
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
sync
ssbsync.smartadserver.com/api/ Frame A34F 		900 B
966 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.101 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.101.rdns.racklot.com
Software
/
Resource Hash
defdfd63bf627386e6f84822e553884e0a478f8d23bfe315c906624b34405b50

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
900
content-type
text/html
date
Mon, 29 Jan 2024 01:00:43 GMT
pixels
pix.spot.im/api/v1/ 		0
230 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-41.iad89.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
k9q8zhwHm5ZehyvGE10U3Z7Wuh1bkMBZn4h6t9akZU9Qa8H6Jo5alQ==
player.js
player.aniview.com/script/6.1/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
63d06182aa189f102b1790b003051b3ad7783a99c5a528b3c55ba14bd84a3af5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrng9DeBLhz0NKjWxLvRBtgQC8vjN0Zzbg64rL-88Q5c3c7EiwtcEm0i-JJDe-zYQ9csxc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
13581
last-modified
Sun, 28 Jan 2024 08:10:28 GMT
server
UploadServer
etag
"dad85136fb059c40c338e011e2b6d326"
vary
Accept-Encoding
x-goog-generation
1706429428299418
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=/jO+GA==, md5=2thRNvsFnEDDOOAR4rbTJg==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
13581
accept-ranges
bytes
quic-version
0x00000001
track
track1.aniview.com/ 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6052025c979e457a0861de0a&e=playerLoaded&cb=1706490044375&r=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sync
x.bidswitch.net/ Frame B6BF
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=a00f9526-1dfc-4162-8f58-70eba1170baf&liid=&_ct=im&us_privacy=1---
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=869d01602ac342df9a9c409daca26dff
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date
Mon, 29 Jan 2024 01:00:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame B6BF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=569908430852131164&us_privacy=1---
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=569908430852131164&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65f8pZSXRPoqd3xvEoOWjFBLPsYAvEGvDYNGwcW6X1Y1ib8nouK8%2FakjyXT%2Fdmztpm3ftU9pg8FC57B6BXIUQk5pUTWMx%2FTzDxldvxhdNDCqf4miPvVyngMlrj6IylzZFaA20hx8MoVkIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a39edba74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
an-x-request-uuid
62a41d4e-92b5-4959-a653-b4bae759d755
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=569908430852131164&us_privacy=1---
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame B6BF 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:44 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706490044601009-102
crum
dsum-sec.casalemedia.com/ Frame B6BF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGDg07LbfEAABOt5hXgMg&expiration=1707699644&us_privacy=1---
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGDg07LbfEAABOt5hXgMg&expiration=1707699644&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKWtBXVdUKD75KV4I9e%2FcV72QeBKpH5wSfNq1%2FZNkHiNF7mDUes1HuxlhVaQfOhcWpdzKj6EP0vOis9AXjdEqvyRi923W8pkTtaEcGPc6nTC9pCSWAeWAYa%2FgB0i6noK2hH15aRbXqvDdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a3b082474a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGDg07LbfEAABOt5hXgMg&expiration=1707699644&us_privacy=1---
Date
Mon, 29 Jan 2024 01:00:44 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B6BF 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B6BF
Redirect Chain
  • https://rtb.adentifi.com/CookieIndex?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ke8GL1yImsDkx1Q0GXyispWm1%2FY%2FnP1Fwlylizrz5NFiAx5JfVF%2FTPp4VlHpwB3ctpV%2B4ccnB5bbwEC%2FJimgV3BZPdFlNovR3GThZhi4zZ92D1TqYvcixijTTRI1iCBzctLlAHpJJ8vZBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a3a7edd74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
date
Mon, 29 Jan 2024 01:00:44 GMT
content-type
text/plain
crum
dsum-sec.casalemedia.com/ Frame B6BF
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1---
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=d4d740f0-be41-11ee-8602-6e51ba46ead9
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=d4d740f0-be41-11ee-8602-6e51ba46ead9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aa7liBxWWaDbpuffc94IMJYx89h1LnhNqAqqp2iw%2Bgaq1oMiKI42Q2DrjNv6uMziS2FsPpRwyUQ9fnN5hD8LHlqliJtlOwZpQYrP0Ew2xOQSIby2AvWbC2Eq%2F8nUSZnrzlSmlPiY5BHweA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a3cec7774a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=d4d740f0-be41-11ee-8602-6e51ba46ead9
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-1
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame B6BF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnPjBFpwz%2FrhxT%2Bf591FC8TlUf%2BedWAHLt8l%2BvyMMDfvXn2tkb5jrseDQd76VdMZaTxnM%2BnLiIqXHkGS7iARSWiBwqVlRcC%2B02a66OnFbGZKGUp9uNvsi306KVISeAa1o%2B2qc82EZiC0xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a3affeb74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT, Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame B6BF 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Zbb4t.4rlh.cZ2F6j5eVAQAA%261589=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
48929
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84cd8a3a1ab4495a-MIA
content-length
43
expires
Tue, 30 Jan 2024 01:00:44 GMT
styles-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		38 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/styles-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a46de45c0bcfe62f75da1a1145649b8bcaf01481a4427db207724bb92eb95ff9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
hojauT9CJOtCVRpMvNIWS2UVn6IhdqiZ
x-amz-cf-pop
PHL51-P1
age
651337
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
5919
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"9d7544637ac91f35ad1ee039c1305219"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fa5yxp5M0z6f_cfwwdxc92yMH5oxSx_jtL_XcR_wBrUq9kZHj3reag==
vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		378 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0f18490e8ca5cf07455848744629e033f9def2c256de6a710619a5b66d38567

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
SJ03ool8ZLOzzUHZhUJp5rEwsmS11Qy3
x-amz-cf-pop
PHL51-P1
age
651337
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
98695
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"c9c89e51aa7c1b50009c938e49aa88fa"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZdF272IS2Mz1QyoYenHziYFafmG0VWFf_MQzUAerD9s9v9Berh5QOw==
app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
205a1a801e49c6b02403a75eb3af9ff15a88a273b93fe3c70545aae6d750cd6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
D3wS84ArVXU67NjCywTRu8Gtl_LANINF
x-amz-cf-pop
PHL51-P1
age
651337
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
39688
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"24c5043ca0c5dc95dd6be465aa9610d1"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cfn7GheMomXjY3EUI4ZzvSXfugIxgXGC-IUeQ0ruvAglJbG5vyf25g==
app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad833c164a2d741ced7db4f324f3beb752f324f4fe025b9a8d416b650a729e97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
JwNwxTkPHbfP1HzlyA3ThHEyoHTtnzgF
x-amz-cf-pop
PHL51-P1
age
651337
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
11679
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"da00561ee5ce1f10a95f9a16bc89d6ba"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cZs2oh2Cf8eATWz9XPy01UgxDFIZuoAxNI81a2Cia9oaR7id9DIxyQ==
conversation-boot-next-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/conversation-boot-next-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0ecbb79af1f68e411da2611e71b27e55d666a3898ec6d3c319f6392f79406f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:08 GMT
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-amz-version-id
v8kAVHtpYLjbrCKm69KGszO.PVR0Jrs7
x-amz-cf-pop
PHL51-P1
age
651337
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3216
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"f1da7697c9e794cdcf80403a8ffbb455"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
io6PwwHQYiuv5lJRFBR0w679J9lFOeWgrTFZWdkQjO6J5FipuvCWBw==
styles.css
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		675 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
025fc84acf798cc6ddfaf8094fa8b274592a18226009912c77b678e2c6293742

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:08 GMT
content-encoding
br
via
1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-version-id
4gBuKE3gfV72yE.4vN35FnLTQxRuehj0
x-amz-cf-pop
PHL51-P1
age
651337
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
39627
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"66555145a6b0532aeb25f46746130248"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rsIuSYaazsWUCbnI74-hK9q3ivlkOHSZBn4QDz7O2Bl-zEINmM9Ikw==
vendors-node_modules_babel_runtime_regenerator_index_js-node_modules_spotim_ui-components_dis-cb2aa4.js
static-cdn.spot.im/production/reactions/tags/v4.5.0/ 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.5.0/vendors-node_modules_babel_runtime_regenerator_index_js-node_modules_spotim_ui-components_dis-cb2aa4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ddfdbe820acf73e9b01c2a6f912ecd7de131d9e9e82efd748d61b2b84beab42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
uk.ULXwBvvMvWNfYsc0FpSG3eA6I6u4F
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 10:00:49 GMT
last-modified
Thu, 28 Dec 2023 10:56:05 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
54122
x-amz-server-side-encryption
AES256
etag
W/"71ba81daf748daa9747095c40fc4427a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
YUeEjnFzcFeBT_Q_e1pgi9-F0IOGAvUAoM9uq1crG9K8-ZoCwsK-bg==
src_components_App_App_tsx-src_i18n_ts-src_state_store_ts-src_utils_getConfig_ts-src_utils_sc-9878f5.js
static-cdn.spot.im/production/reactions/tags/v4.5.0/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.5.0/src_components_App_App_tsx-src_i18n_ts-src_state_store_ts-src_utils_getConfig_ts-src_utils_sc-9878f5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ea242d3e3d55794c3d01b8063af1be2b1c034008458c508909e9434b98db2dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
kWLf5chJ_T33DOFyXlArJID1UU.mx2MB
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 11:05:14 GMT
last-modified
Thu, 28 Dec 2023 10:56:05 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
51644
x-amz-server-side-encryption
AES256
etag
W/"5e60706e051f2f0841e4fe996c039270"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
pFwUXU_nAY5GVMJe6MkvDnoSn_hFjVzn-IXtYrdxcdkLuBI4ZKDBdg==
src_boot-next_tsx.js
static-cdn.spot.im/production/reactions/tags/v4.5.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.5.0/src_boot-next_tsx.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2875201b4ed38c8168a79e1a5397b0aedf149d121c86e35fe2795ae6c4726c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
s.U.tuNq2.0ZEVeiVwZFoerCvBiOMi6K
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 12:28:07 GMT
last-modified
Thu, 28 Dec 2023 10:56:05 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
45398
x-amz-server-side-encryption
AES256
etag
W/"ec42e4463b68cc0384664dc462f18d33"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
ldoWB3kYSQ1AOgkRfhpighUsbrmgzN5SuKA8QCVQtBAzBxTeEtLBrA==
styles.css
static-cdn.spot.im/production/reactions/tags/v4.5.0/ 		114 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.5.0/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b45206e8e7e8dec017b553842055d6e754f028828db106f46d479608d0c72137

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
NezAkjKwAzk.kO2EdaFbLCyQGM9YYPIh
content-encoding
br
via
1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 08:40:48 GMT
x-amz-cf-pop
PHL51-P1
age
61838
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 28 Dec 2023 10:56:05 GMT
server
AmazonS3
etag
W/"310660610fd7a6f0fc119427b665b814"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
FWT0gUZfpEj2CMvIloMCoOGRejND3ln31UniX5p_BMGscIwJ6ceTLw==
avpb8.21.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 5AFC 		286 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cde9163fb274c9b71d38e5df8083372056603dca9d4791420cdc3f458be57fcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPo1MUtJRwvpmBSkg7ivfK8JtrhLDb0CKfa2KaPenhXsNAf4op-NQ9vDp5_Z3gYwnqMtHEsRUCE-Zg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
90539
last-modified
Sun, 28 Jan 2024 08:10:28 GMT
server
UploadServer
etag
"ec176955201ff069dfd9cfae9ab706bd"
vary
Accept-Encoding
x-goog-generation
1706429428321356
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=TCNRFQ==, md5=7BdpVSAf8Gnf2c+umrcGvQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
90539
accept-ranges
bytes
quic-version
0x00000001
avpb8.21.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 5AFC 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ce4dab5b138ccbbb9742103a1dd9dc52cf3b13789027e4ea0e1821cd27c69a5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpgd1O-snVnTIhaVLPjooKllidFj2iDD-E-utGj-cL8eB5MeZlBB2kPadX4fPdp04PmXbfinbKzGw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
21388
last-modified
Sun, 28 Jan 2024 08:10:28 GMT
server
UploadServer
etag
"b18191ca92a3068e9fd9e0bf61e592e5"
vary
Accept-Encoding
x-goog-generation
1706429428143887
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Oaw3YQ==, md5=sYGRypKjBo6f2eC/YeWS5Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
21388
accept-ranges
bytes
quic-version
0x00000001
cookiesyncendpoint
sync.aniview.com/ Frame A34F 		0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=49&key=2405212159101885593&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame A34F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Zbb4vAAA0m8FLAAg&gdpr=0&gdpr_consent=&_test=Zbb4vAAA0m8FLAAg
43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Zbb4vAAA0m8FLAAg&gdpr=0&gdpr_consent=&_test=Zbb4vAAA0m8FLAAg
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
HTTP/1.1
Server
216.22.16.72 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-mia-kmia1760035-MIA
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706490045.642924,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Zbb4vAAA0m8FLAAg&gdpr=0&gdpr_consent=&_test=Zbb4vAAA0m8FLAAg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
wt.rqtrk.eu/ Frame A34F
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=2405212159101885593&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=2405212159101885593&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
H2
Server
51.222.241.106 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-012.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Mon, 29 Jan 2024 01:00:43 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=2405212159101885593&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
8.gif
id5-sync.com/c/102/163/2/ Frame A34F
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=2405212159101885593&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAGDg07LbfEAABOt5hXgMg&id5AccountNum=155&numCascadesAllowed=9
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F6%2F4.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/123/6/4.gif?puid=18d52bb8cfc-2b830000010a4452&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/102/10/5/5.gif?puid=6499456437357126316&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/104/4/6.gif?puid=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/112/3/7.gif?puid=72051B607ADFDF1F&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F2%2F8.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/163/2/8.gif?puid=MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/102/163/2/8.gif?puid=MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 29 Jan 2024 01:00:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:47 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-0174de7c622621521@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://id5-sync.com/c/102/163/2/8.gif?puid=MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A34F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6499456437357126316&gdpr=0&gdpr_consent=
43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6499456437357126316&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
HTTP/1.1
Server
216.22.16.72 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6499456437357126316&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
log
c21lg-d.media.net/ Frame D990 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=72a2b5af-81e5-4375-acc1-5ada32228c87&cs=15&vsid=3494916401524150000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Jan 2024 01:00:44 GMT
content-length
35
content-type
image/gif
vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.25.0/ 		268 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.25.0/vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
Rq97uC_guhRaz_kW4iZdtt6Z39d76WPV
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 11:52:00 GMT
last-modified
Thu, 30 Nov 2023 10:14:12 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
48200
x-amz-server-side-encryption
AES256
etag
W/"65b6fded5f4ad8a82780bdb8f6a581a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
-i4vQ3g-0-9uiU__7i-BQUnaarlxje3PvFWBl9NUlesqyc0_b6RlcQ==
src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.25.0/ 		67 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.25.0/src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52854169a035ac9dbf54ed7981a66e7d3e7b13fe2a0bda03deb3d440c1a2da8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
wbeDKg22WgJYvtIknz0taaVSrWXxI0Pu
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 10:51:25 GMT
last-modified
Thu, 30 Nov 2023 10:14:12 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
52501
x-amz-server-side-encryption
AES256
etag
W/"55c1ab6ec21b39db8cf68ea1a62b8213"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
UyoO3a_z7h_xgSULAZTiP-Ypx87Esr7SYOtlQpI2wnk7j4rm6wF3yw==
src_next_features_BootStickyNotifications_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.25.0/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.25.0/src_next_features_BootStickyNotifications_index_tsx-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa6339a12942856aa82b081878ad89ad8aeee249deedc87a606ddc9008e6e795

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
urHJmiudHsWwQjCe_nL62vEtSrVT.xzE
content-encoding
br
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 17:07:48 GMT
last-modified
Thu, 30 Nov 2023 10:14:12 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
28377
x-amz-server-side-encryption
AES256
etag
W/"1a58ed1bb18bf7b79e00ee272d26cc82"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
DwMYh5PwkqEp6PVSSOCINFSUmezUR1uTvPl2_1Efr4EdDWAWcs-vrg==
styles.css
static-cdn.spot.im/production/notifications/tags/v1.25.0/ 		237 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.25.0/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81b7e9b546df154ccda17bda3012c887c72272e469d3c3048130e9480eb90dc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
5Vavv9XaS33u9A9Nd6j3f.U5Yg.stCb6
content-encoding
br
via
1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 12:19:13 GMT
x-amz-cf-pop
PHL51-P1
age
45760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 30 Nov 2023 10:14:12 GMT
server
AmazonS3
etag
W/"50d670d90c7956e6f70cfe941023c1b8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
C5NGMofBJcSGenqJAOAv0Qb7eLmd7gZ5l9zRWrWygAG5JwqCEhSbLA==
log
c21lg-d.media.net/ Frame D990 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=BMM1dZXY3jizRw6rMm4bXbSdpVxWDHRp&cs=15&vsid=3494916401524150000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3I8M1G&prvid=2033%2C2030%2C2073%2C273%2C2027%2C159%2C2026%2C556%2C117%2C238%2C239%2C97%2C99%2C59%2C3012%2C3010%2C201%2C3007%2C246%2C4%2C521%2C126%2C203%2C404%2C9%2C171%2C173%2C294%2C251%2C450%2C178%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C459%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C225%2C226%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Jan 2024 01:00:44 GMT
content-length
35
content-type
image/gif
sync
capi.connatix.com/core/ Frame A815 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3498a549e9db58df0c121255281cc67223aa7339ea39c31510234a0a7e511f40

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3a6d2b67b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
pls
capi.connatix.com/core/ Frame A815 		202 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=418625&cid=b582666c-87a2-4193-8dad-2c835c276570
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=b582666c-87a2-4193-8dad-2c835c276570
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100dde3f3f821dfaed5eae27ff214dce1c8081d7061c2312a36473f3a92821ea

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3a7d3e67b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
5bce1044a94d4200045740ed.jpg
inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5bce1044a94d4200045740ed/ 		677 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5bce1044a94d4200045740ed/5bce1044a94d4200045740ed.jpg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e724533992b3c0cf17c8ec16eb7e6edad2dafb80b1a563b84b663b11841c1f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
HIT
x-amz-request-id
H9GBX8V3BW163T6J
age
43792
content-length
677
x-amz-id-2
v9EqX3gDx3rA6ID0IXY/X1IKPxiGnsI/X0I350EN11rHqc35cKXZt1xXhRCuHyVzQPSQ+J/ev34=
cf-bgj
h2pri
last-modified
Mon, 22 Oct 2018 18:01:45 GMT
server
cloudflare
etag
"78252c61eb4971238aab053f7a617825"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84cd8a3acdab4c32-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 28 Jan 2025 01:00:44 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84

Request headers

Referer
Origin
https://nypost.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
prebid.js
static.vidazoo.com/basev/1.0.853/prebid/ Frame D367 		755 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/sbt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87940548d92bc97c2094bc22d28faff48f59fb41967ff6ed11812a03119116c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
2DN4ACE03K6EXFJ1
age
78520
x-amz-server-side-encryption
AES256
content-length
243927
x-amz-id-2
K69FB2s8k9GS2Qmc1kVU2LliTUZWpsYNw0C2supcP/ZTz4/Kc2iLr/XnxdrLhntilpmmhZzoJE8=
last-modified
Tue, 07 Nov 2023 16:30:50 GMT
server
cloudflare
etag
"7945d07df3435f63ce8460a8b578023c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84cd8a3acdb24c32-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 30 Jan 2024 01:00:44 GMT
file.mp4
r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 8E43 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13BDF4934087DEBC2C9A2292EB8FF4EE691260E3.82A5449321D20AC475122010655E66FE38C9009C/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4fl6nsd/ms/onc/mt/1706489288/mv/u/mvi/1/pl/48/file/file.mp4
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:b::6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 29 Jan 2024 01:00:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-8221377/8221378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8221378
last-modified
Tue, 17 Oct 2023 17:08:40 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
client-protocol
quic
file.mp4
r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 2CA5 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-q4fl6nsd.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B7C7C83AFA485A23FE5B5D1A62D5497906CC9B8.78F557D974AB883011D3C008D310AD02689E029D/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::8/mm/42/mn/sn-q4fl6nsd/ms/onc/mt/1706489288/mv/u/mvi/1/pl/48/file/file.mp4
Requested by
Host: 0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
URL: https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:b::6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 29 Jan 2024 01:00:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-8221377/8221378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8221378
last-modified
Tue, 17 Oct 2023 17:08:40 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
client-protocol
quic
hbp_master_270443_10247.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 5311 		486 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/474025/hb_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
aea29bc32772a1fc80f3081649b02f1ff5a73411f53d34f08d34c204272ea9a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 01:00:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
last-modified
Wed, 24 Jan 2024 10:44:34 GMT
server
nginx
etag
W/"65b0ea12-79846"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_270443_10247.js
player.spotim.market/prebidlink/efmgc/ Frame 5311 		272 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/efmgc/hbw_master_270443_10247.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/474025/wrapper_hb_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
4ff2dd7a2c7f17f495e10bb28e333f11ea4eea46b113b1a75d2f315d248b5c45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 01:00:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 09:44:38 GMT
server
nginx
etag
W/"65b62206-43fe7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/ Frame 5311 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 11:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
48854
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138344
x-xss-protection
0
server
cafe
etag
11931332024773231753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 27 Jan 2025 11:26:30 GMT
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 299F 		689 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2031:d800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b394759b977e45cf537c473e4ecb71c21e5d1567e4284daf9eba1e65b8e2ad7f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:56:42 GMT
x-amz-version-id
cfZDAivUzygOFS2wvH6amOy9KOIE0btr
content-encoding
br
via
1.1 3752ccf5503decd10d1a32bdcf2a0cb4.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C2
age
243
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 29 Jan 2024 00:34:59 GMT
server
AmazonS3
etag
W/"7e30e2b22a9260e7faa95231fdb67795"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
5j5M5z8zjU-KRmmsZxgMiePS8xzx7Fs71HxU6TggT0JMovOUpgC3xw==
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dozone%26user...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D509c862a-d03a-43aa-a731-974d8d72abf6%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=569908430852131164&pt=509c862a-d03a-43aa-a731-974d8d72abf6%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=ozone&user_id=
  • https://elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=&gdpr_consent=&us_privacy=&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
0
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=&gdpr_consent=&us_privacy=&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a3d79bf9ae3-MIA
content-length
0
expires
0

Redirect headers

Location
//elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=&gdpr_consent=&us_privacy=&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Date
Mon, 29 Jan 2024 01:00:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 9997 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76182
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
aggregate
bis6.vidazoo.com/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis6.vidazoo.com/aggregate?_=1706490044736
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/sbt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.246.93.86 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.246.93.86.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:44 GMT
content-type
text/plain
access-control-allow-headers
*
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
visit.js
tps.doubleverify.com/ Frame B697 		718 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=674&ttfrms=29&brid=3&brver=120.0.6099.224&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau%3FJA%40DE%5D4%40%3ETaua_aaTau_eTauacTauE96%5CEC%3A%3D%3D%3A%40%3FD%5C%3A%3F%5C4%40G%3A5%5CC6%3D%3A67%5C%3E%40%3F6J%5C%3D65%5CE%40%5C3%3A%3D%3D%3A%40%3FD%5C%3A%3F%5C7C2F5TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3FJA%40DE%5D4%40%3ETar9EEADTbpTauTau%3FJA%40DE%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTau%3FJA%40DE%5D4%40%3ETaua_aaTau_eTauacTauE96%5CEC%3A%3D%3D%3A%40%3FD%5C%3A%3F%5C4%40G%3A5%5CC6%3D%3A67%5C%3E%40%3F6J%5C%3D65%5CE%40%5C3%3A%3D%3D%3A%40%3FD%5C%3A%3F%5C7C2F5Tau&srcurlD=0&aUrlD=0&ssl=https:&uid=1706490044784497&jsCallback=dvCallback_1706490044784131&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5308&tgjsver=5308&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&fwc=4&fcl=3409&flt=0&fec=1794&fcifrms=38&brh=3&dvp_epl=482&noc=4&nav_pltfrm=Win32&ctx=21052880&cmp=DV457140&btreg=555342950955804760735&btadsrv=555342950955804760735&adsrv=104&unit=1x1&turl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&seltag=1&sadv=35321015&ord=2783510112&litm=5553429509&scrt=55804760735&splc=/5850/post.desktop/rec_atf/opinion/stories&adu=94924415&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=594145073.6903199&ee_dp_sukv=594145073.6903199&dvp_tukv=586944654765.7926&ee_dp_tukv=586944654765.7926&dvp_tuid=1519460195639&jurtd=303761006
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
73e71a74544516aea4c17afb195ddc4465ffb90ebd7b90663c004a94dee65c06

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:45 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
01/28/2024 01:00:45
1266.json
id5-sync.com/g/v2/ 		658 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1266.json
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
33cb30238aeb21d1861a6329cd4c516d3f0174933a76060a967e4bb45e6e3909
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 88CD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
54434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 09:53:30 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame E709 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
54434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 09:53:30 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 85C5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
54434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 09:53:30 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6523 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28587692&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
294345f6cbf8422f60da3169d8a3dea603bbd2998adc9be79412e0099262798b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 29 Jan 2024 01:00:44 GMT
content-length
1638
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame B3CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzg9s0KR2H4p-md7RmJ_3lLSJ6eeDtZrccHbfV7L71VyuAnVkclwWT4b4jEZWPIjEyWV3EKNqzYesdtHoZf5S6rQKJZe28c0Nmx4fGmUg3D7hQEDCtv8Kwlgh7GVYHWm6TxukSwGd0nESCdGCF4ebpOwW7NjG-GFfpd7niohWSWCRkDq6IOmrV1t7T53zEGG_AHSf44HoZxW3PXbMB6RGfctzT9LQM7344wgVLq3TGzX1IVt833JCOIEXW--_OKAFirktBWBbvQzdvEGCTgVBcMG46eRBDLWjWSPCBBkLK_wYTtCzQG2qNBPWAr5nZTiLmIrE9L1-FEjSwRLeC3FtewzOI0LQ1yGLEU4Yq0_C18kvq1EZptpA5vEAfUzDU90BgncLsIUPImdg&sai=AMfl-YTr62yUDSTk2lEdlynifocSvGZqt7-bqrpj08aFp7rMANfbsE9SKzxcGfnf7WBC7jDKgt1TsXEfSxPd66kZmHZ-Y_8gQbEvHYGS-wYZYYkMY2dW1QfY_22woCmGlMKGAsSpqy3R9WqMeEp3MTYLJSs&sig=Cg0ArKJSzBrcURAX45aSEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 29 Jan 2024 01:00:45 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0
  • https://cks.connatix.com/cks?pid=17&ev=fcbe1cca89d74a54a114006b7671810e&pname=Index&api-tier=2&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
139 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=fcbe1cca89d74a54a114006b7671810e&pname=Index&api-tier=2&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d29bce7de2fe22f08b13f543ff39a93867e8db99449cd1b707e4689d0d9e33c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3edabf2884-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFinCLXfZl361DVsx9C8MwmchbfaLcTo52UFvsiurXUAp7Nf6YsPrpXOZNvqT5yPq4SfeYZZBv7wERvMbYgIU5pSE9FQuEdGoiMLXld2T%2FpMCTKhUhvFyUputeVif%2F1ElLRetkfd"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cks.connatix.com/cks?pid=17&ev=fcbe1cca89d74a54a114006b7671810e&pname=Index&api-tier=2&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
cache-control
no-cache
cf-ray
84cd8a3ca80c8da8-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=fcbe1cca89d74a54a114006b7671810e&pname=Beeswax&api-tier=2&uid=AAGDg07LbfEAABOt5hXgMg&gdpr=0
132 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=fcbe1cca89d74a54a114006b7671810e&pname=Beeswax&api-tier=2&uid=AAGDg07LbfEAABOt5hXgMg&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7410d01c3d2355b32859c34ce916210715914cebdbd1cfc5feaf46200a4ee4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a427efa7430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=fcbe1cca89d74a54a114006b7671810e&pname=Beeswax&api-tier=2&uid=AAGDg07LbfEAABOt5hXgMg&gdpr=0
Date
Mon, 29 Jan 2024 01:00:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=41e24d93-d54c-44df-8e10-335978a5e3ce&ttl=1709082044
146 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=41e24d93-d54c-44df-8e10-335978a5e3ce&ttl=1709082044
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bde213d3f6228f976665ab405d3459d23d5aa999dee75967c5455995e066199a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3edac32884-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=19&uid=41e24d93-d54c-44df-8e10-335978a5e3ce&ttl=1709082044
date
Mon, 29 Jan 2024 01:00:44 GMT
server
Kestrel
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=fcbe1cca89d74a54a114006b7671810e&pname=Amobee&api-tier=2&uid=7275493187359501348
129 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=fcbe1cca89d74a54a114006b7671810e&pname=Amobee&api-tier=2&uid=7275493187359501348
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ed2a5e9d5f5efed7f8193be68c01be4abf31c695683abb3c363cb2057ce2689

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3edab92884-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=fcbe1cca89d74a54a114006b7671810e&pname=Amobee&api-tier=2&uid=7275493187359501348
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=25&ev=fcbe1cca89d74a54a114006b7671810e&pname=TripleLift&api-tier=2&uid=264943876892460233441
131 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=fcbe1cca89d74a54a114006b7671810e&pname=TripleLift&api-tier=2&uid=264943876892460233441
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ca16dbfd4a65af5bd1575622e56fbe092d93be6ec646033c05521be2e7843e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3edabb2884-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=25&ev=fcbe1cca89d74a54a114006b7671810e&pname=TripleLift&api-tier=2&uid=264943876892460233441
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0
  • https://cks.connatix.com/cks?pid=6&ev=fcbe1cca89d74a54a114006b7671810e&pname=AppNexus&api-tier=2&uid=569908430852131164=&gdpr=0
128 B
201 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=fcbe1cca89d74a54a114006b7671810e&pname=AppNexus&api-tier=2&uid=569908430852131164=&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08703c56353936e7ce2d36052e5b9c2d1517710872ab627ddabee1c46dfb74d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3edab62884-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
an-x-request-uuid
4ac56ad6-f33d-4cb9-8861-123d37d1c83d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cks.connatix.com/cks?pid=6&ev=fcbe1cca89d74a54a114006b7671810e&pname=AppNexus&api-tier=2&uid=569908430852131164=&gdpr=0
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
capi.connatix.com/us/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpid%3D44%26puid%3D%5BRX_UUID%5D&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&rndcb=5585501237
  • https://sync.1rx.io/usersync/rubicon/LRY83WXS-13-DGE9
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpid%3D44%26puid%3DRX-4949403a-4567-4413-86a8-64a4c6123d...
  • https://capi.connatix.com/us/pixel?pid=44&puid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?pid=44&puid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a484dd967b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?pid=44&puid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
date
Mon, 29 Jan 2024 01:00:46 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
pixel
capi.connatix.com/us/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null&url=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpid%3D40%26puid%3D%5Bsas_uid%5D%26nwid%3D3630
  • https://capi.connatix.com/us/pixel?puid=2405212159101885593&pId=40&gdpr=0&gdpr_consent=
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=2405212159101885593&pId=40&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a3ebd5067b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=2405212159101885593&pId=40&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:44 GMT
content-length
0
/
hde.tynt.com/deb/ Frame 30DE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerN...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_3...
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
5f41958eb4fd0cf7be185d086ffc1b35ea72edb39ec83a2299426691ec3bf805

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1700
content-type
text/html
date
Mon, 29 Jan 2024 01:00:45 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 29 Jan 2024 01:00:44 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 788D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48091
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:44 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%...
  • https://cks.connatix.com/cks?pid=13&ev=fcbe1cca89d74a54a114006b7671810e&pname=PulsePoint&api-tier=2&uid=H8rkIRuldlvq
122 B
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=fcbe1cca89d74a54a114006b7671810e&pname=PulsePoint&api-tier=2&uid=H8rkIRuldlvq
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bc959455d9fc50a72ee7d5cd5cfad7fb1d1a3c58cca222ba7667ebb0108eaab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3edabc2884-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cks.connatix.com/cks?pid=13&ev=fcbe1cca89d74a54a114006b7671810e&pname=PulsePoint&api-tier=2&uid=H8rkIRuldlvq
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=fcbe1cca89d74a54a114006b7671810e&pname=Crimtan&api-tier=2&uid=a591ea3200184fecb5ef4715ed7a1859
142 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=28&ev=fcbe1cca89d74a54a114006b7671810e&pname=Crimtan&api-tier=2&uid=a591ea3200184fecb5ef4715ed7a1859
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcae7b218e3de5ac19cf69afee3a6020bc6a44a492ee67b945e71a6c9360b28b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a42af477430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cks.connatix.com/cks?pid=28&ev=fcbe1cca89d74a54a114006b7671810e&pname=Crimtan&api-tier=2&uid=a591ea3200184fecb5ef4715ed7a1859
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=fcbe1cca89d74a54a114006b7671810e&pname=LoopMe&api-tier=2&uid=5a8e7a58-5360-4042-bd21-3b1e486462a2&pubid=11186&gdpr=0
146 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=18&ev=fcbe1cca89d74a54a114006b7671810e&pname=LoopMe&api-tier=2&uid=5a8e7a58-5360-4042-bd21-3b1e486462a2&pubid=11186&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892241609ce6fd74a529030bc20901f41171ac1bf1b022db457d0afbed28e62d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a40de482884-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=fcbe1cca89d74a54a114006b7671810e&pname=LoopMe&api-tier=2&uid=5a8e7a58-5360-4042-bd21-3b1e486462a2&pubid=11186&gdpr=0
date
Mon, 29 Jan 2024 01:00:44 GMT
server
_
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Dfcbe1cc...
  • https://cks.connatix.com/cks?pid=9&ev=fcbe1cca89d74a54a114006b7671810e&pname=Centro&api-tier=2&uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0
159 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=fcbe1cca89d74a54a114006b7671810e&pname=Centro&api-tier=2&uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d195bf17bcbcf6c9bf05af14c3dad6ab165a9d8de359ffab1454b2f5607c1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a466fdc7430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 29 Jan 2024 01:00:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://cks.connatix.com/cks?pid=9&ev=fcbe1cca89d74a54a114006b7671810e&pname=Centro&api-tier=2&uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=fcbe1cca89d74a54a114006b7671810e&pname=YieldMo&api-tier=2&uid=VEUOBrrWWOrhYC5oqQHd&gdpr=0
130 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=fcbe1cca89d74a54a114006b7671810e&pname=YieldMo&api-tier=2&uid=VEUOBrrWWOrhYC5oqQHd&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fe2c4f033452d3e5f0f0e336b5825510b00d9c1663211efe7cf49eea9c0e1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a42af4b7430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cks.connatix.com/cks?pid=39&ev=fcbe1cca89d74a54a114006b7671810e&pname=YieldMo&api-tier=2&uid=VEUOBrrWWOrhYC5oqQHd&gdpr=0
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=fcbe1cca89d74a54a114006b7671810e&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DTel...
  • https://cks.connatix.com/cks?pid=5&ev=fcbe1cca89d74a54a114006b7671810e&pname=Telaria&api-tier=2&uid=2d3f182001b74b158a894fe53259fbfd
141 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=fcbe1cca89d74a54a114006b7671810e&pname=Telaria&api-tier=2&uid=2d3f182001b74b158a894fe53259fbfd
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ce2af75fbd880330008a53a85304a0cd0a89bba3ce28efa6af3e6f3dd70c23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a429f3f7430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=fcbe1cca89d74a54a114006b7671810e&pname=Telaria&api-tier=2&uid=2d3f182001b74b158a894fe53259fbfd
date
Mon, 29 Jan 2024 01:00:45 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=4c318e13d98a247655254ea5ac3ea1c&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=4c318e13d98a247655254ea5ac3ea1c&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a428bfb67b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:45 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=4c318e13d98a247655254ea5ac3ea1c&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1706490045008077-1198
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0290 		114 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfcbe1cca89d74a54a114006b7671810e%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.235.119.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-119-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
81c1b0d999627f24cc9836f5c4477d232751f66c29dfd4706d98ab29f93798b8

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
114
content-type
text/plain
date
Mon, 29 Jan 2024 01:00:53 GMT
server
istio-envoy
sync.min.js
tags.crwdcntrl.net/lt/c/17331/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:45:45 GMT
content-encoding
gzip
via
1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 10:55:10 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
54901
etag
W/"24dc2bbea0cff17e96e133440043ddb8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
MT-jpQZCHbxFuHQKXD_-46_BYfsnv-YIsk5uVTluw6yDf3krq7Fy-w==
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr...
  • https://cks.connatix.com/cks?pid=1&ev=fcbe1cca89d74a54a114006b7671810e&pname=SundaySky&api-tier=2&uid=d6.e76e07904f87467aa0560fd6be8edb8f
144 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=fcbe1cca89d74a54a114006b7671810e&pname=SundaySky&api-tier=2&uid=d6.e76e07904f87467aa0560fd6be8edb8f
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cd61830404c48730b5e7b2f9f33a73a977cbe64341f08a7c719be1e8be3ba4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a44ec527430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=1&ev=fcbe1cca89d74a54a114006b7671810e&pname=SundaySky&api-tier=2&uid=d6.e76e07904f87467aa0560fd6be8edb8f
date
Mon, 29 Jan 2024 01:00:45 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3Dfcbe1cca89d74...
  • https://cks.connatix.com/cks?pid=29&ev=fcbe1cca89d74a54a114006b7671810e&pname=Adelphic&api-tier=2&uid=2686f86f-e79d-485e-ba10-74b2c691a418
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=29&ev=fcbe1cca89d74a54a114006b7671810e&pname=Adelphic&api-tier=2&uid=2686f86f-e79d-485e-ba10-74b2c691a418
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38a7a226e465691813ad8c28b53a079d4ae9ed31385ddf6ac271fb61a205c9ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a42efea7430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://cks.connatix.com/cks?pid=29&ev=fcbe1cca89d74a54a114006b7671810e&pname=Adelphic&api-tier=2&uid=2686f86f-e79d-485e-ba10-74b2c691a418
Date
Mon, 29 Jan 2024 01:00:45 GMT
Connection
keep-alive
X-CI-RTID
5dce102b-3d4d-4927-b6f9-a20273e8a19a
Content-Length
177
Content-Type
text/html; charset=utf-8
cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=fcbe1cca89d74a54a114006b7671810e&pname=Sonobi&api-tier=2&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
146 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=43&ev=fcbe1cca89d74a54a114006b7671810e&pname=Sonobi&api-tier=2&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61cf204d43d05399165723881b38c9790838146e6e86ecc298e2d270952c88c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a43589b7430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-110
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cks.connatix.com/cks?pid=43&ev=fcbe1cca89d74a54a114006b7671810e&pname=Sonobi&api-tier=2&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3dfcbe1cca89d74a54a114006b7671810e%26pname%3...
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0&gdpr_consent=null
146 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0&gdpr_consent=null
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1516686e643fb986a8d54f3524a124ae95ad5abda49254d670eb0ed6d01ec7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3edabe2884-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0&gdpr_consent=null
date
Mon, 29 Jan 2024 01:00:44 GMT
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=fcbe1cca89d74a54a114006b7671810e&pname=ResetDigital&api-tier=2&uid=0000012B8D2A74F7
126 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=fcbe1cca89d74a54a114006b7671810e&pname=ResetDigital&api-tier=2&uid=0000012B8D2A74F7
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3eae49ad0522c97e9afbe216ee51e5fbca40ac93a32e20ac60d352fa52750c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a43a9927430-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=35&ev=fcbe1cca89d74a54a114006b7671810e&pname=ResetDigital&api-tier=2&uid=0000012B8D2A74F7
date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
psync
xsync.iqzone.com/ 		0
0
us
capi.connatix.com/core/ Frame A815
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3dfcbe1cca...
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=b3ef523e-aa85-4e51-b342-ae17a1aabb70
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=8&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=b3ef523e-aa85-4e51-b342-ae17a1aabb70
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a3cfa3367b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://capi.connatix.com/core/us?DemandPartner=8&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=b3ef523e-aa85-4e51-b342-ae17a1aabb70
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us
capi.connatix.com/core/ Frame A815
Redirect Chain
  • https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3DMediaNet%26tier...
  • https://capi.connatix.com/core/us?DemandPartner=31&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3494916401524150000V10
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=31&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3494916401524150000V10
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a40285667b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://capi.connatix.com/core/us?DemandPartner=31&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3494916401524150000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:45 GMT
712202.gif
id.rlcdn.com/ Frame A815 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712202.gif?cparams=fcbe1cca89d74a54a114006b7671810e&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
report
capi.connatix.com/us/google/ Frame A815
Redirect Chain
  • https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=ZmNiZTFjY2E4OWQ3NGE1NGExMTQwMDZiNzY3MTgxMGU&extra1=fcbe1cca89d74a54a114006b7671810e&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
  • https://capi.connatix.com/us/google/report?extra1=fcbe1cca89d74a54a114006b7671810e&gdpr=0
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/google/report?extra1=fcbe1cca89d74a54a114006b7671810e&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a3d7b4d67b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://capi.connatix.com/us/google/report?extra1=fcbe1cca89d74a54a114006b7671810e&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
capi.connatix.com/us/ Frame A815
Redirect Chain
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=fcbe1cca89d74a54a114006b7671810e&redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpid%3D34%26puid%3D%5BUID%5D&gdpr=0
  • https://capi.connatix.com/us/pixel?pid=34&puid=4059c788-c609-458d-bd4a-2742a3475cda
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?pid=34&puid=4059c788-c609-458d-bd4a-2742a3475cda
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a425ba867b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:45 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://capi.connatix.com/us/pixel?pid=34&puid=4059c788-c609-458d-bd4a-2742a3475cda
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
log
hblg.media.net/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=sre_events&itype=RTD&abte=CONTROL&adt=desktop&cid=8CU3I8M1G&ct=MIAMI&cc=US&ugd=4&pht=8146&pid=&dn=nypost.com&servname=ssp-serving-yin-6854c7f786-pgt8r&svr=2410_343&sc=FL&version=4&vh=1200&vw=1600&vsid=&vid=00001706490037818006462152416927&requrl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kwrf=&winner=Prebid&isEmpty=false&size=1x1&dfpAdPath=%2F5850%2Fpost.desktop%2Fbillb_atf%2Fopinion%2Fstories&dfpDiv=div-gpt-ad-billb_atf&slotType=Prebid&supcrid=div-gpt-ad-billb_atf&adid=60684a11fda5845&acid=ed16bba1-dbb8-4d69-bef6-876791b55ddc&pvnm=trustx&dfpbd=0.34&ogbdp=0.3429&curr=USD&bidId=55bc805eb6e5437&mnrf=0&mnrfc=0&bdp=0.3429&icurr=USD&dfpcmpId=3186671007
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 29 Jan 2024 01:00:45 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C9CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsscL9s8fJqckHkyean1jZCIVpkAmXwjCLPtze-A86CKbNiLutQkvbIu8BLGe1Z7qFa7mwLMgOFjaca8lzVZjCj44mrMDstb8xVGmqzJELJ-iTDuHZ_9KgBX1OMJOydLF0KWi2Vx6iEcc_VM8l2lVnIsMo-c0KWdSjBl4J-4NUb4u13gTSlspEY1tKeCpa5rZSjA7k_gO2lQQWMLIsL_GyDO51wADBycsuUoScr4s1Bpjf2OP76t00T3S0g9BF7oIyxfGB2coaPwXE9kD9g0anRiYKy2JyKZ-3r13IB1jmTPE2qxfJKwEVLRx_Mnn2xLhGZiDaqHIX4EQDjJesUIMMoVWJwfbntOeJkx-nZw1Z9d-Dv1ijGq-GHu3a5qHhN3ODD6zF4U-tAxE8FlXM3lgXETWwpxOgRQ9L9WfrTODmRg_lUF75gEj9FahVpOqzYpilW4hlr1YirTC4BTiCQNfqvIcqdWzxL2wbi51DIboTfVSpLB7huQ0KjiAZm-YGJkIkXr6jY4CnbupRIhwSQ-YONjZBnzC19nsbi7QsUsqS74Ia1ruro3eKGhenmeb0Vkdk5Ynhf9ziKQLED8Caqx7xYfesio09JgMCat-j6DyXPKhBLADJc6RG9zNw40HS5VFEovOUoakBsMqgqnFiYHgWdgqsIXXNPv6R59VadocE-A44sgqZ8v9BgKZujis6J38vgvuqduq5f50tYPZ3Rcp-Foqg2yXEvzvrIV0-0933dtEiKxX-n9xRsnfEsKZYWnLndJyG7VSUyCWmQrGzz6DTiHdxa2TtnbdvnduGedpemrKdv026RJnFTSzxPvS0WQxuBzDKkfbUWybeEgOJuFmm_bI6YGdvFkckQHgGgl-borzUulc3rKSEOkWCiMzEE--NLv77auQLT98VzdfpNKPJUPzdbBlNV5Yi2qiYKEwbfhqesEfpzEMlxS69yn7TloXJCVf1THU8ar69D8NEPk7bPqOPLX5NF7zenWxQBDZB8q1_ai3XFeVUcwuqT1udwHvBMe-Jwi7IHZsQUdCM0dmXJnGpAJ7iMc6Q6ocOEWWHX1AWtGBrC7PBrhNO5XUndjGkUOU9aHI3D5jlD_eaIVaSum9Ep8gJQQSQV4iHIJujQfQ9ov3kRmdhD2cRsJJE-zZFndy6hzKYBRB_nI8l_n7mNZ3V_zs14SqZdVG41dytIAsz90dArOv-R_yx-WL4S3KgJTaDsA7C-lfK3elpiJrPBX9gqBiAxcyxaxqRQUB1lFmkqH_CSCAg2aAl6eCfySAyyVfPr9Q6xZpncq0e49xQREXCfNit9I8B4PalRL-gVSk3sbwhp3fuvqn1uOciTS_6Ya-Zg-dStFUwAx34FNa8JBLCxN9LbPH99ICJqbt0SQnSFHClOHpb6_C4S5gTe8CFd5zwY&sai=AMfl-YRPBRuK5X0rXev1okcNiA9QQMNOooEKfBn8jF_rlsiRohVWPbx-Uqej6c_FCm7fKFYrYq7cIN4YQvHGlxzT9cUr-OY0tiAQsS5KJiukpmRd84BHfvqdXN3gXCkRfuT1WmjjG7IhJiQFS8uM_CwIVHuTXgx8fD0EIpQm2E4PpADYiYfYPvU9g1V0kL616rxBPl4-4qrtjz9rfEa3HEuKKZeEKc7ycQGmab_8yBvW36GWUcY0-Z47MSjQpOM&sig=Cg0ArKJSzFThKB-GDfFZEAE&uach_m=%5BUACH%5D&pr=8:3D972AA0A77975B3&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1533&vt=11&dtpt=914&dett=3&cstd=600&cisv=r20240122.57581&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame CBBF 		0
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:44 GMT
an-x-request-uuid
110d8c14-108a-4b52-9c3b-e29c9ebe6a52
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame F09B 		469 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e88c160059fc55e84a997db69473cf4f136bd809e880a6b4a5a9fe5bebeba51f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:44 GMT
date
Mon, 29 Jan 2024 01:00:44 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPo8Dvr2DoByaA27hKG4tI6oYFlL7ne0mFZQ3Mbsw83kjG1pMqoZ0lYwRcYI6nOWPNV4634
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
137771
last-modified
Sun, 28 Jan 2024 08:10:28 GMT
server
UploadServer
etag
"1a235f5864ccde8171eff866eeaa1eac"
vary
Accept-Encoding
x-goog-generation
1706429427958642
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=QiLEhA==, md5=GiNfWGTM3oFx7/hm7qoerA==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
137771
accept-ranges
bytes
quic-version
0x00000001
SPug
simage4.pubmatic.com/AdServer/ Frame 6523 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame DB75 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86776167&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
81b4e9df43839ca77c0239b588e91bb195b695b6157e927ae5404bff0686fea1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 29 Jan 2024 01:00:45 GMT
content-length
1919
content-type
text/html; charset=UTF-8
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 29 Jan 2024 01:00:45 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 5AFC 		11 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
intent-iq.js
static.vidazoo.com/basev/1.0.853/prebid/ Frame D367 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.853/prebid/intent-iq.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/sbt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1fb7d3711bb1df62e5e7378a6900ad98e4d5a29ebe9591bfc0c0935d60998d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
EWYNXYN9N5SBJBE0
age
52257
x-amz-server-side-encryption
AES256
content-length
12742
x-amz-id-2
1gFMdp/4LwTWCyqXEHvBZu5S5x3+5CVKlUmICn32cbDLE2sNzockgBRZHuVfHXc00bknY5rtJZxpEmpbsqj9ng==
last-modified
Tue, 07 Nov 2023 16:30:49 GMT
server
cloudflare
etag
"1a3acc720cbe166537f14739f1179b5a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84cd8a402beb4c32-MIA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 30 Jan 2024 01:00:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 51F9 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b1dab31c1e2adf708296f1bcee7b57fa1b07313defbcfd319d4b2e88e942a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5838
x-xss-protection
0
sync
ads.servenobid.com/ Frame 7F74
Redirect Chain
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25...
  • https://ads.servenobid.com/sync?pid=312&uid=569908430852131164&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253...
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.26%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6220006383
  • https://sync.1rx.io/usersync3/centro/2069.26/7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553?zcc=0&sspret=1&rndcb=6220006383
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005
  • https://ads.servenobid.com/sync?pid=321&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
0
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.101.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-101-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 29 Jan 2024 01:00:46 GMT

Redirect headers

content-type
text/html
date
Mon, 29 Jan 2024 01:00:46 GMT
etag
RX4949403a4567441386a864a4c6123dda005
location
https://ads.servenobid.com/sync?pid=321&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
PugMaster
image6.pubmatic.com/AdServer/ Frame BB16 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20874723&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f690b8302d1e1a726771950b8e27b96c80f7567fb076cb3baaa6613f0a3f522b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 5311 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
909cf997e8bcbf07d45930d4cb858b9326d645f3a862f9a653d59c09b9c2e5f3

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

expires
Tue, 30 Jan 2024 01:00:46 GMT
date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 12:01:14 GMT
server
nginx
etag
W/"65b6420a-84e"
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=86400
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5311 		283 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/efmgc/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:10:56 GMT
content-encoding
gzip
via
1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront), 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, PHL51-P1
age
2991
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
xXTYDm5WKshwwjJ8pHVAauoueD0bZlRezHlDT-EJ11miT-y1_j53RA==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 5311 		688 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/efmgc/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2031:d800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed3cf4836e8ea5a73cca57f69bcfd8f5047e579128d44c81c9a124d1c6783e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:56:42 GMT
x-amz-version-id
xAr6r3W_KdkPwfemqeW4IWJsdc1sg4Z8
content-encoding
br
via
1.1 3752ccf5503decd10d1a32bdcf2a0cb4.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C2
age
245
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 29 Jan 2024 00:34:53 GMT
server
AmazonS3
etag
W/"e9209da4d9a7c7bf9c73ade0677edca0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
zX3lz9S11LFssMqbPOFCtOBQhLh1S6btWULcx3d8EH_EFzeHXn9q8w==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 51F9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 01:00:46 GMT
khaos.json
token.rubiconproject.com/ Frame 9997 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C343
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=569908430852131164&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=569908430852131164&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
bd52d7e6-38fd-4017-bb98-b409c7e4dc78
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=569908430852131164&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 01AC
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4d740f0-be41-11ee-8602-6e51ba46ead9
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4d740f0-be41-11ee-8602-6e51ba46ead9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 29 Jan 2024 01:00:46 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4d740f0-be41-11ee-8602-6e51ba46ead9
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame 1A25
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHRGcwN0xiZkVBQUJPdDVoWGdNZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAGDg07LbfEAABOt5hXgMg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGDg07LbfEAABOt5hXgMg&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGDg07LbfEAABOt5hXgMg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2405212159101885593&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAGDg07LbfEAABOt5hXgMg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D2405212159101885593%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=2405212159101885593&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGDg07LbfEAABOt5hXgMg&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGDg07LbfEAABOt5hXgMg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGDg07LbfEAABOt5hXgMg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 862F 		85 B
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 29 Jan 2024 01:00:46 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760035-MIA
x-timer
S1706490046.226383,VS0,VE28
ecm3
s.amazon-adsystem.com/ Frame 63CE 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
41J7PRVJP4FX5P82WWZ3
insync
thrtle.com/ Frame 6523
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7b427723-98ae-4b38-8a85-f1ddcf753b70
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7b427723-98ae-4b38-8a85-f1ddcf753b70
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
34.235.77.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-77-155.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 29 Jan 2024 01:00:46 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7b427723-98ae-4b38-8a85-f1ddcf753b70
date
Mon, 29 Jan 2024 01:00:46 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 6523 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 6523 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.86.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-86-148.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 6523 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.48.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-48-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6523
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2686f86f-e79d-485e-ba10-74b2c691a418&gdpr=0&gdpr_consent=
1 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2686f86f-e79d-485e-ba10-74b2c691a418&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2686f86f-e79d-485e-ba10-74b2c691a418&gdpr=0&gdpr_consent=
Date
Mon, 29 Jan 2024 01:00:46 GMT
Connection
keep-alive
X-CI-RTID
370ce6cf-7696-4514-addc-9b9b19e8fbc5
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 6523
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=67c963a005b8141a&is_secure=true&networkId=17100&version=1&nuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHJEC4Nl3DCwN_lO4vAAAAAAA&expiration=1706576446&nuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&...
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHJEC4Nl3DCwN_lO4vAAAAAAA&expiration=1706576446&nuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHJEC4Nl3DCwN_lO4vAAAAAAA&expiration=1706576446&nuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B3CA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1dCub3aIue4DJC6cvy9AQRbbO0v4oZr-AvWjdpJrA05a8Xe1I0xJQCfLKOhUDPo84tm2UVBMar9gTGxHLeXTwmWHaxTjglHoXqJwJLIdT0mDJQI0RAnJ451laV4JELBgzEI3ujodaFMOLzfHhqdmCIqvB&sig=Cg0ArKJSzOD50JhKrgjgEAE&id=lidar2&mcvt=1286&p=240,315,490,1285&mtos=1286,1286,1286,1286,1286&tos=1286,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=399015852&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170649004200&rst=1706490040717&rpt=4137&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/b-250cc79-36c7d7db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sghb.spotim.market/geo/ Frame 5311 		157 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/efmgc/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
ca1e1705cd424e7f3d201f3b07cf643348996d602999ae3dc7afa01c0ad9da11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:46 GMT
Server
Spotim
Content-Type
application/json
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
157
tracking
sghb.spotim.market/adunit/ Frame 5311 		43 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=10247&pbjsv=v7.54.8&full_page_url=https%3A%2F%2Fnypost.com&adid=y842la.w0&features=81952&vpbv=m221&tte=2276&lifecycle_tte=2390
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/efmgc/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:46 GMT
Server
Spotim
Content-Type
image/gif
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.safeservingcdn.com/prebidlink/19751/ Frame 9249 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/19751/j.html?i=11598
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
etag
W/"620bee41-43d"
expires
Wed, 31 Jan 2024 01:00:46 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame 9CF2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:46 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
/
ssc-cms.33across.com/ps/ Frame 30DE 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?_=1706490045547.&ri=0015a00002y7TWTAA2&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:45 GMT
server
33XP015
/
ssc-cms.33across.com/ps/ Frame 30DE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=the33across&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=509c862a-d03a-43aa-a731-974d8d72abf6&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=32327484771080788001847257897123682831&pt=509c862a-d03a-43aa-a731-974d8d72abf6%2Chttps%253A%252F%252Fx.bidswitch.net%252Fs...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=the33across&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=82ce5fbb-faf3-47ec-acb9-51ab4b739685
0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:47 GMT
server
33XP014

Redirect headers

Location
//ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Date
Mon, 29 Jan 2024 01:00:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
ssc-cms.33across.com/ps/ Frame 30DE 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706490045547.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:45 GMT
server
33XP013
match
events-ssc.33across.com/ Frame 30DE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iXRo4LBE2uFLS2IDg9nFJVVgM5xcyDEe~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iXRo4LBE2uFLS2IDg9nFJVVgM5xcyDEe%7EA&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iXRo4LBE2uFLS2IDg9nFJVVgM5xcyDEe%7EA&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iXRo4LBE2uFLS2IDg9nFJVVgM5xcyDEe%7EA&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 30DE
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=302deb8eb2a714dd&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAFvn6aWhGz-gMLIjM9AAAAAAA&expiration=1706576446&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFvn6aWhGz-gMLIjM9AAAAAAA&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFvn6aWhGz-gMLIjM9AAAAAAA&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFvn6aWhGz-gMLIjM9AAAAAAA&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 30DE
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=264943876892460233441
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=264943876892460233441&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=264943876892460233441&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=264943876892460233441&ts=1706490046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a45cdc2370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a45cdc5370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a45cdc3370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a45cdc8370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a45cdc7370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a45cdc6370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a45cdc9370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cookiesyncendpoint
sync.aniview.com/ Frame 9997
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LRY83WXS-13-DGE9
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LRY83WXS-13-DGE9
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LRY83WXS-13-DGE9
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LRY83WXS-13-DGE9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08401febecfa1b1a0c0270265f29df4
Expires
0
Pug
image2.pubmatic.com/AdServer/ Frame DEA7
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_3a32b05a45c5481c88778
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_3a32b05a45c5481c88778
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Mon, 29 Jan 2024 01:00:45 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_3a32b05a45c5481c88778
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 488D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://a.usbrowserspeed.com/cs?puid=104d7f97-8933-56e1-a67d-8076340ba107&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%2...
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
  • https://a.usbrowserspeed.com/cs?puid=AAGDg07LbfEAABOt5hXgMg&pid=beeswax&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=f8c7369e-473e-4cf5-8717-09a89cc78e6f&expires=5&user_group=0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:47 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 5EEC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:46 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 838E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:46 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-00082f09574424acc@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 6FF1
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=cfd08bcc-90eb-4708-b389-0707c71d75d8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
42 B
513 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-222-101.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:46 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 29 Jan 2024 01:00:44 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cookiesyncendpoint
sync.aniview.com/ Frame B065 		0
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=1&key=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:46 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame DB75 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.124.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-124-125.dfw57.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 99efc521448ac72d9653e4dc0952e778.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
DFW57-P9
content-length
0
x-amz-cf-id
d_ToVf8BMVO0u5Sd4PVNQ7ld5B27d_D6nDyVQVr9hoR1xTFMEYoulw==
x-cache
Error from cloudfront
396846.gif
idsync.rlcdn.com/ Frame DB75
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=2a135dff-ce5e-45de-a22a-8dd80cbab1d6
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=2a135dff-ce5e-45de-a22a-8dd80cbab1d6
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=2a135dff-ce5e-45de-a22a-8dd80cbab1d6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2/gdpr=0/ Frame DB75 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2/gdpr=0/gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.207
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame DB75 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame DB75
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7275493187359501348&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7275493187359501348&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7275493187359501348&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame DB75
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_11005FCC9_87F666AC&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-389494846; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:46 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-389494846; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame DB75
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11&gdpr=0
42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11&gdpr=0
date
Mon, 29 Jan 2024 01:00:46 GMT
content-type
text/plain
Pug
image2.pubmatic.com/AdServer/ Frame DB75
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
42 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:45 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DB75
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=pubmatic&gdpr=0&gdpr_consent=
42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&pi=pubmatic&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT, Mon, 29 Jan 2024 01:00:46 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame D367 		80 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=129618961&pt=17&dpn=1&jsver=5.35&iiqidtype=2&iiqpcid=de7b3e55-8ebb-459c-9aa1-4e4f6fa24cdb&iiqpciddate=1706490046448&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=783_1706490046448&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=nypost.com
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/intent-iq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-65.phl51.r.cloudfront.net
Software
/
Resource Hash
64c281c98425ccc703cb9f2808f3b37c943966fdb3234a70b4dfa8e8a9210cbb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 34db9bd11ebdbcc746e357ed5d665244.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
3600
vary
Origin
content-type
text/html
access-control-allow-origin
https://nypost.com
access-control-allow-methods
POST, GET
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
62NB2LI_NxLK1YACDtlz_7o17EHx8tDNtIncMxeXqGaT4i8wQLYDCQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame D367 		43 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=129618961&rnd=803148&iiqidtype=2&iiqpcid=de7b3e55-8ebb-459c-9aa1-4e4f6fa24cdb&iiqpciddate=1706490046448&tsrnd=102_1706490046449&vrref=nypost.com&jsver=5.35&abtp=100&abtg=A
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:c600:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
jOouGSLoIJyxczBADG1Y9_ATxfgDcLI94Blo0EgS73ZrgwAu_1VJiQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a467e7f370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
async
api-2-0.spot.im/v1.0.0/conversation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 29 Jan 2024 01:00:46 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-id
2WpzLpyTto5aqaMyGXQlku1qkOcFn1sW6485Gxl4Oi509jmIailuOw==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/config/NYP%20Site%20Wide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 29 Jan 2024 01:00:46 GMT
server
fasthttp
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-id
914pEDCQ452uvneLSSyp4bnsPdrA1oF7_HBubn1HrOI6UQIYGUpPyQ==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
async
api-2-0.spot.im/v1.0.0/conversation/ 		3 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-post-id
22800468
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfUFZlelZ6SG9aWEVRIiwiZGlzcGxheV9uYW1lIjoiUmVkR2xhc3NlcyIsInVzZXJfbmFtZSI6IlJlZEdsYXNzZXMiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjUmVkLUdsYXNzZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNzA2NDkwMDQyLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjQwMTI5N002TmRPLjFhMWY0NjA3NGY3MjBiNjI2NjNkYWZjNjQ4NDAyNWJlZGZmNmY1NTdmNjkyYWMxZmI2NWZlN2IzOTI0NGFlY2YiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTWFWcWRZV1ZIeXN6QzR5RG5JdWgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzM0OTEyMDQyLCJzdWIiOiJ1X1BWZXpWekhvWlhFUSJ9.ovscRX6d9pLUkBVvHqkeh6l6UZM9BhB_oV0ftXBtu_4

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
3
x-spotim-token
012401297M6NdO.1a1f46074f720b62663dafc6484025bedff6f557f692ac1fb65fe7b39244aecf
x-request-id
d5f3905a-be41-11ee-8dd3-ee5de71504d4
x-guid
71f3befa-7111-46eb-8308-02c08342e2dd
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
SBShqHnJzJkKAm9qD9tklMRyAK_LkZqJ57A28HBR1muAmyL9wIYLRQ==
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/config/ 		683 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/config/NYP%20Site%20Wide
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
e66a68b3981921066be641298688cbd8c9fe45ae59bab0fc3f6ce54b77c8f589

Request headers

x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-post-id
22800468
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfUFZlelZ6SG9aWEVRIiwiZGlzcGxheV9uYW1lIjoiUmVkR2xhc3NlcyIsInVzZXJfbmFtZSI6IlJlZEdsYXNzZXMiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjUmVkLUdsYXNzZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNzA2NDkwMDQyLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjQwMTI5N002TmRPLjFhMWY0NjA3NGY3MjBiNjI2NjNkYWZjNjQ4NDAyNWJlZGZmNmY1NTdmNjkyYWMxZmI2NWZlN2IzOTI0NGFlY2YiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTWFWcWRZV1ZIeXN6QzR5RG5JdWgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzM0OTEyMDQyLCJzdWIiOiJ1X1BWZXpWekhvWlhFUSJ9.ovscRX6d9pLUkBVvHqkeh6l6UZM9BhB_oV0ftXBtu_4

Response headers

date
Mon, 29 Jan 2024 00:26:20 GMT
content-encoding
gzip
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
2066
x-cache
Hit from cloudfront
x-request-id
062683dd-be3d-11ee-b6e2-ea351d42aa96
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
2bIr-sQ3AlNgeXVFy-O2tady-Q-1rbCWXicpy9Qmmri5cY3EDIER4g==
/
go1.aniview.com/api/adserver/tag/ 		23 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1706490046785&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.0.146.6 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9723e2c4b7945ed3992f02bb873dac577bced6fed60c937eb8d12c01101e4654

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:08 GMT
track
track1.aniview.com/ 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=reactions&cd4=b285b3f2-e93f-49c6-b87c-554187f4a939&cd5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&cd6=tier1-conv3&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.10.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&cd16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.166&apppkg=&fv=1&proto=https&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&pid=5e0e296628a061270b21ccab&cid=6052025c979e457a0861de0a&stagid=&stplid=&e=inventory&vi=0&cb=1706490046784
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
map
bcp.crwdcntrl.net/6/ 		235 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
be543384ac84f55838d6c3c20a3bbf77be206554989c7d906604e23d6797cf1e

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.40.0.123
access-control-allow-credentials
true
content-length
235
expires
0
event-stream
k.p-n.io/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=lGrO4sEYCy0zUu2DRBSBxuOWIGo8lGqPv8wE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.95.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-95-126.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:46 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a48c91a370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A815 		43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&3rddpi=1587689704&3rdpcid=AAGDg07LbfEAABOt5hXgMg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20ed:c600:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
6SImOkC5NHRm8ilrKS3w_J55KMqKaVmRdCmdKH1Z-6Vz5YKJJEOP5Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a48c91c370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a48c91e370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a48c91f370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a48c921370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame ABC7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:46 GMT
expires
Mon, 29 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
770382
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3154
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 01:00:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame 3D7A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84cd8a4b2c1bda93-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84cd8a49390cda93-MIA
content-type
text/html
date
Mon, 29 Jan 2024 01:00:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
333
Pug
image2.pubmatic.com/AdServer/ Frame 7F77
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751697415783635
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751697415783635
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 29 Jan 2024 01:00:46 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751697415783635
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 93CF
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUab9db8a93a1447b9af78df625a0ecba4
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUab9db8a93a1447b9af78df625a0ecba4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUab9db8a93a1447b9af78df625a0ecba4
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 8D72
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=882424164061
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=882424164061
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=882424164061
/
csync.loopme.me/ Frame 3F5E 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame B62C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=0&gdpr_consent=
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:47 GMT
Expires
Mon, 29 Jan 2024 01:00:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1451 1934b03 master ord ord-pixel-x1 config_version:"539"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame BECA
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dWfkx1yXDteYeVQ-vPi2ZQ
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dWfkx1yXDteYeVQ-vPi2ZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dWfkx1yXDteYeVQ-vPi2ZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
usersync
usersync.gumgum.com/ Frame B8D3 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:46 GMT
Expires
0
Pragma
no-cache
/
bpi.rtactivate.com/tag/ Frame BB16 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.144.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-144-39.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
img
sync.mathtag.com/sync/ Frame BB16
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=FGMyRixu_DgVHyivxn3d
  • https://sync.mathtag.com/sync/img?mt_exid=36&a00f9526-1dfc-4162-8f58-70eba1170baf
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=36&a00f9526-1dfc-4162-8f58-70eba1170baf
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
216.200.232.253 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1451 1934b03 master ord ord-pixel-x54 config_version:"539" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x54 config_version:"539"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 29 Jan 2024 01:00:46 GMT

Redirect headers

Location
https://sync.mathtag.com/sync/img?mt_exid=36&a00f9526-1dfc-4162-8f58-70eba1170baf
Date
Mon, 29 Jan 2024 01:00:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
qmap
sync.crwdcntrl.net/ Frame BB16 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.51.222
content-length
49
expires
0
/
io.narrative.io/ Frame BB16
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
  • https://io.narrative.io/?io.narrative.guid.v2=d6293300-be41-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=d6293300-be41-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
34.199.67.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-67-71.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=d6293300-be41-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame BB16
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6499456437357126316
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6499456437357126316
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6499456437357126316
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a48c92a370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 29 Jan 2024 01:00:46 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 29 Jan 2024 01:00:46 GMT
/
ghb.adtelligent.com/v2/auction/ Frame 5311 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
013aa65f0c71b0a730071abbcb42fd659b25cd2a13464308d81624e8ae3db667

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
882
pbjs
htlb.casalemedia.com/openrtb/ Frame 5311 		36 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494467
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ede59f2964d72bce291d986a08adade4e1c9bca657ddebe3b564eeb2342f6d1

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evHnwf5iSR1y1KzB7n%2Fl2vf%2FqD0amRUzyK8U6Y9wAAxVI%2BVzHtNlQ51xdVi%2FnxgasLuCvoin7JTA4dvjYn8e7TGTJenJfV5QJyJ4I5rC88T3eqHCh1xVf0OeubfCAyD5QR8ax9nQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84cd8a490fda74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 5311 		36 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494467
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ede59f2964d72bce291d986a08adade4e1c9bca657ddebe3b564eeb2342f6d1

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21WZtcSGBYU9oiByR5y2H1TiKoLkmf7xW70m9XwSBYHCRDoi9zgmo%2Fh0uL0oEJOtVH72%2Bt2V72ZyDnoluFiOiZUamswu9bpjJDjniXWF%2FeyrFyjmzjaKQ%2FvdBaPPcMkteOrBCmDt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84cd8a490fde74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 5311 		11 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
unruly_prebid
targeting.unrulymedia.com/ Frame 5311 		11 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
bid
ap.lijit.com/rtb/ Frame 5311 		24 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.8
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.234.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-234-237.compute-1.amazonaws.com
Software
/
Resource Hash
480c54248fc71cf51ac9ff0e53ac1561d09e2c06a33586144467c17d729fb799

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
c
prebid.a-mo.net/a/ Frame 5311 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:46 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
/
ghb1.adtelligent.com/v2/auction/ Frame 5311 		640 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e2b2495180a082636c425b324d43040ec93d4511358d003187b93f071c465867

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Jan 2024 01:00:46 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
445
prebid
ib.adnxs.com/ut/v3/ Frame 5311 		19 B
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
an-x-request-uuid
f340b89b-a406-4f4b-9d17-e233124ba502
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5311 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:47 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
prebid.media.net/rtb/ Frame 5311 		881 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
8276f192f3ab98c8360ef2aa4b9c13dabfff38e27dd6b90c8f7cdb04d2cc5413

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
72
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 01:00:46 GMT
translator
hbopenbid.pubmatic.com/ Frame 5311 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 5311 		24 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
53d30c06c258faf56a268cd716a5efdc74d5098789c93788993e661738b45970

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
hb-multi
hb.openwebmedia.org/ Frame 5311 		84 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.openwebmedia.org/hb-multi
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-8.phl51.r.cloudfront.net
Software
istio-envoy /
Resource Hash
982107dfff802accbd1450cec314c664118cc41fb5853b08989c1a4258a32f17

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
via
1.1 f9247b65ce15be5e9abf969e43362ca8.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PHL51-P1
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nypost.com
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
28
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
x-amz-cf-id
TAydOG98VytjhqGpaiq6NsbFOmb-VVjhw8WqR9L-3DORM6dU_tYozQ==
prebid
ib.adnxs.com/ut/v3/ Frame 5311 		19 B
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:46 GMT
an-x-request-uuid
d6b833c0-be56-467a-a14a-6f67a7ac33b1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ghb2.adtelligent.com/v2/auction/ Frame 5311 		121 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
08a75491cdf8fb89f75d650a06ebfb606e5971860bc67cdd2cf52c560233c01a

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
121
/
ghb.adtelligent.com/v2/auction/ Frame 5311 		2 KB
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8b46f59bb653bc3390370cef5228b6d09c8a7e7cd92361683f7dcd16ee3574ee

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
695
v1
prg.smartadserver.com/prebid/ Frame 5311 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.131 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ Frame 5311 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.131 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 5311 		180 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&PageUrl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&PageReferrer=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&CanonicalUrl=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
e8de68951f8c69c5881f1d44949a82a6a4576266077a793cdf7965f3308147b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
34
content-length
180
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
exchange.postrelease.com/ Frame 5311 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoicHViY2lkLm9yZyIsInVpZHMiOlt7ImlkIjoiY2UwZWRhNjUtMDkzMi00ZDA5LWFkZDUtZDIwNGI1YTM0MzhmIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJzcG90aW0ubWFya2V0IiwidWlkcyI6W3siaWQiOiI3MWYzYmVmYS03MTExLTQ2ZWItODMwOC0wMmMwODM0MmUyZGQiLCJhdHlwZSI6MX1dfSx7InNvdXJjZSI6ImFkc2VydmVyLm9yZyIsInVpZHMiOlt7ImlkIjoiNDFlMjRkOTMtZDU0Yy00NGRmLThlMTAtMzM1OTc4YTVlM2NlIiwiYXR5cGUiOjEsImV4dCI6eyJydGlQYXJ0bmVyIjoiVERJRCJ9fV19XQ==&us_privacy=1---&ntv_ptd=1163444&ntv_pas=eyIxMTYzNDQ0IjpbWzMzNiwyODBdLFszMjAsMjUwXSxbMzAwLDI1MF1dLCJsZW5ndGgiOjF9&ntv_pbv=v7.54.8&ntv_pb_rid=54a6c66bce9bfc5&ntv_ppc=W3siYWRVbml0Q29kZSI6ImRpdi1ncHQtYWQtMTY4OTI1NzQwMjA5OS0wIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzM2LDI4MF0sWzMyMCwyNTBdLFszMDAsMjUwXV19LCJuYXRpdmUiOnsic2VuZFRhcmdldGluZ0tleXMiOmZhbHNlLCJ0eXBlIjoiaW1hZ2UifX19XQ==&ntv_dbr=eyJkaXYtZ3B0LWFkLTE2ODkyNTc0MDIwOTktMCI6MH0=&ntv_url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.156.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-156-25.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5311 		482 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&eid_spotim.market=71f3befa-7111-46eb-8308-02c08342e2dd%5E1&tpid_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&eid_adserver.org=41e24d93-d54c-44df-8e10-335978a5e3ce&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernmentspending&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&l_pb_bid_id=57f467e8826f764&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.19593591025177615
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b70c7bcff3be5296da9ac709642d2874ed7332e829f36dfbeb41125ad33395f2

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
482
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5311 		481 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&eid_spotim.market=71f3befa-7111-46eb-8308-02c08342e2dd%5E1&tpid_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&eid_adserver.org=41e24d93-d54c-44df-8e10-335978a5e3ce&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernmentspending&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&l_pb_bid_id=58f97bb688e51d2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.029727519600347474
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f13441c9ca4c37ab88e1812acc62ab57252afe1875241baf257664a78c148e18

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
481
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5311 		482 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2223316&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&eid_spotim.market=71f3befa-7111-46eb-8308-02c08342e2dd%5E1&tpid_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&eid_adserver.org=41e24d93-d54c-44df-8e10-335978a5e3ce&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernmentspending&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&l_pb_bid_id=59bc3cf562415bb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.28719085277713097
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
50560f09f11f322ffa523d6184f704dd4b3de330722d87d2283e622b4f29004a

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
482
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5311 		482 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&eid_spotim.market=71f3befa-7111-46eb-8308-02c08342e2dd%5E1&tpid_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&eid_adserver.org=41e24d93-d54c-44df-8e10-335978a5e3ce&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernmentspending&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&l_pb_bid_id=60c55ac5003b48c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.2863305841269643
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fad296905b8eb51a3aea33ca7b218700fd085931b0bc1b54dd74cbdf7a7a803a

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
482
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5311 		482 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&eid_spotim.market=71f3befa-7111-46eb-8308-02c08342e2dd%5E1&tpid_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&eid_adserver.org=41e24d93-d54c-44df-8e10-335978a5e3ce&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernmentspending&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&l_pb_bid_id=61836625f400522&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.2803620430866973
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ace22790c1eaf7d264922a5e60e4a9e806e86b80436e43d63049a5102b122d1f

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
482
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5311 		482 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=ce0eda65-0932-4d09-add5-d204b5a3438f%5E1&eid_spotim.market=71f3befa-7111-46eb-8308-02c08342e2dd%5E1&tpid_tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&eid_adserver.org=41e24d93-d54c-44df-8e10-335978a5e3ce&rf=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&kw=Opinion%2Cbenefits%2Ccongress%2CCoronavirus%2Cfraud%2Cgovernmentspending&tg_i.domain=nypost.com&tg_i.page=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&l_pb_bid_id=621556b8a6d4f6d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fae3517-3f90-49ba-8416-50d4cb3a7177&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.7742101888790973
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a39e56dce5c0ab7d9f3cfa7fbda1d19e855a8fd7ace51e1071e01e30ac1ae9c9

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
482
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 5311 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=7.54.8&cb=72981980290
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame 5311 		462 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
846f3b976e15628051cfd5c55af90bcddfe6ada44c93089b949bb1057741e5eb

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
332
v1
btlr.sharethrough.com/universal/ Frame 5311 		824 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
dad26ccfc07d153fbc9b37da3cefdbfa2e77015ce44229aae3342a0ffe5b9afd

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
512
usync.js
eus.rubiconproject.com/ Frame 9CF2 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76179
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
localstore.js
script.4dex.io/ Frame D367 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
63957
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcXNjSVIfqM%2BDzX%2BRef8ktMDNcPc8bNhYfN%2B0sq6UV5QNrimdT17QVQ9lCOeGgO6JvbT4XNNmnos%2BzhCUHxS0hKiYsyuDm%2B0ODPX2sEKaz8kO18zoyb7puooL1rgH0tvYMOc6jCsLNZ1aYYK"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
84cd8a4c0e238dc4-MIA
prebid
prebid.ad.smaato.net/oapi/ Frame D367 		0
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.20.47.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-47-211.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:47 GMT
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
2b237841-3087-8343-7f63-0c5d2e07cae8
x-smt-trace
https://tracing.smaato.net/api/traces/0d9904c5c2451281dd5f43ec8ac594bd?prettyPrint=true
bid.json
reachms.bfmio.com/ Frame D367 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=bcc1ce09-7963-4ec7-c219-22911d192fd5
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.71.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-71-61.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:47 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
server
nginx/1.24.0
vary
Origin
ad-container-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		667 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/ad-container-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc1cb3c1abed6cf3e265facd1e539be166a255907e6d21cfedaa9b901d1d1d20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:11 GMT
content-encoding
br
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
x-amz-version-id
8lq515sgGckpU2pKQgjeape6UqJ5WhT3
x-amz-cf-pop
PHL51-P1
age
651337
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
406
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"e4fdb5f82b0df9e0b3d49f784d351444"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wwsNQwh6uy3XS1S5YBw7MhcX1EGMAlEDjwaID21mFrBzXp6U3fGsIg==
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a4b2baf370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 490B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
54437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 09:53:30 GMT
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=41e24d93-d54c-44df-8e10-335978a5e3ce
0
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a4c985721c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=41e24d93-d54c-44df-8e10-335978a5e3ce
date
Mon, 29 Jan 2024 01:00:47 GMT
server
Kestrel
content-length
215
PugMaster
image6.pubmatic.com/AdServer/ Frame 2B38 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71608576&p=163238&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4f7da4bef35b59db185156ef5afb9d2cb350f67125d1cd3190b64f018893225b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 29 Jan 2024 01:00:46 GMT
content-length
1953
content-type
text/html; charset=UTF-8
dynamic-ads.js
web-assets.net/special-projects/dynamic-display/_dep/_js/ Frame 51F9 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-assets.net/special-projects/dynamic-display/_dep/_js/dynamic-ads.js?_=1706490044757
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_lib/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.255.196.113 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
web-assets1.metricsamsi.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
da87649655b95af7fa183c4c265799991d798c6808970be8c41a3213dbcf01ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Last-Modified
Monday, 29-Jan-2024 01:00:47 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"624db40e-1a60"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
6752
Expires
Mon, 29 Jan 2024 01:00:46 GMT
event-stream
k.p-n.io/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=lGrO4sEYCy0zUu2DRBSBxuOWIGo8lGqPv8wE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.95.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-95-126.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:47 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a4b5c15370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame 5311 		564 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-7.phl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
36bab294570db4ed4576a8c270f2e4c4ae9f8396323e37c39b3c818969832ad5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:37:01 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
age
1426
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
h29T1XROImxdZXLJY_i9YsdGNV954JV6HqLE82wH_OV_xFG28GsSJw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 5311 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnypost.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
Server /
Resource Hash
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 94f18d69cd119572e1c08a4f8c671b16.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
5219
x-amz-cf-id
VFFVWQtAgl7unzici456kAexXR-6kSeuZiHn3SYXL_nrDcvYijW_ug==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5311 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 19:47:42 GMT
x-amz-cf-pop
PHL51-P1
age
18786
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
-FEbLZ6uB20VFc88MRjbdTuxMls161ofcRY7wC_ZrJNUtKRbFz1MYQ==
hbw_master_307825_11598.js
p.safeservingcdn.com/prebidlink/y19751/ Frame 9249 		124 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/y19751/hbw_master_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/19751/j.html?i=11598
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3749d74ec9d118677d95fd408290769dd8fc17e37f8669824a5433834e9ba931

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/prebidlink/19751/j.html?i=11598
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
last-modified
Fri, 26 Jan 2024 12:02:07 GMT
server
nginx
etag
W/"65b39f3f-1eebf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 31 Jan 2024 01:00:47 GMT
csyncs
sghb.spotim.market/ Frame 5311 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/csyncs?aid1=730717&aid2=767137&aid3=767587&aid4=833229&aid5=839059&aid6=849704&aid7=860902&aid8=862358&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/efmgc/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
b09bc066f9ce6ee3f79d91470b1041b3f93b30d060d6d2b4e26706b85da1a6df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Content-Encoding
gzip
Server
Spotim
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1083
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a4c1cd8370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
prebid
id5-sync.com/api/config/ Frame 5AFC 		135 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/ Frame 5AFC 		227 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c415e0eb17ead2fb65fed0185e557cc902c67b7b8430678b8a78d86ee9e0b54

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
84cd8a4c9c7931de-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
read
api-2-0.spot.im/v1.0.0/conversation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 29 Jan 2024 01:00:47 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
x-amz-cf-id
QANlA5uipApdVd44EAnhwHL3k1nWHxsI1MWzt4gqejwP0WmnIcE-vg==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
read
api-2-0.spot.im/v1.0.0/conversation/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
84dae894d5903c3b1dc4c1ee95b131ff011b1e066af93f226fc344c4cfde6855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-post-id
22800468
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfUFZlelZ6SG9aWEVRIiwiZGlzcGxheV9uYW1lIjoiUmVkR2xhc3NlcyIsInVzZXJfbmFtZSI6IlJlZEdsYXNzZXMiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjUmVkLUdsYXNzZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNzA2NDkwMDQyLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjQwMTI5N002TmRPLjFhMWY0NjA3NGY3MjBiNjI2NjNkYWZjNjQ4NDAyNWJlZGZmNmY1NTdmNjkyYWMxZmI2NWZlN2IzOTI0NGFlY2YiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTWFWcWRZV1ZIeXN6QzR5RG5JdWgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzM0OTEyMDQyLCJzdWIiOiJ1X1BWZXpWekhvWlhFUSJ9.ovscRX6d9pLUkBVvHqkeh6l6UZM9BhB_oV0ftXBtu_4

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
x-spotim-token
012401297M6NdO.1a1f46074f720b62663dafc6484025bedff6f557f692ac1fb65fe7b39244aecf
x-request-id
d68fec6a-be41-11ee-916c-ce9221b9ade6
x-guid
71f3befa-7111-46eb-8308-02c08342e2dd
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
shffEpmJRr_c2nrtaE9kj0cGlcY6Rrg3KTWEkeU4PqdneTdk_cK4vQ==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 29 Jan 2024 01:00:47 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 5AFC 		11 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
events
bidder.criteo.com/csm/ Frame 5311 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
csi
csi.gstatic.com/ Frame 8E43 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lry840q8&c=8021027767136&slotId=4010513883568&qqid=COjUheWygYQDFf-u0QQdPLUJfA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.340~atrd.347~vil.56k&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4009:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CA5 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lry840qp&c=5291839751052&slotId=2645919875526&qqid=COnUheWygYQDFf-u0QQdPLUJfA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.34f~atrd.34k~vil.565&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4009:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us
capi.connatix.com/core/ Frame A815 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/418625/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
84cd8a4c9d5c370a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
tag
btloader.com/ Frame 5311
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0e4ecd3f80ce3a3b4d1c05dd1909e84fc20ca807d8eddfc4bf68faa999fadb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 00:02:56 GMT
server
cloudflare
age
3286
etag
"a403415c92df24a87c9bd59504a36a7a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
84cd8a4fad9302ed-MIA
content-length
18015

Redirect headers

date
Mon, 29 Jan 2024 01:00:47 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
3286
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=nypost.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
84cd8a4e7c1a02ed-MIA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 5311 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 29 Jan 2024 01:15:47 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 5311 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 14:03:41 GMT
content-encoding
gzip
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
39427
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ACznu2eM8FDF8BrYShmafk7Uf4cSw1TkAJyEehyaR5ugxcS8lAJCsw==
ima.js
cdn-ima.33across.com/ Frame 5311 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec073870edc9ab414dd4af71dd1e0479278446b8d695af3e2526548da56a0045

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 20:10:43 GMT
server
cloudflare
age
368800
etag
W/"65b01d43-3c22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84cd8a4d3b857434-MIA
expires
Thu, 01 Feb 2024 01:00:47 GMT
hadron.js
cdn.hadronid.net/ Frame 5311 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&ref=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&_it=amazon&partner_id=471
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
4496
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
84cd8a4d3f5d497e-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 5311 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
J52V4KDNC3S0G40G
age
75
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84cd8a4d38b74c1b-MIA
x-amz-id-2
0sGZS9MPH/9Q/q9fVKSDYBsKOt6Q7pJYOBgHseHPdLRtz30rL+shC2QInjaVZ5beEfze/nJFzqYjemPO6ccSOA==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 5311 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 29 Jan 2024 01:15:47 GMT
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/stats/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/stats/NYP%20Site%20Wide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 29 Jan 2024 01:00:47 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
x-amz-cf-id
QQ4aggViGse4_mt2g3r5NFfo7e7CovLEsf0NQgiZ1qtQAkqKomYxPQ==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/stats/ 		91 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/stats/NYP%20Site%20Wide
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
1516d0d87ad045d3a2d64e8213cbc4e1c1cb211250ddea60767cdcd283d9c1cd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-post-id
22800468
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfUFZlelZ6SG9aWEVRIiwiZGlzcGxheV9uYW1lIjoiUmVkR2xhc3NlcyIsInVzZXJfbmFtZSI6IlJlZEdsYXNzZXMiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjUmVkLUdsYXNzZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNzA2NDkwMDQyLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjQwMTI5N002TmRPLjFhMWY0NjA3NGY3MjBiNjI2NjNkYWZjNjQ4NDAyNWJlZGZmNmY1NTdmNjkyYWMxZmI2NWZlN2IzOTI0NGFlY2YiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTWFWcWRZV1ZIeXN6QzR5RG5JdWgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzM0OTEyMDQyLCJzdWIiOiJ1X1BWZXpWekhvWlhFUSJ9.ovscRX6d9pLUkBVvHqkeh6l6UZM9BhB_oV0ftXBtu_4

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
via
1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
91
x-request-id
d68ffb8d-be41-11ee-80ea-92cce239b88f
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
7ipiJr2hLFVpSxV5xuOB8bViNxWpjkEwSUWjvwMCS5TxKx5lXkqu-A==
r5bMv1v5hDH-JqppeMMik14lHTIKRxWwRWOy9dcqku9SPVIZ6xANB8l3ttQOPLHjgh9OaxiJxRHzwVTdQTsNJ9jfi9NoUVL2kS59oztC-BbGqquOWoiZ0OQkeyLFToXRzfFpvMJeVcyHUmMl9DBx5GRmk7RAJp5O5wriCbYf5zk8tn4jcV3GrN9cEO6onq--ywfMx...
pdc.bidswitch.net/mrc_vimp/ Frame DAD0 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdc.bidswitch.net/mrc_vimp/r5bMv1v5hDH-JqppeMMik14lHTIKRxWwRWOy9dcqku9SPVIZ6xANB8l3ttQOPLHjgh9OaxiJxRHzwVTdQTsNJ9jfi9NoUVL2kS59oztC-BbGqquOWoiZ0OQkeyLFToXRzfFpvMJeVcyHUmMl9DBx5GRmk7RAJp5O5wriCbYf5zk8tn4jcV3GrN9cEO6onq--ywfMxTLz4IDFKt_U3-Jdp22KdZ6-TcJljF6RC0NH02Un-mvOEC5K23QNu3tvM8FWSTaIuL8sE38gvUj16uGygtzUHhuBqigvVAMC1P51wny7gDWPhrd5Q2-g4t_hZRTep1IZwjkCLxjIwrkz0O-q8Q7B4wS30FZClK9M31ePp_5LwFKQ7uTDigj8WkkidKHf1Q
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.206.254 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
254.206.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
r5bMv1v5hDH-JqppeMMik14lHTIKRxWwRWOy9dcqku9SPVIZ6xANB8l3ttQOPLHjgh9OaxiJxRHzwVTdQTsNJ9jfi9NoUVL2kS59oztC-BbGqquOWoiZ0OQkeyLFToXRzfFpvMJeVcyHUmMl9DBx5GRmk7RAJp5O5wriCbYf5zk8tn4jcV3GrN9cEO6onq--ywfMx...
pdc.bidswitch.net/groupm_vimp/ Frame DAD0 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdc.bidswitch.net/groupm_vimp/r5bMv1v5hDH-JqppeMMik14lHTIKRxWwRWOy9dcqku9SPVIZ6xANB8l3ttQOPLHjgh9OaxiJxRHzwVTdQTsNJ9jfi9NoUVL2kS59oztC-BbGqquOWoiZ0OQkeyLFToXRzfFpvMJeVcyHUmMl9DBx5GRmk7RAJp5O5wriCbYf5zk8tn4jcV3GrN9cEO6onq--ywfMxTLz4IDFKt_U3-Jdp22KdZ6-TcJljF6RC0NH02Un-mvOEC5K23QNu3tvM8FWSTaIuL8sE38gvUj16uGygtzUHhuBqigvVAMC1P51wny7gDWPhrd5Q2-g4t_hZRTep1IZwjkCLxjIwrkz0O-q8Q7B4wS30FZClK9M31ePp_5LwFKQ7uTDigj8WkkidKHf1Q
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.206.254 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
254.206.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
auction
prebid-server.rubiconproject.com/openrtb2/ Frame D367 		209 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b9ee377928d62199bcea8b77b5ad42bfdb7398ec2dea704147c1e0aa7b9fe3fb

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.8.0
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
189
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A3C6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D570607%26a%3D281178
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48088
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:47 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pbs-iframe
pbs-cs.yellowblue.io/ Frame 9D55 		114 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D756033%26extuid%3D%5BPBS_UID%5D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D756621%26a%3D756033
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.235.119.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-119-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
81c1b0d999627f24cc9836f5c4477d232751f66c29dfd4706d98ab29f93798b8

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
114
content-type
text/plain
date
Mon, 29 Jan 2024 01:00:54 GMT
server
istio-envoy
/
ads.us.e-planning.net/uspd/1/ Frame 55FE
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%...
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
9749b6a9fa0b4ed76f4bff19fc67201cfebfa6c9704ed126d04f4be30cb6b97d

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 29 Jan 2024 01:00:47 GMT
expires
Mon, 29 Jan 2024 01:00:47 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1220

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 29 Jan 2024 01:00:47 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1220
/
de.tynt.com/deb/ Frame D7AB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D5...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
3ae1924b00b6a485b8e521284d953eb6e6dec7731bc8adc722a4abcd0cda74a3

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2299
content-type
text/html
date
Mon, 29 Jan 2024 01:00:47 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:46 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8340000A
csync
sync.spotim.market/ Frame 4332
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D75...
  • https://sync.spotim.market/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=750708&a=754412
43 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=750708&a=754412
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:47 GMT
Etag
7c6e7f15a4ce5182
Server
Spotim

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Mon, 29 Jan 2024 01:00:47 GMT
expires
Mon, 29 Jan 2024 01:00:47 GMT
location
https://sync.spotim.market/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=750708&a=754412
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
csync
sync.spotim.market/ Frame 5311
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26traffic_sour...
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&traffic_source=snippet&session=85AD5D56E2433DA6&sp=730717&pb=305583&c=501093&a=309017
43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&traffic_source=snippet&session=85AD5D56E2433DA6&sp=730717&pb=305583&c=501093&a=309017
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
Spotim
Etag
7c6e7f15a4ce5182
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&traffic_source=snippet&session=85AD5D56E2433DA6&sp=730717&pb=305583&c=501093&a=309017
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame 5311
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583...
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=545872&a=323551
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=545872&a=323551
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
Spotim
Etag
7c6e7f15a4ce5182
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=545872&a=323551
access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:47 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
csync
sync.spotim.market/ Frame 5311
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583...
  • https://sync.spotim.market/csync?t=a&ep=733068&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=655457&a=733068
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=733068&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=655457&a=733068
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
Spotim
Etag
7c6e7f15a4ce5182
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=733068&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=655457&a=733068
access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:47 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
csync
sync.spotim.market/ Frame 5311
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366...
  • https://sync.spotim.market/csync?t=a&ep=310570&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=484067&a=310570
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=310570&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=484067&a=310570
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
Spotim
Etag
7c6e7f15a4ce5182
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=310570&extuid=IEdcARZHXsIbyiq9SwayWrz3&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=484067&a=310570
access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:47 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 5311 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7c6e7f15a4ce5182
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
csync
sync.spotim.market/ Frame 5311
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D8...
  • https://sync.spotim.market/csync?t=a&ep=307558&extuid=26a2fa4e-2f3e-44eb-9c5d-705656140371&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=603469&a=307558
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=307558&extuid=26a2fa4e-2f3e-44eb-9c5d-705656140371&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=603469&a=307558
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
Spotim
Etag
7c6e7f15a4ce5182
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=307558&extuid=26a2fa4e-2f3e-44eb-9c5d-705656140371&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=603469&a=307558
date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-store no-transform
server
nginx
content-length
274
content-type
text/html; charset=utf-8
csync
sync.spotim.market/ Frame 5311
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%...
  • https://sync.spotim.market/csync?t=a&ep=297253&extuid=569908430852131164&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=538100&a=297253
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=297253&extuid=569908430852131164&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=538100&a=297253
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
Spotim
Etag
7c6e7f15a4ce5182
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
an-x-request-uuid
f9ffa267-8d87-407d-be19-a85c52308bb2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.spotim.market/csync?t=a&ep=297253&extuid=569908430852131164&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=538100&a=297253
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ Frame 5311 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D632122%26a%3D556847
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
csync
sync.spotim.market/ Frame 5311
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%...
  • https://sync.spotim.market/csync?t=a&ep=751004&extuid=569908430852131164&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=736651&a=751004
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=751004&extuid=569908430852131164&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=736651&a=751004
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
Spotim
Etag
7c6e7f15a4ce5182
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
an-x-request-uuid
742124f2-8bf4-4b60-a44a-429620bad5df
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.spotim.market/csync?t=a&ep=751004&extuid=569908430852131164&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=736651&a=751004
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.spotim.market/ Frame 5311
Redirect Chain
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26traffic_source%3Dsnippet%26session%...
  • https://sync.spotim.market/csync?t=a&ep=753378&extuid=o0sIVghABe0h&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=746141&a=753378
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=753378&extuid=o0sIVghABe0h&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=746141&a=753378
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Server
Spotim
Etag
7c6e7f15a4ce5182
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:47 GMT
Transfer-Encoding
chunked
Location
https://sync.spotim.market/csync?t=a&ep=753378&extuid=o0sIVghABe0h&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=746141&a=753378
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
events
api.permutive.com/v2.0/batch/ 		201 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8716c0bf-3e57-4603-9c05-89d10477c922
Requested by
Host: 0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
URL: https://0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app/f34a8612-9c89-4e7a-adeb-71a2902d9634-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4c12f829603fc86965337ad88709b9386cf108a4f0f1bc520bcefb40a298e54f

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2405212159101885593
0
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2405212159101885593
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a4f8d6d21c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2405212159101885593
date
Mon, 29 Jan 2024 01:00:47 GMT
content-length
0
adagio.js
script.4dex.io/ Frame D367 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
63945
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utD6CYYSnsqWpXGOkB%2Fl5ADR%2BTpu7Vt31f%2B%2FC%2BsWUjdvmjgmgz%2BssK40FrAysRTmmTvjcR1uWrwyO8f60Xo8MCzLvjpF81Ig7t4VtJi6oOOIoe0jAVTKMvq9K7vmxQhFtJ9yf0eJlrKjlMNv"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84cd8a4e9822741e-MIA
auction
prebid-server.rubiconproject.com/openrtb2/ Frame D367 		209 B
483 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
0c6abae3d6db2dce0143024d6597445462cdeb780f3469d4e27789602b5f22c4

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.8.0
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
190
Expires
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 57DB 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame D2CB
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=undefined
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1508%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=1863272008
  • https://sync.1rx.io/usersync3/appnexus/1508/569908430852131164?zcc=0&sspret=1&rndcb=1863272008
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Mon, 29 Jan 2024 01:00:48 GMT
etag
RX4949403a4567441386a864a4c6123dda005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame D826 		43 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 29 Jan 2024 01:00:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame EA3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 91E0 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=undefined
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:48 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-14a590ff1895@version_1.582v4
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 493C
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7597764471930027755&uid=Q759776447193002...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7597764471930027755
42 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7597764471930027755
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=23122
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 29 Jan 2024 01:00:48 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7597764471930027755
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 446D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=undefined
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:59948840237444FFB186652355CB1705&gdpr=0&gdpr_consent=undefined
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:59948840237444FFB186652355CB1705&gdpr=0&gdpr_consent=undefined
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 29 Jan 2024 01:00:47 GMT
expires
Sun, 28 Jan 2024 01:00:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:59948840237444FFB186652355CB1705&gdpr=0&gdpr_consent=undefined
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
user-sync
ms-cookie-sync.presage.io/ Frame 9D07 		0
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=undefined&pubmatic_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:47 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Zl75gb7gYY-Srsrm7X9huom6bKGkaQ25pApYtfNMgOo8MYNyLR9gFA==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Miss from cloudfront
X-Powered-By
Express
p
a.audrte.com/ Frame 2B38
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=undefined&p=M1717054901&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
52.209.41.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-41-250.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame 2B38 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-26.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 0112af6219abab80a1c298e0563cf966.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
4m8oanORxBPv8R1-8OjAVC8pqNZLCq_JcxBfgiHasCVpJ6XFDKhJMg==
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame 2B38 		42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&sInitiator=external&gdpr=0&gdpr_consent=undefined
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:47 GMT
Frontend-ID
7
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame 2B38
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=undefined
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6bcc2b7bf5bd0e96/gdpr=0/gdpr_consent=undefined?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%2...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5f72766870583b8c82c87eabd99f6997&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=41e24d93-d54c-44df-8e10-335978a5e3ce&icm&gdpr=0&gdpr_consent=&cver
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=50d52feb844a13ef
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnpheHAtYkY5ajk1WTNKZ2Z6Zm9FR1B1YkFab3FwbVIybk55QlZPaW8zVG8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEClxdBnq0j4-IHBzTXYe7WA&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEClxdBnq0j4-IHBzTXYe7WA&google_cver=1
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
3.232.64.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-64-79.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:49 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEClxdBnq0j4-IHBzTXYe7WA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2B38
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=undefined
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=undefined&gdpr=0&piggybackCookie=uid:3213fc64-36ea-4b3c-bc02-489b41ed3180&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=undefined&gdpr=0&piggybackCookie=uid:3213fc64-36ea-4b3c-bc02-489b41ed3180&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jan 2024 01:00:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=undefined&gdpr=0&piggybackCookie=uid:3213fc64-36ea-4b3c-bc02-489b41ed3180&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
bootstrap-carousel.js
web-assets.net/special-projects/dynamic-display/_dep/_js/ Frame 51F9 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-assets.net/special-projects/dynamic-display/_dep/_js/bootstrap-carousel.js?_=1706490044758
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_lib/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.255.196.113 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
web-assets1.metricsamsi.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d2b522e4658b4889e7717367573b36bc1a8614766778bba9f79a7dda3e4882b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Last-Modified
Monday, 29-Jan-2024 01:00:47 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60ef38bd-3178"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
12664
Expires
Mon, 29 Jan 2024 01:00:46 GMT
handlebars.min-v4.2.0.js
web-assets.net/special-projects/dynamic-display/_dep/_js/ Frame 51F9 		74 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-assets.net/special-projects/dynamic-display/_dep/_js/handlebars.min-v4.2.0.js?_=1706490044759
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_lib/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.255.196.113 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
web-assets1.metricsamsi.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7c8b927cff2845bc161bda51afe15a19f054eb691863eed8a94b1748282762a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:47 GMT
Last-Modified
Monday, 29-Jan-2024 01:00:47 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60ef38bd-1269b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
75419
Expires
Mon, 29 Jan 2024 01:00:46 GMT
khaos.json
token.rubiconproject.com/ Frame 9CF2 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
pixels
pix.spot.im/api/v1/ 		0
230 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-41.iad89.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 ffa8ec5cfe61dcaaebc108ff8c867054.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
6GvPiPyXlQGYNxy60nmGVh8vTzKjmqJjDt7PUkApviZPBWfLY5_dSg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9CD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8369082252707&version=m202309260101&ct=76&x=8&cor=17829347448228086000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_307825_11598.js
player.adtelligent.com/prebidlink/ex19751/ Frame 9249 		2 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19751/hb_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19751/hbw_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
15189757b26d57e460c393801d0fff24ab48676e40a925037a5fbd24c7d9450e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 01:00:48 GMT
date
Mon, 29 Jan 2024 01:00:48 GMT
content-encoding
gzip
last-modified
Fri, 26 Jan 2024 12:02:07 GMT
server
nginx
etag
W/"65b39f3f-603"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
multitracking
sghb.spotim.market/adunit/ Frame 5311 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/efmgc/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nypost.com
Date
Mon, 29 Jan 2024 01:00:48 GMT
Access-Control-Allow-Credentials
true
Server
Spotim
Connection
Keep-Alive
X-Robots-Tag
noindex
um
sync.e-planning.net/ Frame 55FE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=49&redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BuserId%7D%26dc%3D0abbcb4eba840e59%26fi%3Ded4a94647a2ace32
  • https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3Ded4a94647a2ace32
  • https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=ed4a94647a2ace32&ev=1&us_privacy=${us_privacy}&pid=562965
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=ed4a94647a2ace32&ev=1&us_privacy=${us_privacy}&pid=562965
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=ed4a94647a2ace32&ev=1&us_privacy=${us_privacy}&pid=562965
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
pbs.gif
sync.admanmedia.com/ Frame 55FE 		9 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Ded4a94647a2ace32%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 55FE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 27 Jan 2029 01:00:47 GMT
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Ded4a94647a2ace32%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ed4a94647a2ace32&uid=460bad56-ba86-4057-96df-cd3eb47a1283
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ed4a94647a2ace32&uid=460bad56-ba86-4057-96df-cd3eb47a1283
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ed4a94647a2ace32&uid=460bad56-ba86-4057-96df-cd3eb47a1283
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 55FE 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 27 Jan 2029 01:00:47 GMT
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Ded4a94647a2ace32%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=29bf7e01bf5130f&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ed4a94647a2ace32&uid=AAAHQ984-ACn-AMoigXKAAAAAAA&expiration=1706576448
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ed4a94647a2ace32&uid=AAAHQ984-ACn-AMoigXKAAAAAAA&expiration=1706576448
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ed4a94647a2ace32&uid=AAAHQ984-ACn-AMoigXKAAAAAAA&expiration=1706576448
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Ded4a94647a2ace32
  • https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=ed4a94647a2ace32
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=ed4a94647a2ace32
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:49 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=ed4a94647a2ace32
date
Mon, 29 Jan 2024 00:59:07 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Ded4a94647a2ace32%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ed4a94647a2ace32&uid=569908430852131164
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ed4a94647a2ace32&uid=569908430852131164
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
an-x-request-uuid
8ca54b28-af19-4da1-bd65-a3177cafc3c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ed4a94647a2ace32&uid=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Ded4a94647a2ace32%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ed4a94647a2ace32&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ed4a94647a2ace32&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-110
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ed4a94647a2ace32&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3Ded4a94647a2ace32%26uid%3D
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=ed4a94647a2ace32&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=ed4a94647a2ace32&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=ed4a94647a2ace32&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
date
Mon, 29 Jan 2024 01:00:48 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Ded4a94647a2ace32%26uid%3D%24UID&partner=eplanning
  • https://sync.1rx.io/usersync2/rmpssp?sub=zeta&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlO...
  • https://p.rfihub.com/cm?pub=28593&in=1&rndcb=4596946682
  • https://sync.1rx.io/usersync/zeta/969751697415783635
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3DRX-4949403a-4567-4413-86a8-64a4c6123dd...
  • https://ssp.disqus.com/match?bidder=37&buyeruid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5...
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
  • https://ssp.disqus.com/match?bidder=24&buyeruid=b82c204e-23a5-4c37-b8ee-e7d70eb88eda&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubm...
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ed4a94647a2ace32&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ed4a94647a2ace32&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:49 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ed4a94647a2ace32&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame 55FE
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
date
Mon, 29 Jan 2024 01:00:48 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ed4a94647a2ace32
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ed4a94647a2ace32
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ed4a94647a2ace32
date
Mon, 29 Jan 2024 01:00:48 GMT
server
fasthttp
content-length
0
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3Ded4a94647a2ace32
  • https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=ed4a94647a2ace32
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=ed4a94647a2ace32
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=ed4a94647a2ace32
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
x.bidswitch.net/ Frame 55FE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=48961215-5862-4647-9cd4-cab4f0e5ce54&ssp=eplanning
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=48961215-5862-4647-9cd4-cab4f0e5ce54&ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=48961215-5862-4647-9cd4-cab4f0e5ce54&ssp=eplanning
date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3Ded4a94647a2ace32
  • https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=ed4a94647a2ace32
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=ed4a94647a2ace32
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:48 GMT
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=ed4a94647a2ace32
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
um
u-iad04.e-planning.net/ Frame 55FE
Redirect Chain
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_us...
  • https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=ed4a94647a2ace32
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=ed4a94647a2ace32
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=ed4a94647a2ace32
access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:48 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
um
sync.e-planning.net/ Frame 55FE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=5198023404
  • https://sync.1rx.io/usersync/stackadapt/0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005%26dc%3Dfc74...
  • https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
date
Mon, 29 Jan 2024 01:00:48 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
envelope
lexicon.33across.com/v1/ Frame 5311 		42 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003HljHyAAJ&src=aps&ver=1.4.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
hadron.json
id.hadron.ad.gt/v1/ Frame 5311 		95 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=nypost.com&url=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&ref=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&_it=amazon&partner_id=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973e91e76821975d84c8d9d7dd972a46fc5fad10a0d64f42a0757d67a66e9cfd

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
84cd8a516f1e31de-MIA
/
sghb.adtelligent.com/geo/ Frame 9249 		157 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/geo/
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19751/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ca1e1705cd424e7f3d201f3b07cf643348996d602999ae3dc7afa01c0ad9da11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
157
tracking
sghb.adtelligent.com/adunit/ Frame 9249 		43 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11598&full_page_url=https%3A%2F%2Fnypost.com&adid=y84447.jf&features=16416&vpbv=m221&lifecycle_tte=1773
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19751/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6340 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48087
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:48 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 5311 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 29 Jan 2024 01:15:48 GMT
/
ssc-cms.33across.com/ps/ Frame 6BB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706490047870.2&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
server
33XP018
x-33x-status
2000208
cm
us-u.openx.net/w/1.0/ Frame 0862
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706490047870.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f6dbd4a0a179080759970b227cc716ec1c1e721cf1c665576d590620a4742abe

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
768
content-type
text/html
date
Mon, 29 Jan 2024 01:00:48 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
40000000008200000A
/
ssc-cms.33across.com/ps/ Frame D7AB 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?_=1706490047870.&ri=0010b00002T3JniAAF&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:47 GMT
server
33XP017
/
ssc-cms.33across.com/ps/ Frame D7AB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1709082048%26external_user_id%3D41e24d93-d54c-44df-8e10-335978a5e3ce
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1709082048%26external_user_id%3D41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:47 GMT
server
33XP013

Redirect headers

location
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1709082048%26external_user_id%3D41e24d93-d54c-44df-8e10-335978a5e3ce
date
Mon, 29 Jan 2024 01:00:48 GMT
server
Kestrel
content-length
407
/
ssc-cms.33across.com/ps/ Frame D7AB 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706490047870.4&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP016 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:47 GMT
server
33XP016
/
ssc-cms.33across.com/ps/ Frame D7AB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:47 GMT
server
33XP017

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
ssc-cms.33across.com/ps/ Frame D7AB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=vC4MldVUXx1-4THjD_zAjiaEdkk
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=120&xu=vC4MldVUXx1-4THjD_zAjiaEdkk
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:48 GMT
server
33XP014

Redirect headers

Location
https://ssc-cms.33across.com/ps/?xi=120&xu=vC4MldVUXx1-4THjD_zAjiaEdkk
Date
Mon, 29 Jan 2024 01:00:48 GMT
Connection
keep-alive
Content-Length
97
Content-Type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame 1AF9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:48 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B485 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Ded4a94647a2ace32%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48087
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:48 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 5B03 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fde26fdc1941ce3826031c1e40f68e250fb70452e689b42052cb1a66568c725

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a51cd0774a4-MIA
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 01:00:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUwOBV%2BrnZYzsRhTD1JRdzD90ot%2BmlCdkEULr1C9gry6zvchviip1EocJ71jFcvSWApSgTOHWJA7S0vHau7N1A8fqr4nUgr6VejQZJG3geNgjLC266k3NLZJ9biV8x1ljjlorUwN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=nypost.com&url=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
84cd8a505cf331de-MIA
content-length
0
content-type
application/json
date
Mon, 29 Jan 2024 01:00:48 GMT
debug
OPTIONS block
expires
Tue, 28 Jan 2025 01:00:48 GMT
server
cloudflare
v1
lb.eu-1-id5-sync.com/lb/ Frame 5AFC 		33 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
297440fd945f5cddbc4d7d908b1d94e95e4f097764af7e2006b9d997252364ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BvT4Suvi2ZeSPOJuCnboP7p6W-AIAAAAAOAHgBAI&bg=!jI-lj8DNAAa8BdJLnAU7ADQBe5WfOIDqBduRG79mocFO7R2Cr-9Ppd5fFWK92Q805dltkAMtyrSyCYOyG-coTRjE8XexAgAAB7BSAAAAA2gBB5kDCrf61rohsL9kqE5y4j4atLCSIsQB9swvWzyZqZUGGUdKTIwf0lROnspKAsq0_gvc-Y0Mjgbtq1l7K1TvYL4hAqrEew8KIutJQifU2cYzfVR49wXRCIYLAIdXC8boRDdLImBxdQg1rCqAzv_1TyDis1SMRCBPgXntsYe_wjf6a6Rd9hYmFkK5Wg-PH0xBOiXfaj1AQNq6Zd6IqnkwPahYKx3_4sx5oQz3GzzKmhA1VK2m8QrM0olHw-g5YIJb3oEXLtbuQXsJSEV-LZ2_J4WyGxvweIU6udMGmpDQbfQatWZOtPeB5c5FzYcVD1e-m2Lavh8658xx0759s43G6rOqIAMHOjMREBVDQ6n4IPJBGToczObuStUH9RB5xES9RwGqbqLzOpJDQSt_QrUIGaWYSXkNWHuqEF8LpoLokELhrAAV3PmACmb_I5C0lYWlgwwknM_MMwPP5qowSUaT7Fkbub4gL1w-tte17oauTTokQL_EAQFI1MhDvH-qwXDMmwRI3HLa8tHuCfErhpagnHlqupMnaDu7nSkwi6lVkMQd0QcN2aufIdLXS_eUQ_dKEwBLub2yYPJFPuCZ_XUV63Hpdv74pT0P3BXqbuigOaK0ZZawa1Xhf4G4ANII1CkVDT-RN_wDaTaFrK0W5BHQplJk5C0cORi-RcXkrq3BFdNDTwZodU6oLX2twrH2S7aVT1V26v1-DAEhSg5j68apzkx1ZxYgclxLfNjJy8dC3pmgeut9LfuH9jjdMEu18oR8v_ZYcldWHD3wX3ICTHqcpcgKH2wZIDF_Zd9-VPwW7rfVoTsrV_vlxeK9QNXskB_LFvW41q2QmZ_0QkPk4gle6MWKr0n_B572TKlJ2VIml4LlpRwnH3vQQRUnhRUgxF9kwRMehx9Uc2OxtqFnhmA0qA_oGNiGlQyGXqus_0JktyFGuer2t68DmskmgcEM-W5mAjNPGf8Fq4uE0t_30Z8FBfNYcrOzrKt2_LcXjA8yUc0uPgRJpgc9v7DUnEtX4ESqgj2vkH2roXnMjOg1GQg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6523 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame DB75 		311 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27744226&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c16592e0adbebb5ad432ce3adfc011aa1e994ea52dfecf61fc28885254d356f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 29 Jan 2024 01:00:47 GMT
content-length
311
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88CD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwwoYuvi2ZcTiEN_ZoPwPiPCyuAEAAAAAOAHgBAI&bg=!UlGlUR7NAAa8BdJLnAU7ADQBe5WfOF6eEywNS9LzFQe0VDu0Yo5NxxT0o0pO0C1T364aa8uRMw4vaORBCRICi96gpsHLAgAACANSAAAAA2gBB5kC2FKz0wRALUTuiqI9-nFvg0099YZcozhYmzIsD-Wm-U33Fo5PzzZ6VoaR7nNNaXBtl9-GYiudbPhsq1Zvj6pxeLVHEd-GOLv0xPg0upVBm-7PcrWy9XmQj-oT5p_kXFxMcDf11L5S43RI0YLnhDV-OvWbZhfoc-WBxYdD24EGBmS75fufeHYyv8AHxB2XY4ZJyoa7_G6uqLXg__PCdN3NSLNeogdzMGlgwHy4LLTepVmTRSBkmTJv9g0dkkdKjZRxrXVFvsR31XnOtsZQTVfay3UrUypuLtAqsIDJVyxWufPk6fn4k17qbVuBpCKZDrqp-zeif-VrLCFcViKNqdR217mtRTLdRktj_s6pJrc_AkfhWZSMifjIhLLxVaVmuOTKEncB-gm05a65F1CTlAbfOxWjT-NtYpFv6Zu9njjOPmJ4OM4YnVnNizzoT2tQHmJS3YkEt8rel7JiBg9WTZFvtqc41ZsLTJFE5glOeErFv38RdlerHXfzahi06zXNhfCDsZt7SxcJfdTNP8bVkE9iTfkd-zUj5qGarwqBerzfjoHWR6DwG3a3X5Q65vCrUYd2mSVtdCsq859NEmdwnTpO_YvIdh9T92CTXnCpEcCeG6xxsSU-lwPC_u2YbixzPF4qz6Xvp-WKuF6ZndmGHo9pQa1-gC1YxJ7IwmCWGSLAed3SXG0KTDzARwJ5-Hu1eM3Au5G2uLUQDZwmQMfjsDpKBO4xqoUdc_QBeeABMZOEa-cVHThKerOSXfEgivJkg1SMdIPzlopgKAEQqHgbtb_wYg9KdSigrurS4arAU4u_4jW_jFClZh2G5VKecxQdiDYVIa6MdzzvJ4MAyShSrqnemBzYCB29DsFPJ6g1OMAMua7h_TCSPXqIs2fwkoyoB3baL8V8k8bGvVfJBSXVCbR80YC3xXmcYdLoJu3NPPiN8CSbNznZvkR30Pc1plzsDPSehvJyLA-GOkKh
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-e88be4-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-e88be4-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24cc446819c63f67b0e42cb62f581447d60af76d17f304dfddd31bde8108d137

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:11 GMT
content-encoding
br
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
x-amz-version-id
16x1JwVq0dmGwDCq9QSgTEH8kREOUTPu
x-amz-cf-pop
PHL51-P1
age
651338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
15234
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"f2e138fdef26895cbe5cedd85f39406a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xz8rfnuhxIGxDGnZ3JctePPD5oOTOlpfPLbL6_ovtfUVSPXad9BjfQ==
conversation-component-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.92.2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.92.2/conversation-component-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6ec9c92a2f4800232833a760cde924c59f27ce50606850bea83f3dd39f569c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 12:05:11 GMT
content-encoding
br
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
x-amz-version-id
vldKpk7FW7faD7bIYkcsOxdllrNXGe5n
x-amz-cf-pop
PHL51-P1
age
651338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
31736
last-modified
Sun, 21 Jan 2024 11:31:01 GMT
server
AmazonS3
etag
"c28143636edab9c29c6fc39695c4e492"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uW1ARAye9kFUvGthnYD5Wig609EbEXRv6-i7xd3IihpS6E7sn9pBnA==
src_components_ReactionStatic_ReactionStatic_tsx.js
static-cdn.spot.im/production/reactions/tags/v4.5.0/ 		502 B
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.5.0/src_components_ReactionStatic_ReactionStatic_tsx.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nc-nypost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9763f7cdb5419d708e7cf074d6fc19d95b652322b4ecd6dbb26aa82bc7b3be70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
ND5ix1EwST3X1vVjPA53p1hIUGoX7zgR
date
Sun, 28 Jan 2024 10:21:04 GMT
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
53150
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
502
last-modified
Thu, 28 Dec 2023 10:56:05 GMT
server
AmazonS3
etag
"903f98943a3ea21fdcadd4d5c978dca4"
vary
Accept-Encoding, Origin
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
zvfHYtBKkWtRL0K-AjReOx1V0nzzS7Pka-pQuKtdjeWMNH7P3HnfHg==
6a1e0d2999d91f6db2aa.png
static-cdn.spot.im/production/reactions/tags/v4.5.0/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.5.0/6a1e0d2999d91f6db2aa.png
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-104.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de67ae51bc8d62963652060c12aa77245a10d5393eabd1642ae620dcb6884da7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
U2qaeilmFYtVQeM7s4q04NaOYzNTLTxv
date
Sun, 28 Jan 2024 11:05:15 GMT
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
50331
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
6243
last-modified
Thu, 28 Dec 2023 10:56:04 GMT
server
AmazonS3
etag
"d71b039b9e729e85c53e6423312ca068"
vary
Accept-Encoding, Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
sUvI3Y3nEZDxRl9ooL2i5jXeyfkVoFQ2Mf2Vrjd6RIawz-c-OCxw4g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame E709 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bl0yNuvi2ZaHmNaKknboPlJmI6AEAAAAAOAHgBAI&bg=!enmleTbNAAa8BdJLnAU7ADQBe5WfOI2k5ib2eOYRacyxJBf7vYvQtqMKSTuJo-3EoNmXXbDnif71B2vky4XXds9Ps0HDAgAACBNSAAAAA2gBB5kDBmXuxfV9OO3idzx4TZaqLXOOQGVbCkpcQRYL1D7S3G9ka4V1AFz_rxt03qa-lBtXlCem8VCreQdJvBSXD8cp-P499GSNc4fRSVi24w--JYfCUMjHtkr1Ry1qg9gdnO2YrBs9qPuBBLKa9uZuKUBVuxiUeIBQHsion3bY9MwqAqBthj8Fv1hqqMjcFKkb-V3h3nKIknM0YBO54q5yWmhA3JeGZoAF1D1k_cL1AhRNzgBeBpZezz8RsZy6ntFjm9zK0-KzrFy2pJOtEARLwbMLcz76ruP07BDV3LDycsl05RLPuQqnVAXNBIyRdmi3BCY3PvUFFAkJ_g712TOiN84zJ_dGu78o2hpWGaYIec6a7JS5M9S3Ms56XR6emiJC3OUdjYfIFTaD-UzrzpKNK8yW3_TPG4oNO6qmZirmtmEW5zvge8bZLINf4E-06Zu3eDvrKaTF5KaI3y5DuohYnekUsKEuqMndiUtHHBrOivcVVHHsbIMdPPtxZ2sYpn1fFERygLmaJV8CfqiiH9OEgnI06cKtPpw5locM8DGWUOC_U8f3cJ6J15eJsPhIu-ZXV6WtMXgylhU2NN8limQdbFUHRw1YipsdnS2XkY4UAuUmfZFxnubsdorazRk5pQPm_cUEwAO2s1uxF4S-I-xDZl2WvuGBa_DYa4GFvvZ_kMb2Plbf7byvBBwpVBtzp56wDo4mJA_res4op19NpzB8odTuLsa0xEOI9IBu6ddWYGN9I3fMk1Ot8Zq1l_rrkGgogegYTKrNTbOuKcSzjgG4DRYVdCUBaPC_Ij9TeNHUFaGuzntiM-NWuaSh0bZ_gDb5iqZSStXjT3wzGEzck68FsVt_aVt8CDYuXCfhlX4wOEuJH24yOBjej_DbMgdKU9jQm3_LFGt_hbmdKCWuyfJKIKIz6ttAnyIhZTO8vBEAsfxl_WqLHIeK26jhKrYo9jas4ZEOD6t5V_0Mt-l_viV21RZBW8G7ygeYe-DxCSTT_traGvSiQXghPe_AqOtcaoVdCodN9eEEogZuWw
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame D367 		37 B
600 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=435540
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a562d61d72e8f41ad4087236f457edb6f052efab8304c1d60a6d304429ebb079

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovb3db6jZgUapaOPVfTDBGroy0RlZsnsy%2BtThklFcZHA0VDe%2Fubfs623zz1VY4OMCQO25kCiYOqCuslwYlTqGqia8Vzigt%2Fdb7Kx776fqhzUelsrwSXzxgVvMGGrSwRjnGH8rJen"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84cd8a52f80e74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
state
api.btloader.com/mw/ Frame 5311 		0
11 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame 5311 		43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2644045
x-guploader-uploadid
ABPtcPptM6FyMzPanO47L8cyZ5GSFsFP0EqV4-X5T5HR9glMDU47R21ZpDkQ-uFS0rXqwODtJg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpYbjcrsYEet4bWKQZUpzGF4r0e1YjgJ%2Be3Yz2sWffCTVxLDLJhViM7%2F2PS%2Bjb22N72ewce2lzu5vwLAZrpXhKqXPK85S8yEYjazXNX5WH0FjN49lsMH0srf2bOUFMIPjiow7QV9a498dzDH3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84cd8a536f614c08-MIA
expires
Fri, 29 Dec 2023 10:59:25 GMT
favicon.ico
ad.doubleclick.net/ Frame 5311 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 06:52:02 GMT
x-content-type-options
nosniff
age
65326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1078
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 06:52:02 GMT
px.gif
ad-delivery.net/ Frame 5311 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9298484130365903
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2644045
x-guploader-uploadid
ABPtcPptM6FyMzPanO47L8cyZ5GSFsFP0EqV4-X5T5HR9glMDU47R21ZpDkQ-uFS0rXqwODtJg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9auyN2WWu9b6uTsNd14PiWQl3bZh6Irak%2B%2B3MysBwI4AkTh4A568ht4i3fenZYAiYFSCs1h%2BZCDURmBi%2Fv0p3mBuOTodlw99M%2FF%2B4Xc8JO0Bg6vuCNsxI8WeIKpepXgDeNmwhFtIFq5DAZFuXw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84cd8a536f624c08-MIA
expires
Fri, 29 Dec 2023 10:59:25 GMT
usermatch
ssum.casalemedia.com/ Frame F33B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835853ab9516d2ca9d1e42f7abec712eaee3540fdd7a4c77552d67952f298176

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a53185874a4-MIA
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 01:00:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS83%2FIEzzjYUXAs%2FqRa%2F79DeRLFRp2zOz%2BiO6KAWyhjyzEjuklIxr08sNmzWYL53hqNRzPUtTM0CFmQxs9qpOz1L%2FVB6dBKOYdrmrOeqlqqIlvyZBRlzwBW4SNmSVcwzldYrEM7j"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 36C3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddern...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=72&pid=5e0e296628a061270b21ccab&key=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
0
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=72&pid=5e0e296628a061270b21ccab&key=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT

Redirect headers

cache-control
max-age=0,no-cache,no-store
content-length
0
date
Mon, 29 Jan 2024 01:00:47 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=72&pid=5e0e296628a061270b21ccab&key=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
cookiesyncendpoint
sync.aniview.com/ Frame 7104
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=23&key=933e2efb-9384-45f1-819b-125fe772a322
0
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=23&key=933e2efb-9384-45f1-819b-125fe772a322
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Mon, 29 Jan 2024 01:00:48 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=23&key=933e2efb-9384-45f1-819b-125fe772a322
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookiesyncendpoint
sync.aniview.com/ Frame 04F2
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D41%26pid%3D5e0e29662...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=41&pid=5e0e296628a061270b21ccab&key=264943876892460233441
0
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=41&pid=5e0e296628a061270b21ccab&key=264943876892460233441
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=41&pid=5e0e296628a061270b21ccab&key=264943876892460233441
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame C557 		114 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D143%26pid%3D5e0e296628a061270b21ccab%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2269:da00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
81c1b0d999627f24cc9836f5c4477d232751f66c29dfd4706d98ab29f93798b8

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
114
content-type
text/plain
date
Mon, 29 Jan 2024 01:00:54 GMT
server
istio-envoy
via
1.1 1b6db55df4d0459558669f7d008cda9c.cloudfront.net (CloudFront)
x-amz-cf-id
BdmtSxq8UL2GSsiA5vXXGEX9iMaCBCWEMON8JSJocY0cqN8At_bzjA==
x-amz-cf-pop
IAD89-P1
x-cache
Error from cloudfront
cookiesyncendpoint
sync.aniview.com/ Frame 32F5
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=E5RP5Qpb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
0
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT

Redirect headers

content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 2253 		114 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.235.119.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-119-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
81c1b0d999627f24cc9836f5c4477d232751f66c29dfd4706d98ab29f93798b8

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
114
content-type
text/plain
date
Mon, 29 Jan 2024 01:00:54 GMT
server
istio-envoy
pbs-iframe
pbs-cs.yellowblue.io/ Frame 9580 		114 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%5BAV_GDPR%5D%26gdpr_consent%3D%5BAV_CONSENT%5D%26uid%3D%5BPBS_UID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.235.119.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-119-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
81c1b0d999627f24cc9836f5c4477d232751f66c29dfd4706d98ab29f93798b8

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
114
content-type
text/plain
date
Mon, 29 Jan 2024 01:00:53 GMT
server
istio-envoy
rum
dsum-sec.casalemedia.com/ Frame 5B03
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=lZrk1sWX5NmOnuXYm86r1cWZ54KOnbWEmp4AGZ6j
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=lZrk1sWX5NmOnuXYm86r1cWZ54KOnbWEmp4AGZ6j
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2Od2COfWpmvtnRsr1HixQ2dLVTKOPiamxkHx4MobwfP%2BCU9PyOQUt23sRBzdUY0AFlEZ4wWD37UfEVOm%2BddExaacEnZzRzKcmUi286VbAjFyuHsse9mXYZvz%2FBG67lK0dKMq0AM%2BOJ4XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a59984174a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=lZrk1sWX5NmOnuXYm86r1cWZ54KOnbWEmp4AGZ6j
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame 5B03
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=7be37ee5823e102b&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHJEC4Nl3DcgMNhJqXAAAAAAA&expiration=1706576448&is_secure=true
43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHJEC4Nl3DcgMNhJqXAAAAAAA&expiration=1706576448&is_secure=true
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H2
Server
2606:4700:4400::ac40:9765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzgJiTHYlHFECVrPu%2BrE3MkWuqRfKhUBjkjoo%2B7cM6Pow2OqLVomunhak8Co5%2F6tpz45A%2FLhfwod3Ab%2Fr4NzqlcHyemiw7SaSBOh5lViF4tKzXZz29hds1TfaeRF1kaGWuti8gFdAr8XZM4HoPw7J0n4"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a550ba609d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHJEC4Nl3DcgMNhJqXAAAAAAA&expiration=1706576448&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 5B03
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722214848&external_user_id=888d5bf4-8617-4ac8-bcc6-2af092319710
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722214848&external_user_id=888d5bf4-8617-4ac8-bcc6-2af092319710
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGKBQt9QncjhkRmNZRigoRXcEPDVt%2F9TEDjWiGcT8oYSbAULyN2poMJNyCcl1RX6%2FH231yay1%2BGl%2BjSYSRe3jE%2FYkIpAokhppBCF6X%2BPzLuBYOaY8IwiVhzVLEMYN9JKeumLgfqgpLgEKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a550cdd74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722214848&external_user_id=888d5bf4-8617-4ac8-bcc6-2af092319710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 5B03
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Zbb4vAAA0m8FLAAg
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Zbb4vAAA0m8FLAAg
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvxMQZRb0uN0lxiyMYoS3UffyUyeEk%2B0rTNyr6dQsuhbTDdz1VMjdXxU5fEdsZTxNFGZ8fDvFORoWEL5TnF%2BV6Ny2nHxoVLKUegG5asKi4OgeFXuuVtWzyFdt3ALnt5OTxZ1oWFhkD7KOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a54cc7974a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-mia-kmia1760028-MIA
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706490049.730242,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Zbb4vAAA0m8FLAAg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 5B03
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=95c619af-f55c-7348-b1a4351b
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=95c619af-f55c-7348-b1a4351b
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RCXP2TRvhrGJpn2C7TuI8vE05YFgj0RGYtMr0kwrWcv5XtzFtfUrP78Uq%2BFJST3tT2iwfOqY1OtZxad4JrC%2BJ01whjStegiXzwykGqCLrhdGnAJWlZFXFOAyBuBSjtKKy0bbrEeIyhd9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a54fcd374a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=95c619af-f55c-7348-b1a4351b
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame 5B03
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MGfTdgLu1Rug0Y5
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MGfTdgLu1Rug0Y5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hj%2F8snNDHmKICQ4FZGKWuZ0iDrb3CoXtnxMfRpPH0dFoj6UMTQWNCwyDr5O56ygbOzDyaclRcmKk6YqNBdMY5scivr%2FJQZdwa2H3xeoy7fTWt7PsPlc6ATApoesSXDrIEBKXCjlhEwBjyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a54ac0c74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:48 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-0dcb9d17525277454@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MGfTdgLu1Rug0Y5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5B03 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4MBXNFJNVJX46PPCMSDK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5B03
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vC4MldVUXx1-4THjD_zAjiaEdkk
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vC4MldVUXx1-4THjD_zAjiaEdkk
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFGCVTuoSgFEcP1qTUpjJ5fp4s%2FuMuZZfnnPl%2BWMuu%2BJivZ5GRgCyr%2BW1DmYaEqE%2BhEHi0WAh2f9KOtEsquyp8izgsddvDwXwF4adllVYAyE1Ze4UA5izf1ImJZdCmTkHM15r4de%2BEcUSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a549be874a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vC4MldVUXx1-4THjD_zAjiaEdkk
Date
Mon, 29 Jan 2024 01:00:48 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
um
u-iad04.e-planning.net/ Frame 5B03 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=ed4a94647a2ace32&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif
match
events-ssc.33across.com/ Frame 0862 		68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=09be2ef7-dd92-4351-9164-02fb3f754251
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 0862
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=605b167c-5163-4ff0-8bc6-966ad113de3f&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=Zbb4wFVvkpzyqWGi7AwJyTvx
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=Zbb4wFVvkpzyqWGi7AwJyTvx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:48 GMT
server
Aorta/20240122.d5b578666
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=Zbb4wFVvkpzyqWGi7AwJyTvx
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
ab1b6b0f2e41
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 0862
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=oIOopaqfypAbJ0Gc5jjqtA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0862
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=2686f86f-e79d-485e-ba10-74b2c691a418
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=2686f86f-e79d-485e-ba10-74b2c691a418
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=2686f86f-e79d-485e-ba10-74b2c691a418
Date
Mon, 29 Jan 2024 01:00:48 GMT
Connection
keep-alive
X-CI-RTID
435763ad-3f5e-4146-bbd8-5aa5be74ac92
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 0862
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 0862 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=79ab5165-581e-4e39-b7b2-95fd06ad1102
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 0862 		0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=5111a110-db73-49f7-ae74-cc21a2822467
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame 0862
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=2a135dff-ce5e-45de-a22a-8dd80cbab1d6
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBoAMvFQnDVHha_OLCcCIwQ&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBoAMvFQnDVHha_OLCcCIwQ&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBoAMvFQnDVHha_OLCcCIwQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0862
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=569908430852131164
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=569908430852131164
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
an-x-request-uuid
e8d3239c-a04a-41b7-bbb7-da8a6f614d06
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0862
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7275493187359501348&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7275493187359501348&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7275493187359501348&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 0862
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zbb4vAAA0m8FLAAg
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zbb4vAAA0m8FLAAg
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760028-MIA
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706490049.730222,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zbb4vAAA0m8FLAAg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pbjs
htlb.casalemedia.com/openrtb/ Frame D367 		37 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=620444
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67036251407e20a3440141e084be1cf600862c9543788acf7b71e5366c9af4f

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RT%2B3GpInQvegyrs5zBd%2FUHvmOLWdtDa3a221GZKJQcD5%2F2g5vtrqwKil%2FAeqpvbspndINfqq3RPdTOunZfHMhTxHinR%2FjvSZXBnepMQE5DEdR8JU893UUFrv5Zb4QKtuUBNHLiv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84cd8a53a9a474a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
471
a.ad.gt/api/v1/u/matches/ Frame 5311 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0621ae039a0ef5d84dc0bc0a25ce54dd08257ef65e344116551c1db37b1d40d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 00:57:58 GMT
server
cloudflare
age
170
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
84cd8a544e3c5c7d-MIA
SPug
simage4.pubmatic.com/AdServer/ Frame DB75 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160993&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
params-nfls-new-300x250.json
web-assets.net/special-projects/dynamic-display/_data/nfls/ Frame 51F9 		1004 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-assets.net/special-projects/dynamic-display/_data/nfls/params-nfls-new-300x250.json
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_lib/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.255.196.113 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
web-assets1.metricsamsi.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
28f228ea72de686bcdcb9fb4dd40221e991c08a389fd811b646921d14cca15a1

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://s0.2mdn.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Last-Modified
Monday, 29-Jan-2024 01:00:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6489f152-3ec"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
1004
Expires
Mon, 29 Jan 2024 01:00:47 GMT
avpb8.21.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F09B 		286 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cde9163fb274c9b71d38e5df8083372056603dca9d4791420cdc3f458be57fcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:48 GMT
date
Mon, 29 Jan 2024 01:00:48 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPo1MUtJRwvpmBSkg7ivfK8JtrhLDb0CKfa2KaPenhXsNAf4op-NQ9vDp5_Z3gYwnqMtHEsRUCE-Zg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
90539
last-modified
Sun, 28 Jan 2024 08:10:28 GMT
server
UploadServer
etag
"ec176955201ff069dfd9cfae9ab706bd"
vary
Accept-Encoding
x-goog-generation
1706429428321356
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=TCNRFQ==, md5=7BdpVSAf8Gnf2c+umrcGvQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
90539
accept-ranges
bytes
quic-version
0x00000001
avpb8.21.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F09B 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:48 GMT
date
Mon, 29 Jan 2024 01:00:48 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPocgRVxn00dnXL8mcQI3P-Um0D7BBnoZMTwiCVDZisJBUpvFuHyp6jIPoOF2R-NPyZcdrkWoCKoGQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
23198
last-modified
Sun, 28 Jan 2024 08:10:28 GMT
server
UploadServer
etag
"3e294e9fa7b38023e0766a71a0e20519"
vary
Accept-Encoding
x-goog-generation
1706429428125838
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=/zB9JA==, md5=PilOn6ezgCPgdmpxoOIFGQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
23198
accept-ranges
bytes
quic-version
0x00000001
avpb8.21.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame F09B 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1402:6800::172d:da2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b9c3b964443437025fd23526c4bd322bdd844c4c2fbc2609e6f35704305faf2d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 01:15:48 GMT
date
Mon, 29 Jan 2024 01:00:48 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq0-biLx9Yg3Es_O1mJa-kXLwCUJ4WQB-wgLQdxJL2h5ThNIEFT9kDobTwXjDJxb5-UcuZh7QER4A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
22607
last-modified
Sun, 28 Jan 2024 08:10:28 GMT
server
UploadServer
etag
"c1a83de8a5e38e721e9bfbe4f0fe7441"
vary
Accept-Encoding
x-goog-generation
1706429428144239
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=+7SvzQ==, md5=wag96KXjjnIem/vk8P50QQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
22607
accept-ranges
bytes
quic-version
0x00000001
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8754 		283 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:10:56 GMT
content-encoding
gzip
via
1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront), 1.1 94f18d69cd119572e1c08a4f8c671b16.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, PHL51-P1
age
2993
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
UGE69Q-v-Ud4eSKFkuM5rGE8r1Lo2MIuQdoxaZWRkpclizAKNCx1TQ==
s2s
s2ssc.aniview.com/api/adserver/ 		0
688 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490048490&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=1&d5=1&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:08 GMT
rum
dsum-sec.casalemedia.com/ Frame F33B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7275493187359501348
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7275493187359501348
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2s6BWXGkQEq%2BfQnP%2Fx1teefkNzv%2FAEKgSokZNH%2BMgjEXrMg1rvGSvAuegSvhDUJrM9Pqa8fV2JohTUulnlrcIp1BPKNPVIlAfiNvJSuVBfxTy4LX6fnyQ7EGR4QYofyiLJgKVy9Yz5Nkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a57bb6f74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7275493187359501348
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame F33B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6499456437357126316&expiration=1707699648
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6499456437357126316&expiration=1707699648
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJRcB%2F1jdBg%2FL%2FjvAdNZVKHmNOe2bCvcFicbR97M8a0kM7E2qwZlCOgKVahsk%2BbSS8nD634E%2FxI0eQkcQaZlvf7NYozZZ6bkZlPmlHHFhGqo19%2BeB8%2BfKI%2BQvByJeZx7bFnb8tuX%2Fj8Vsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a558de574a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6499456437357126316&expiration=1707699648
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
r.casalemedia.com/ Frame F33B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
43 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fmmdpi51oS9HWiax0rDULo9oFX2X65lkfn6r6OKXk3FeHD9C1ilHaoKPf5UsYx95VoEI7ZNUi9REJMyRAx1wwUr3dGtB270c8tYDzeoNTjb%2BZpx05k48feLKSRDBW4NH3huC"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a558b48335e-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:47 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum.casalemedia.com/ Frame F33B
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=f5c2153d-a7ef-4252-a851-b13887473ee8
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=f5c2153d-a7ef-4252-a851-b13887473ee8
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx6urE3xx8lUD%2FLm%2BaSlKh3SalroQv%2FTvQ1PiL6bVopNCPbI%2FIpapQwiQymgiUnpTn4gxgYtsOzMMRyR7jAksKuh%2BiNmBIm90vDla1dh9%2BHJqepRyCcVqiz6zvf1XcHPXOEvBpql"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a579b3574a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:18 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=f5c2153d-a7ef-4252-a851-b13887473ee8
cache-control
private,no-cache
content-length
222
expires
-1
rum
dsum.casalemedia.com/ Frame F33B
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=b06607fcef9108b&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF4JnAkSDwywN4SwGQAAAAAAA&expiration=1706576448&is_secure=true
43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF4JnAkSDwywN4SwGQAAAAAAA&expiration=1706576448&is_secure=true
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3B7xurAc%2BsWAnk%2Fp4jpiTnZpudtk%2BxzqQn6niL3FWQvUDMvj04vWqe7MbjPq52uTACDN6OZnUywNm21mWxLmW3GPjYk5KIKP6FQZHMj%2FhxmMxsE7Mb0GPj%2F6DeY0mKqnnHkvG7g"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a558de074a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF4JnAkSDwywN4SwGQAAAAAAA&expiration=1706576448&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
tp_out
d.adroll.com/cm/index/ Frame F33B 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:7278:7d7c:f993:dad2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum.casalemedia.com/ Frame F33B
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_3a32b05a45c5481c88778
43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_3a32b05a45c5481c88778
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FLXD5Dl3QGzM%2F%2BoGECma2etZL4Kt0gTk2OL4PcVIAXDv5r3KoACU3Q%2B9ccpTytfWEwiJ4c9%2FAgUiIuTpFCRF1Gk4DBy6qYaF9KubDCWfZR1KiEWdnkcOCir1Kv3KoIiAVHELvR6"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a56a8a574a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_3a32b05a45c5481c88778
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F33B 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cookiesyncendpoint
sync.aniview.com/ Frame F33B 		0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=42&key=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
content-length
0
/
ssc-cms.33across.com/ps/ Frame 9CF2
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LRY83WXS-13-DGE9
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LRY83WXS-13-DGE9
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=1&xu=LRY83WXS-13-DGE9
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:48 GMT
server
33XP015

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssc-cms.33across.com/ps/?xi=1&xu=LRY83WXS-13-DGE9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08401febecfa1b1a0c0270265f29df4
Expires
0
usync.js
eus.rubiconproject.com/ Frame 1AF9 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76178
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
server_match
ad2.360yield.com/ Frame E20C 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.211.60.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-60-35.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hbp_master_307825_11598.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 9249 		351 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19751/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
31cda660d9d18cc58217708baeb664f9cac895f6c14c265eb56e209b46f7cfad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 01:00:48 GMT
date
Mon, 29 Jan 2024 01:00:48 GMT
content-encoding
gzip
last-modified
Fri, 26 Jan 2024 12:02:07 GMT
server
nginx
etag
W/"65b39f3f-57bd6"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
/
onetag-sys.com/usync/ Frame 334F 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 55FE 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:44:11 GMT
content-encoding
gzip
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
54998
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
i3uHBqz_aFs8FYD6T30461szOMXrYH65xwiDuc43THqSjC4U6KZnSA==
15581
rtb.gumgum.com/usync/ Frame C7E9 		2 KB
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.212.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-212-230.compute-1.amazonaws.com
Software
nginx /
Resource Hash
90e8980f87d7c68b5db1996d4c2f297b13cdf48dd8d566c40f1c71298958675a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 01:00:48 GMT
etag
W/"0fd3c46feb1ac3d53c1cc2ccae9ba0b94"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame FE73 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
7c210690221ba26e927a608038e89875d2a3752d3d8ca668224ec699bff42167

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1177
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:48 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user-sync
sync.adkernel.com/ Frame A5A4 		828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3Ded4a94647a2ace32
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
c4e8ec8c897799d36fad7f231915adc3d14da8008eaed724a363c1da78b0de24

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
828
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 01:00:48 GMT
Server
nginx
csync
sync.spotim.market/ Frame E770 		43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=307971&extuid=AKPdkJk4iTC0COCr&traffic_source=snippet&session=85AD5D56E2433DB5&sp=860902&pb=283366&c=484122&a=307971
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:48 GMT
Etag
7c6e7f15a4ce5182
Server
Spotim
pv
api.btloader.com/ Frame 5311 		0
12 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=W7R6AE4cYQ&w=6597670024511488&o=5080945107927040&cv=2.1.28-1-ge480966&widget=false&r=false&vr=336x280&pageURL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&sid=R5hLoWkuQE&pm=true&upapi=true
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 5311 		190 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:48 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 29 Jan 2024 01:30:48 GMT
match
c1.adform.net/serving/cookie/ Frame 9F2F 		35 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 29 Jan 2024 01:00:48 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cookiesyncendpoint
sync.aniview.com/ Frame 999B 		0
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=1&key=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT
362358.gif
idsync.rlcdn.com/ Frame DB75
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBoAMvFQnDVHha_OLCcCIwQ&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBoAMvFQnDVHha_OLCcCIwQ&google_cver=1
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBoAMvFQnDVHha_OLCcCIwQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame D81B 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84cd8a552e5021c7-MIA
content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
um
u-iad04.e-planning.net/ Frame 51BA 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ed4a94647a2ace32&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:48 GMT
server
openresty
translator
hbopenbid.pubmatic.com/ Frame D367 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
setuid
elb.the-ozone-project.com/ Frame A78C 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84cd8a555e8f21c7-MIA
content-length
0
date
Mon, 29 Jan 2024 01:00:48 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
um
u-iad04.e-planning.net/ Frame 654A 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ed4a94647a2ace32&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:48 GMT
server
openresty
213077169
api.metricsamsi.com/v3.0/feeds/inventory/v1/ Frame 51F9 		46 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.metricsamsi.com/v3.0/feeds/inventory/v1/213077169?condition=new&sortBy=price&sortOrder=asc&imageno=1
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_lib/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.37.221.83 , United States, ASN393640 (ONLINE-TECH-LLC-IN1, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
4c06ffbb083ebc228db5369d6667b5681fa3360ff129347774fa64f7e1ac789a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://s0.2mdn.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:46 GMT
Server
nginx/1.14.1
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Referer
Content-Length
46924
template-subaru-300x250.html
web-assets.net/special-projects/dynamic-display/_template/ Frame 51F9 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-assets.net/special-projects/dynamic-display/_template/template-subaru-300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7177749377086128128/NFLS-NEW-300x250/_lib/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.255.196.113 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
web-assets1.metricsamsi.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
af41a65c63859678ca5f4267a537ffe01b7e66c361a1f7ed684f20f7bd16808f

Request headers

Accept
*/*
Referer
https://s0.2mdn.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:48 GMT
Content-Encoding
gzip
Last-Modified
Monday, 29-Jan-2024 01:00:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"648a2b56-2f69"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, no-store, no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Mon, 29 Jan 2024 01:00:47 GMT
dwktypejv72bnenp8y1s
images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/ 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/dwktypejv72bnenp8y1s
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-50.iad12.r.cloudfront.net
Software
Cloudinary /
Resource Hash
76bd6cdc8726b256d0867fba211f7a0bbbf05f64a65e1ebf060583857f260b19
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 02:48:22 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
3708747
x-cache
Hit from cloudfront
content-length
951
last-modified
Thu, 11 May 2023 10:14:12 GMT
server
Cloudinary
etag
"7b2097ff9331f062e142597b1f332e8a"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JdTyzZd72j9WH7EkY0AA5bY8SN-d-mR1dxRx8Au5Q1cvXCu7r-_4Tw==
dbbhapezrp1h2oxu63jx
images.spot.im/image/upload/c_thumb,w_25,h_25,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/c_thumb,w_25,h_25,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/dbbhapezrp1h2oxu63jx
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-50.iad12.r.cloudfront.net
Software
Cloudinary /
Resource Hash
7e5e2f05c7b8c6536202abd651c2dc1426e9d27bde27186ae060cf8b8a4ce68e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 01:47:47 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
2243582
x-cache
Hit from cloudfront
content-length
900
last-modified
Sun, 17 Sep 2023 03:16:39 GMT
server
Cloudinary
etag
"95e7a0d476192ede25b0b681b24ceb2f"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RczplGLYfBwpHJWcdJoeqJl4TdnOKWIRW5tLNFOKungP6kzExe5woQ==
fhkrmywtxkrg5hgqiuxq
images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/fhkrmywtxkrg5hgqiuxq
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-50.iad12.r.cloudfront.net
Software
Cloudinary /
Resource Hash
9ce80147e751fe5045274e0e38c21f0eb1d5282265ae86969437feee144de8db
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 14:45:02 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
10145747
x-cache
Hit from cloudfront
content-length
1145
last-modified
Thu, 11 May 2023 10:08:54 GMT
server
Cloudinary
etag
"f194ef9abdeabcc05c27ee7c2bd66911"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
h6jpJxhB46XsGpWyb_EKR8jU1bjwinlsaxZH0iOxv5tEVFDO-bTbZg==
x4tx2so4dswbiecykwuu
images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/ 		695 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/x4tx2so4dswbiecykwuu
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-50.iad12.r.cloudfront.net
Software
Cloudinary /
Resource Hash
92710e15b74c2987eabadba5e960bdf740b16be78e0179cd0cbbb8bf3377a784
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 20:04:19 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
20148990
x-cache
Hit from cloudfront
content-length
695
last-modified
Fri, 09 Jun 2023 19:59:52 GMT
server
Cloudinary
etag
"71833e9a9a5becdc16becf6d71f666e6"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
I45yFviamlb0TlziLzkQ1O9HVKF8LYoJjKiTrWVT1TzZ75H1zI4joQ==
openweb-symbol-v2.svg
static-cdn.spot.im/production/icons/custom/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-symbol-v2.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.92.2/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
a4LwvXxBiI2uL8zrMqiGV0xmsVieM496
content-encoding
br
via
1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 09:55:28 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
54517
etag
W/"09ba69b6c3a7136d63fe98562c0114af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
jKmKOK0vlkcfDAvpHNHkwwfyVuTRF7iAeCCPqKYgULJQ2EQMV_cv9Q==
openweb-text-v2.svg
static-cdn.spot.im/production/icons/custom/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-text-v2.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.92.2/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
tIeb0BF074BwTuW6cmg0uAMaxL6ImEvW
content-encoding
br
via
1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 11:52:01 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
47365
etag
W/"9fc6e633e804dd0fd3d6d352bac7c139"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
ZEFr8L8e0W6B3dMZ9WJwqAisNBLrmnQurNn9iw0uz5pwJxjHkPlkIg==
setuid
ib.adnxs.com/prebid/ Frame FE73 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=264943876892460233441
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
an-x-request-uuid
7e7c9f40-8a97-4b6c-b76d-35826acec715
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame FE73
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73&dongle=4430
Date
Mon, 29 Jan 2024 01:00:49 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame FE73
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=2686f86f-e79d-485e-ba10-74b2c691a418&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=2686f86f-e79d-485e-ba10-74b2c691a418&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=2686f86f-e79d-485e-ba10-74b2c691a418&dongle=d54f&gdpr=0&gdpr_consent=
Date
Mon, 29 Jan 2024 01:00:49 GMT
Connection
keep-alive
X-CI-RTID
9eb7723a-c933-4c9a-9204-0f4e1b163624
Content-Length
149
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame FE73 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.145.206 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-145-206.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:49 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame FE73 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.145.206 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-145-206.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:49 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame FE73 		42 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=264943876892460233441&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
last-modified
Wed, 10 Jan 2024 01:59:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AB0F01B6233B43EA8494B3A650895757 Ref B: MIA301000102033 Ref C: 2024-01-29T01:00:49Z
etag
"c5fcfc9c6843da1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame FE73
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAGDg07LbfEAABOt5hXgMg&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAGDg07LbfEAABOt5hXgMg&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAGDg07LbfEAABOt5hXgMg&dongle=bzwx&gdpr=0
Date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame FE73
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=16b780358e98141a&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAHJEC4Nl3DlAMHp6_aAAAAAAA&expiration=1706576449&is_secure=true&gdpr_consent=&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAHJEC4Nl3DlAMHp6_aAAAAAAA&expiration=1706576449&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAHJEC4Nl3DlAMHp6_aAAAAAAA&expiration=1706576449&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame FE73
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:48 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame FE73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=264943876892460233441
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
um
sync.e-planning.net/ Frame FE73 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=264943876892460233441&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:49 GMT
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame BB16 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame A878 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:49 GMT
Expires
0
Pragma
no-cache
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8754 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 19:47:42 GMT
x-amz-cf-pop
PHL51-P1
age
18788
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
G3V4WVmz96cFVsuFm31bHa43bJisGWFxMdoDgwQOUYRRh1S4ZFgv2A==
track
track4.aniview.com/ Frame 5AFC 		0
146 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track4.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=nypost.com&rs=nypost.com&sid=67399&t=1706490044&cip=38.132.118.73&sn=770&tgt=0&osv=10&bv=120.0&brn=Chrome&wi=728&he=409&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&d64=ca124b9151419b19b0ad986e6d2596ce&d63=ca124b9151419b19b0ad986e6d2596ce&aafaid=&proto=https&uid=1706490044009-172030175079-000676-010-006630&cha=0.7&stagid=&stplid=&d35=&d36=6.2.166&cb=74457843611&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd1=AR_3%23FMS_PS_1&cd2=11741-89554-88301&cd3=5192495&cd4=footer&cd5=11741-89554-88301%2C12756-90591-90592%2C12838-0-%2C13002-93668-0%2C12495-0-&d9=0000&d37=realtime&AV_WIDTH=728&AV_HEIGHT=409
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ Frame D367 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hadron.js
cdn.hadronid.net/ Frame 5311 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=471&sync=1&url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
4498
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
84cd8a588945497e-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
471
p.ad.gt/api/v1/p/ Frame 5311 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/471
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc769283a91e969cf3323c75c52ec249f568de7228836929a3b4ac73027a40c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 00:59:24 GMT
server
cloudflare
age
85
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84cd8a58f9eb0979-MIA
match
ids.ad.gt/api/v1/ Frame 5311
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&adnxs_id=569908430852131164&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&adnxs_id=569908430852131164&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a590f0f030a-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
an-x-request-uuid
9837ca20-4754-44e2-9a6e-f1d79184c7ff
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&adnxs_id=569908430852131164&gdpr=0
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/ Frame 5311
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001706490049-PIV1W3FA-T4HJ&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a58ff01030a-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=41e24d93-d54c-44df-8e10-335978a5e3ce&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
date
Mon, 29 Jan 2024 01:00:49 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/ Frame 5311
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001706490049-PIV1W3FA-T4HJ
  • https://ids.ad.gt/api/v1/pbm_match?pbm=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a593f56030a-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
date
Mon, 29 Jan 2024 01:00:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/ Frame 5311
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001706490049-PIV1W3FA-T4HJ&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&rub=LRY83WXS-13-DGE9&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&rub=LRY83WXS-13-DGE9&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a59aff8030a-MIA
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&rub=LRY83WXS-13-DGE9&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/ Frame 5311
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001706490049...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&tapad_id=509c862a-d03a-43aa-a731-974d8d72abf6
43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&tapad_id=509c862a-d03a-43aa-a731-974d8d72abf6
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a590f02030a-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&tapad_id=509c862a-d03a-43aa-a731-974d8d72abf6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/ Frame 5311
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&google_gid=CAESEC45vVvznuDSuIS9c9CqzKI&google_cver=1&google_ula=450542624,0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&google_gid=CAESEC45vVvznuDSuIS9c9CqzKI&google_cver=1&google_ula=450542624,0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a58feff030a-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ&google_gid=CAESEC45vVvznuDSuIS9c9CqzKI&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5311
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNjQ5MDA0OS1QSVYxVzNGQS1UNEhK
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNjQ5MDA0OS1QSVYxVzNGQS1UNEhK
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNjQ5MDA0OS1QSVYxVzNGQS1UNEhK
date
Mon, 29 Jan 2024 01:00:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a58fefa030a-MIA
content-type
text/html; charset=utf-8
ip_match
ids.ad.gt/api/v1/ Frame 5311 		0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a58fefc030a-MIA
content-type
text/html; charset=utf-8
colossus
ids.ad.gt/api/v1/ Frame 5311
Redirect Chain
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001706490049-PIV1W3FA-T4HJ&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-...
  • https://ids.ad.gt/api/v1/colossus?cls_id=4059c788-c609-458d-bd4a-2742a3475cda&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?cls_id=4059c788-c609-458d-bd4a-2742a3475cda&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a58fefe030a-MIA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:49 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
http://ids.ad.gt/api/v1/colossus?cls_id=4059c788-c609-458d-bd4a-2742a3475cda&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
beeswax_match
ids.ad.gt/api/v1/ Frame 5311
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGDg07LbfEAABOt5hXgMg&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGDg07LbfEAABOt5hXgMg&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a58ff00030a-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGDg07LbfEAABOt5hXgMg&id=AU1D-0100-001706490049-PIV1W3FA-T4HJ
Date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
prebid
ib.adnxs.com/ut/v3/ Frame F09B 		138 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f0b8f706f811b0675dafbc18d6c77c8d9d20604b004ea8f4de5c1b1ff2b5aaee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
an-x-request-uuid
81eb434b-9788-4f1d-a1ab-41669ba7e531
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F09B 		138 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f1d4cc21b90862eb5e90d2dcb8cf34d7bb42905b4dfc568b2c2749aeb7e2e6e0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
an-x-request-uuid
d39e9e5a-e739-4947-aea3-f5e62f235c0e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame F09B 		0
188 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.21.0&cb=57037160903
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
371.json
id5-sync.com/g/v2/ Frame 5AFC 		625 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
838312d6e09a84017197251351fe0da3e6a15289b96efefb6f200e2dbeb8829c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usersync
usersync.gumgum.com/ Frame C7E9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame C7E9
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
date
Mon, 29 Jan 2024 01:00:48 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame C7E9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C7E9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Date
Mon, 29 Jan 2024 01:00:49 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C7E9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
usersync
usersync.gumgum.com/ Frame C7E9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
content-length
0
um
sync.e-planning.net/ Frame C7E9 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=ed4a94647a2ace32&uid=u_409f2738-bb72-42b8-beec-9dce4873490b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:49 GMT
content-type
image/gif
user-sync
sync.adkernel.com/ Frame A5A4
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D629501%26t%3Dimage%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f257ba23ae0f%26bidder%...
  • https://prebid.a-mo.net/cchain/0/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=appnexus&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5O...
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-...
  • https://prebid.a-mo.net/cchain/1/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=openx&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAm...
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da...
  • https://prebid.a-mo.net/cchain/2/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=sovrn&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTAm...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%2...
  • https://prebid.a-mo.net/cchain/3/23905?us_privacy=1---&gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=index_rtb&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e...
  • https://prebid.a-mo.net/cchain/5/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=pubmatic&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5O...
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7-3d87-4da9-a246-f...
  • https://prebid.a-mo.net/cchain/6/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=amx_com&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OT...
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F23905%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D79ecc2e7...
  • https://prebid.a-mo.net/cchain/7/23905?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&bidder=adform&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0yMDI5OTA...
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=629501&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=629501&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3Ded4a94647a2ace32
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:51 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

location
//sync.adkernel.com/user-sync?zone=202990&dsp=629501&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
date
Mon, 29 Jan 2024 01:00:51 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
user-sync
sync.adkernel.com/ Frame A5A4
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3Ded4a94647a2ace32
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:49 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
an-x-request-uuid
7f6675b4-308b-4210-abf3-bbc367798afb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 5311 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Mon, 29 Jan 2024 01:15:49 GMT
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 29 Jan 2024 01:00:49 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
x-amz-cf-id
2hOOn1ONZW_gt2yTAu1E3dz-4inEas8MKxHckQk1p_m95kXdwHWjaA==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-87.phl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
1e3cc10ac384305708aef2c738472cfcca9a75d002610ab49c46cea39bed552f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
x-post-id
22800468
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
b285b3f2-e93f-49c6-b87c-554187f4a939
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfUFZlelZ6SG9aWEVRIiwiZGlzcGxheV9uYW1lIjoiUmVkR2xhc3NlcyIsInVzZXJfbmFtZSI6IlJlZEdsYXNzZXMiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjUmVkLUdsYXNzZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNzA2NDkwMDQyLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjQwMTI5N002TmRPLjFhMWY0NjA3NGY3MjBiNjI2NjNkYWZjNjQ4NDAyNWJlZGZmNmY1NTdmNjkyYWMxZmI2NWZlN2IzOTI0NGFlY2YiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTWFWcWRZV1ZIeXN6QzR5RG5JdWgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzM0OTEyMDQyLCJzdWIiOiJ1X1BWZXpWekhvWlhFUSJ9.ovscRX6d9pLUkBVvHqkeh6l6UZM9BhB_oV0ftXBtu_4

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
x-spotim-device-uuid
71f3befa-7111-46eb-8308-02c08342e2dd
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
x-spotim-token
012401297M6NdO.1a1f46074f720b62663dafc6484025bedff6f557f692ac1fb65fe7b39244aecf
x-request-id
d7b51da0-be41-11ee-8ab1-fe49dfce2dcc
x-guid
71f3befa-7111-46eb-8308-02c08342e2dd
server
fasthttp
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
x-amz-cf-id
_5tZFnEDnw-OCfUPFtV9HjyJuHeXrWXc4VgKZRbV3WQXTF9zQeKNhQ==
publishertag.prebid.136.js
static.criteo.net/js/ld/ Frame 5311 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 01:00:49 GMT
iframe
ssp-sync.criteo.com/user-sync/ Frame E20C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/iframe?gdprapplies=0&gdpr=&ccpa=pbs-ozone&profile=230&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${CRITEO_USER_ID}
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame 8754 		564 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-7.phl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
36bab294570db4ed4576a8c270f2e4c4ae9f8396323e37c39b3c818969832ad5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:37:01 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
age
1428
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
1O2BEP8bAvEc9skQ-uYfH7XYjRbpvOTQXu6HSYJykzkZ6lSij086kw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 8754 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnypost.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-227.phl51.r.cloudfront.net
Software
Server /
Resource Hash
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:46 GMT
via
1.1 94f18d69cd119572e1c08a4f8c671b16.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
age
2
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
5219
x-amz-cf-id
yV6gbh6OTly8MyOpZmhx-dVu3U3cqxahfStRtregTwb0kl_JzoCoIQ==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		148 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=0&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22videoF%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*P85EjihqZ25M2J6aXBMeOcBglLe88hPg0GsdeZKeEgmALUVPYqvLrhghQU9tcTrrgC7Bgn66ZGLhfxORw_-_yw%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
e29be4bb675b8ca322dd32a31f0e7e73a6dd62ebc9441d606431957b8ab5a65a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
148
x-amz-cf-id
zDuIGbjagrVA29LjpgmYm5Xwqt2T98ZQcPXI9FwT1185ZOhxbHLZjw==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		148 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=1&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22videoF%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*P85EjihqZ25M2J6aXBMeOcBglLe88hPg0GsdeZKeEgmALUVPYqvLrhghQU9tcTrrgC7Bgn66ZGLhfxORw_-_yw%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
9503a0da54eef175e9e0573d6955ef677372d91a8d9332cfc5ea27e9de2e7a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
148
x-amz-cf-id
PkbyoKD9YC8yYQ9KvwDmGZjCT3-2z9_EZazG9Ham6zep2FSNym6syA==
us
capi.connatix.com/core/ Frame DACB 		0
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=2&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=Pubmatic&tier=2&DemandPartnerUserId=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
84cd8a59fb6967b6-MIA
content-length
0
content-type
application/json
date
Mon, 29 Jan 2024 01:00:49 GMT
server
cloudflare
v1
lb.eu-1-id5-sync.com/lb/ Frame 5311 		33 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
1d1408715964c503484ca8b774679d353591c6e19d93c20961a1dfd9bbe14742
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
LOGO-OEM-SUBARU.png
web-assets.net/special-projects/dynamic-display/_dep/_img/oem/ Frame 51F9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-assets.net/special-projects/dynamic-display/_dep/_img/oem/LOGO-OEM-SUBARU.png
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.255.196.113 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
web-assets1.metricsamsi.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
65c3c8024901cde71f3e967ecec0b885eab89b88633cba8347fe952302bfd847

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:49 GMT
Last-Modified
Monday, 29-Jan-2024 01:00:49 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60ef38bd-2688"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
9864
Expires
Mon, 29 Jan 2024 01:00:48 GMT
9f923e64227940c097920f8a6693a26e.jpg
content.homenetiol.com/2002409/2188158/0x0/ Frame 51F9 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.homenetiol.com/2002409/2188158/0x0/9f923e64227940c097920f8a6693a26e.jpg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.168.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-168-123.bos50.r.cloudfront.net
Software
/
Resource Hash
b96decaf989b1ce9a25aebb1a03216b75329cdcaa398e90a1501a9df808b34a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 12:49:04 GMT
via
1.1 5bf4d747be36bbd75379552d7669c798.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 00:52:19 GMT
x-amz-cf-pop
BOS50-P3
age
303105
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
76889
x-amz-cf-id
xebAlKAq6W8TfgnHVLpKUFyHyqaARr04iMq9xXIoph9O9Ru0LkuLpg==
loader.gif
web-assets.net/special-projects/display-ads/_common/img/ Frame 51F9 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-assets.net/special-projects/display-ads/_common/img/loader.gif
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.255.196.113 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
web-assets1.metricsamsi.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cea0be3835ca4a23d85bf3e1f56794854223f0ab37eaabeadcd4ebc1edd169d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:49 GMT
Last-Modified
Monday, 29-Jan-2024 01:00:49 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60ef38d5-29a0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
10656
Expires
Mon, 29 Jan 2024 01:00:48 GMT
logo-nfls.png
web-assets.net/special-projects/dynamic-display/_dep/_img/dealer/nfls/ Frame 51F9 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-assets.net/special-projects/dynamic-display/_dep/_img/dealer/nfls/logo-nfls.png
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.255.196.113 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
web-assets1.metricsamsi.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
be71ec66bdbe661a0e934321caf64b177a1d0aaf10b6f56fbcf45a86a1ff90e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:49 GMT
Last-Modified
Monday, 29-Jan-2024 01:00:49 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60ef38bd-2548"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
9544
Expires
Mon, 29 Jan 2024 01:00:48 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5311 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=521768890325389&correlator=4452062197905696&eid=44809527%2C31079527&output=ldjh&gdfp_req=1&vrg=202401230101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=39694909%3A5850%2CReactions%2CReact-NYPost&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280%7C320x250%7C300x250&ifi=1&didk=4048260229&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Dbc514c59524b517a%3AT%3D1706490039%3ART%3D1706490039%3AS%3DALNI_MaQ32EVOhA20Tn0AJrZgPnoldgoHA&cdm=nypost.com&gpic=UID%3D00000dbac01c5f12%3AT%3D1706490039%3ART%3D1706490039%3AS%3DALNI_MYDp-IuTIeHZfmBZcRoolfm_PRBvg&abxe=1&dt=1706490049646&adxs=467&adys=7442&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=3t1veblojlo2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=nypost.com&loc=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&top=nypost.com&vis=1&psz=336x280&msz=336x250&fws=260&ohw=336&ga_vid=649758697.1706490038&ga_sid=1706490050&ga_hid=386814405&ga_fc=true&dlt=1706490043881&idt=2148&prev_scp=reactionsSpotId%3Dsp_Sx8YukwE%26abTestVersion%3DB%26assetGroupId%3Dtier1-conv3%26isSliding%3Dfalse%26isStickyAdUnit%3Dfalse%26pageViewId%3Db285b3f2-e93f-49c6-b87c-554187f4a939%26slot%3Drow1-column1%26source_version%3Dv22.10.0%26topSpotId%3Dsp_Sx8YukwE%26source%3Dreactions%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1689257402099-0%26is_vmhbmp%3Dtrue%26hb_override_id%3D7768905%26hb_buyer_id%3D1267%26hb_r_id%3D355bec9acf2a7a%26hb_site_id%3D10247%26hb_format%3Dbanner%26hb_deal_pubmatic%3DPM-TCPT-1819%26hb_deal%3DPM-TCPT-1819%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D69d51f797f277a9%26hb_bidder%3Dpubmatic%26excl_cat%3DPREPOST&cust_params=iiqstate%3Dna%26amznbid%3D0%26amznp%3D0%26hbmp_loc%3Dhttps%253A%252F%252Fnypost.com%252F2022%252F06%252F24%252Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%252F&adks=3792362235&frm=23&eo_id_str=ID%3Dbf94e68088bb323a%3AT%3D1706490039%3ART%3D1706490039%3AS%3DAA-AfjZb3bL6Ey55inWTB2XlfGXD
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b536fccc232804e058d4102b022fcb7829ce7711e91a84822fd317c5c16c6273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12380
x-xss-protection
0
google-lineitem-id
6063787677
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138398716273
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5311 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401230101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdb6868c9a2f0853efbb919dad7a68ad4048c721e5f94984a0aac2510d9e7c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12282
x-xss-protection
0
container.html
191e40e306f6fc5816cb2e4c9fa76d3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B8D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://191e40e306f6fc5816cb2e4c9fa76d3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:49 GMT
expires
Tue, 28 Jan 2025 01:00:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event.png
tpsc-ue1.doubleverify.com/ Frame B697 		0
291 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=f174604e4f4040d78b1f22ed259fc03a&flavor=0&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&pltm=1&pltn=1&pltd=53&ee_dp_btreg=555342950955804760735&ee_dp_btros_64=3&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_btros_32=0&ee_dp_btros_8192=3&ee_dp_tskt=ctdetms%2C678%2C11%3Biabletms%2C702%2C3%3Biadletms%2C705%2C0%3Biadcetms%2C706%2C2%3Bialeetms%2C708%2C4%3Bicifdetms%2C712%2C0%3Btsetms%2C660%2C41%3Bipvietms%2C673%2C3%3Bprvietms%2C660%2C30%3Bfvietms%2C689%2C12%3Bpovietms%2C701%2C0%3Bimaetms%2C678%2C23%3Biesuimestms%2C660%2C18%3Bsrbf%2C0%2C1%3Bal64%2C819%2C6%3Bal65536%2C830%2C1%3Bal32%2C831%2C9%3Bal128%2C841%2C2%3Bal8192%2C844%2C1%3Bal8%2C846%2C0%3Bal256%2C846%2C0%3Bal65536%2C2118%2C0%3Bal32%2C2132%2C4%3Bal65536%2C3301%2C1%3Bal32%2C3306%2C5&ee_dp_asmm=1&vdur=533&eoid=23&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5308&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=12&msltms=226&vltms=533&sei=290&vetms=1091&tuviims=704&tuviems=2328&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=2&sim=3&msrcanlm=8648&msrcannum=4&ee_dp_tmads=3261&ismms=163&isumms=163&nvr=2&isgmmims=163&isgmv4mims=163&elmtp=3&isbxdms=3160&b0=3097&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3097&sftb=3097&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=161&dvp_hdnAd=0&dvp_dpr=1&vstsz=756&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=4898
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5308.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://nypost.com
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:49 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-28T01:00:49
truncated
/ Frame 51F9 		294 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8546dca198c2eed45f01ae6f108d32cc575b32fc8e0bd498d1db0d6a1e2078e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 51F9 		428 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f702e12e31ed24c90737717db4b4bd10ab860fa69b965f1f377a0e02c4507177

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
khaos.json
token.rubiconproject.com/ Frame 1AF9 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
usersync
usersync.gumgum.com/ Frame 2C65
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 29 Jan 2024 01:00:49 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usync.html
eus.rubiconproject.com/ Frame 1E78
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:50 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame 392C 		170 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80MDlmMjczOC1iYjcyLTQyYjgtYmVlYy05ZGNlNDg3MzQ5MGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 563D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Ded4a94647a2ace32%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Mon, 29 Jan 2024 01:00:49 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
server
Kestrel
usync.html
eus.rubiconproject.com/ Frame F233
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel
  • https://eus.rubiconproject.com/usync.html?p=adkernel
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adkernel
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3Ded4a94647a2ace32
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:49 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=adkernel
server
AkamaiGHost
prebidjs
rtb.openx.net/openrtbb/ Frame D367 		53 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
75302bc644ec0e51a52a8c6a1819aeec4fba2b4097cc4c1aa2db8cb36165d9e6

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=&loc=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[UID]
  • https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a5dfbf521c7-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-110
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2B38 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=163238&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
prebidjs
rtb.openx.net/openrtbb/ Frame D367 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
0ca54808e1ce31c61d95c6b3af3d26f46d33731630500e271d411c0798e6994c

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
us
capi.connatix.com/core/ Frame 4838 		0
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=2&UserId=fcbe1cca89d74a54a114006b7671810e&DemandPartnerName=Pubmatic&tier=2&DemandPartnerUserId=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dfcbe1cca89d74a54a114006b7671810e%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
84cd8a5c2e9e67b6-MIA
content-length
0
content-type
application/json
date
Mon, 29 Jan 2024 01:00:49 GMT
server
cloudflare
tag
btloader.com/ Frame 8754
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0e4ecd3f80ce3a3b4d1c05dd1909e84fc20ca807d8eddfc4bf68faa999fadb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 00:02:56 GMT
server
cloudflare
age
3289
etag
"a403415c92df24a87c9bd59504a36a7a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
84cd8a5ee9de02ed-MIA
content-length
18015

Redirect headers

date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
3289
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=nypost.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
84cd8a5e088702ed-MIA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 8754 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 29 Jan 2024 01:15:49 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 8754 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 14:03:41 GMT
content-encoding
gzip
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
39429
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ffRhaw--V2LqPalxYgxqt1jdbwjyC28BqygvBI9CYRgpx6ROVKmmfw==
ima.js
cdn-ima.33across.com/ Frame 8754 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec073870edc9ab414dd4af71dd1e0479278446b8d695af3e2526548da56a0045

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 20:10:43 GMT
server
cloudflare
age
368802
etag
W/"65b01d43-3c22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84cd8a5bb86d7434-MIA
expires
Thu, 01 Feb 2024 01:00:49 GMT
hadron.js
cdn.hadronid.net/ Frame 8754 		55 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&ref=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&_it=amazon&partner_id=471
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
4498
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
84cd8a5bbf22497e-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 8754 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
J52V4KDNC3S0G40G
age
77
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84cd8a5bb8714c1b-MIA
x-amz-id-2
0sGZS9MPH/9Q/q9fVKSDYBsKOt6Q7pJYOBgHseHPdLRtz30rL+shC2QInjaVZ5beEfze/nJFzqYjemPO6ccSOA==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 8754 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 29 Jan 2024 01:15:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5311 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 01:00:49 GMT
events
bidder.criteo.com/csm/ Frame F09B 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
config.json
player.adtelligent.com/exchange_rates/307824/ Frame 9249 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c745e232868c0c75ac8eea929d13426bf123ca2139ee22dbf69932f2dc1d03b7

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

expires
Tue, 30 Jan 2024 01:00:50 GMT
date
Mon, 29 Jan 2024 01:00:50 GMT
content-encoding
gzip
last-modified
Sun, 28 Jan 2024 00:02:46 GMT
server
nginx
etag
W/"65b599a6-83b"
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
max-age=86400
x-proxy-cache
HIT
iu3
s.amazon-adsystem.com/ Frame 9854 		318 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5b416f96c91253d71afcb702ef67e0082fe461f1afe9468209ebde926e36eeeb
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
318
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 29 Jan 2024 01:00:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0QRHSQ1CYF75R0CPEA3T
um
sync.e-planning.net/ Frame 1AF9
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LRY83WXS-13-DGE9
  • https://sync.e-planning.net/um?uid=LRY83WXS-13-DGE9&dc=9bcc91305985f0db&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=LRY83WXS-13-DGE9&dc=9bcc91305985f0db&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DB5%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:49 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.e-planning.net/um?uid=LRY83WXS-13-DGE9&dc=9bcc91305985f0db&iss=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08401febecfa1b1a0c0270265f29df4
Expires
0
analytics.js
www.google-analytics.com/ Frame 5311 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/471
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 23:16:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6249
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Jan 2024 01:16:40 GMT
v3
id5-sync.com/gm/ Frame 5311 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
fc7aeee94b779381d3366ea724184de3837a5b865e2debf79abd918494f68126
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
collect
a.ad.gt/api/v1/ Frame 5311 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
cf-ray
84cd8a5e1e638d9a-MIA
getpixels
pixels.ad.gt/api/v1/ Frame 5311 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=ed1c27501361531ed1227b7a8faf0614&url=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&code=%27none%27
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84cd8a5e58fd1283-MIA
content-type
text/html; charset=utf-8
v1
prg.smartadserver.com/prebid/ Frame D367 		0
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.131 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:49 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame F233 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adkernel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adkernel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:50 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76176
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490050228&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=2&d5=3&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:10 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		148 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=2&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22videoE%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*XCYF6UuCJgkvMN_9P_tfXqOI1dDfGlKHs4NcHvF2U26ALdcZJJtVZ0p_koTv8sFygC6EAAdm4Jizl-AAtpKwpA%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
526f38c6eb5b004c739cd504f8cec80c2f54955da708da15a5d057a35d0a744c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:49 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
148
x-amz-cf-id
HGhzP5unFthBF821sFH8qv0CLH_E6VFem4lCE8V7bgNec0xJ17hnHA==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		148 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=3&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22videoF%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*XCYF6UuCJgkvMN_9P_tfXqOI1dDfGlKHs4NcHvF2U26ALdcZJJtVZ0p_koTv8sFygC6EAAdm4Jizl-AAtpKwpA%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
3c1d8de13034d11be4115df3e2609321a9e84eb3705e0a78ea91dd4ef5a634e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
148
x-amz-cf-id
81L79hOz5MGR83DTDkZCEwoBqejSk8uzF2nvPcQGdVBMEc1lt3mC-A==
user-sync
ms-cookie-sync.presage.io/ Frame 3CA7 		0
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=undefined&pubmatic_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-26.phl51.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 01:00:50 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
lxlmm7AOkkvv9uEzbyOV3HT8jSf0HTS6dh25w9SOK4Nja304GbT69g==
X-Amz-Cf-Pop
PHL51-P1
X-Cache
Miss from cloudfront
X-Powered-By
Express
/
ghb.adtelligent.com/v2/auction/ Frame 9249 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e4a813685d9fba0d4c9f75f5bdedbd428cf733282d9ad223bdab9f6a54088f7f

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Jan 2024 01:00:50 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
828
ROS
pbjs.e-planning.net/pbjs/1/2e43c/1/nypost.com/ Frame 9249 		336 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2e43c/1/nypost.com/ROS?rnd=0.7874931229752922&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fnypost.com&pbv=7.54.8&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=119c1926-8588-48c6-9440-5ecb572a49e4
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
a18121438486c4e027610b6e4da91b1e824a1fdaf37306b04734f6976e933078

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

expires
Mon, 29 Jan 2024 01:00:50 GMT
date
Mon, 29 Jan 2024 01:00:50 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.safeservingcdn.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
336
x-sid
IAD-1220
cdb
bidder.criteo.com/ Frame 9249 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.8&cb=41475663267&lsavail=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Mon, 29 Jan 2024 01:00:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
rtb.adxpremium.services/openrtb2/ Frame 9249 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e2980aed9f1bb7626df8f2460799dc3017e48f4d989113a0d0a03d4d70e36ec6

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:50 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1917
Expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 9249 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
84a1f0707f9579a043ec2090b2e6211b53c13ac984f4a99971a89b85ea82c8c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
an-x-request-uuid
eb943634-d979-41aa-85a9-a9c6f3c1c34e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 9249 		0
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
usync.js
eus.rubiconproject.com/ Frame 1E78 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:50 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76176
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpb...
  • https://elb.the-ozone-project.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=OPTOUT
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=OPTOUT
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a5f4e6821c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=OPTOUT
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
etag
OPTOUT
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 481D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKyXbLDFe4XQtTmPbab5iMgNfZIA1BNQUfbeFome_aoLfMMuM9XaNctQ6Zexjw11uwtvDFnGRi18Fw3RUOVuT6RbPlhZ_9sAZ0Ogl-9qHXApxTsTq_7F8oz-0ZMvccfvgsSCJHLtBzmxB0U773DSfxL9hFebMqjITx8Q82WAnUC3Hb-L34WCub6Z0JXJatAZXBpW7rm_KQkYsTnU1oPOsq91Va8onwDPZIJNF0Kg2-io35dS42uhWPXkwuXRsUJzagDlxHpJ6neroQwfgT3Ow5fbgEtNd7c4zbotrMM3nqWnaLiHq62gnKM-e1xzM-bzmgR_mc_tkX3ENNeXasNCE7fJj-6OAm3mhcOj8AdY9TViLUkH61DJOg&sai=AMfl-YRyTCdSxl6m1vgYfGrHvOL9DF685jQgV9tsdHKmS0FRrWo91E-qTP72-TNZioJwpg3gdmicsMHuyNb8UUb8MJNMJwCpp-MF6eZ6OUMsDHCMZF-w5j0C3Q5MN2WJ1OY&sig=Cg0ArKJSzHIrsiz1nJwFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ajs.js
cdn2.decide.dev/_js/ Frame 481D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.decide.dev/_js/ajs.js
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b200:3:7df3:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
571b06d1913de139d860b755ded1b677f7bae6a45ddd2c30393fadc8e8720279

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 14:20:59 GMT
content-encoding
gzip
via
1.1 google, 1.1 55d59f6fe20d812e375923d2e18ac7fc.cloudfront.net (CloudFront)
last-modified
Fri, 26 Jan 2024 22:19:14 GMT
x-amz-cf-pop
PHL50-C1
age
38391
etag
W/"1675-18d47db0cfc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
hjM3SwWjv75SOegjevddC2PrqlwNNYqTmjCjjO0qJGcXjZ3Dmh7poQ==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 481D 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 01:00:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 96D9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
22033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 18:53:37 GMT
expires
Mon, 27 Jan 2025 18:53:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CFA5 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7ae1265f417d287f18712769b7d025e10ad640f95611b6899ed3844ab3c55df1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TXc4CDyKDe21Ds0IM3lm5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TXc4CDyKDe21Ds0IM3lm5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:50 GMT
expires
Mon, 29 Jan 2024 01:00:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3031 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.175 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-175.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 29 Jan 2024 01:00:50 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 30 Jan 2024 01:00:52 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
X-Check-Cacheable
YES
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 8754 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 29 Jan 2024 01:15:50 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ Frame 5311 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 29 Jan 2024 01:03:18 GMT
ec.js
www.google-analytics.com/plugins/ua/ Frame 5311 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
1569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 29 Jan 2024 01:34:41 GMT
pr
s.amazon-adsystem.com/v3/ Frame FFC5 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a8fdc99d128e2ef2323bda791924d5cf44cd54fc8185e59fcf5fc76ab3b07be9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1409
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 29 Jan 2024 01:00:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3EBW82BHEDG5WF5M23X0
cdb
bidder.criteo.com/ Frame F09B 		0
188 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.21.0&cb=73619105234
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
urlsvid.json
vpaid.vidoomy.com/sync/ Frame C8A9 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Mon, 29 Jan 2024 01:00:50 GMT
content-encoding
gzip
x-age-lb
216188
x-amz-request-id
tx00000338a9d38d48655a4-0065b3ac46-2bbae03-prg
x-77-cache
HIT
x-amz-storage-class
STANDARD
x-accel-date
1706273862
x-77-nzt
AyUTzgQ3Nzf/fEwDALk73xQ3NzexWbu8qRkRtwA
x-accel-expires
@1707310662
x-77-age
216188
x-cache-lb
HIT
last-modified
Tue, 26 Dec 2023 20:45:55 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
atime:1703619207/ctime:1703619207/gid:1000/gname:federicoi/md5:d0bbf411bc053227f208739885ca90c0/mode:33204/mtime:1703619207/uid:1000/uname:federicoi
etag
W/"d0bbf411bc053227f208739885ca90c0"
x-77-nzt-ray
8e305f1c655467dac2f8b665a4e6732e
vary
Accept-Encoding, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
timing-allow-origin
*
pd
outbrain-d.openx.net/w/1.0/ Frame 5146 		731 B
905 B 		Document
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e9826aee1d647cb345ef53bee7a8f0c0667bba32732b19c11220802f32f99b08

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
458
content-type
text/html
date
Mon, 29 Jan 2024 01:00:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a60d86e21c7-MIA
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Date
Mon, 29 Jan 2024 01:00:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame FFC5 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame FFC5
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=59948840237444FFB186652355CB1705&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=59948840237444FFB186652355CB1705&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GNDY9GMCZRAQ3FDSA9PH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=59948840237444FFB186652355CB1705&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 28 Jan 2024 01:00:50 GMT
ecm3
s.amazon-adsystem.com/ Frame FFC5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-4949403a-4567-4413-86a8-64a4...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VD1MW6Q8R17NDJW4DETR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
date
Mon, 29 Jan 2024 01:00:50 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame FFC5
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e0d9f86852vuzd500lry83yic
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e0d9f86852vuzd500lry83yic
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FS5P5BFQJEXJ7756FAQX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e0d9f86852vuzd500lry83yic
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame FFC5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FGMyRixu_DgVHyivxn3d
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FGMyRixu_DgVHyivxn3d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NW3H3H6NBHS2QKTWT0SC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FGMyRixu_DgVHyivxn3d
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
px.gif
ad-delivery.net/ Frame 8754 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2644047
x-guploader-uploadid
ABPtcPptM6FyMzPanO47L8cyZ5GSFsFP0EqV4-X5T5HR9glMDU47R21ZpDkQ-uFS0rXqwODtJg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhTc4CWBYhLAKzB6WT7DNU1R1gFPAVK8RUFwlyqsRKppUQgKJleftox8vRY%2F7mstSltNPnr%2FJNAP4MbfS9dA6Ksvoeziopb6HWwwCVWlJwEjerhfQma4go2kfd8lckRxaBd%2FBiW607oauXDkIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84cd8a606c054c08-MIA
expires
Fri, 29 Dec 2023 10:59:25 GMT
favicon.ico
ad.doubleclick.net/ Frame 8754 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 06:52:02 GMT
x-content-type-options
nosniff
age
65328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1078
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 06:52:02 GMT
state
api.btloader.com/mw/ Frame 8754 		0
11 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame 8754 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.055266639123467964
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2644047
x-guploader-uploadid
ABPtcPptM6FyMzPanO47L8cyZ5GSFsFP0EqV4-X5T5HR9glMDU47R21ZpDkQ-uFS0rXqwODtJg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkXUJ4sYGQBAsYGFLT%2F7u8HzEvqwEpBBKf8id%2F9tpoBVsqdI2xjLPX%2BlMy5x3mrUCcAjv9dMZMffdEVin%2Bf8ueA9VDi%2BnSUFRnbSEdQahQwrFNXqkTrZ32DICYa21pqp3UYHpUZL4p5Oq%2Bbiwg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84cd8a606c084c08-MIA
expires
Fri, 29 Dec 2023 10:59:25 GMT
envelope
lexicon.33across.com/v1/ Frame 8754 		42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003HljHyAAJ&src=aps&ver=1.4.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
truncated
/ Frame 481D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76c2b4849202df6cfd0f798cd586991febb7d7d98d9dda670d46a076596590a9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
khaos.json
token.rubiconproject.com/ Frame F233 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 80B9
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2405212159101885593&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2405212159101885593&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1TGAV5WNM78HNCW17Y35

Redirect headers

content-length
0
date
Mon, 29 Jan 2024 01:00:50 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2405212159101885593&gdpr=0&gdpr_consent=
amazon
ce.lijit.com/beacon/ Frame 9C2F
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-onetag_n-simpli.fi_rx_n-baidu_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-54-235.compute-1.amazonaws.com
Software
/
Resource Hash
b66db4a9b996d1f1deac389993724c48955eb104509e82d165d44d07571c35fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
522
content-type
text/html
date
Mon, 29 Jan 2024 01:00:50 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding, User-Agent

Redirect headers

content-length
110
content-type
text/html
date
Mon, 29 Jan 2024 01:00:50 GMT
location
https://ce.lijit.com:443/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
server
awselb/2.0
events
bidder.criteo.com/csm/ Frame F09B 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
khaos.json
token.rubiconproject.com/ Frame 1E78 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 8754 		190 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 29 Jan 2024 01:30:50 GMT
async_usersync
ib.adnxs.com/ Frame 3031 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
an-x-request-uuid
08ecd5f2-bd68-4fc9-870b-5a585aa7a69a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CFA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401230101&jk=521768890325389&rc=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490050737&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=3&d5=3&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:10 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		125 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=4&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22videoF%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*XCYF6UuCJgkvMN_9P_tfXqOI1dDfGlKHs4NcHvF2U26ALdcZJJtVZ0p_koTv8sFygC6EAAdm4Jizl-AAtpKwpA%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
10315920cbfa99ae792d75c86c132a018e54f17102df25cab0ccaad9dee8a6fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
125
x-amz-cf-id
jHfEvem567KjcjOZBYMGkOheJ4LDibX7DUlfZSc8c31enHCSB4smEg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		125 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=5&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*XCYF6UuCJgkvMN_9P_tfXqOI1dDfGlKHs4NcHvF2U26ALdcZJJtVZ0p_koTv8sFygC6EAAdm4Jizl-AAtpKwpA%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
a964e8934c53b07937e59ceea38d808af63b9cfd445d58bcaba61930870e171d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
125
x-amz-cf-id
Ww7nwDfXUUJMiNpTBMIlLwZJugAGsAD_pYiCZ9TsBb7ik0_1QUFbVw==
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://b1h-euc1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D0%26gdpr_consent%3D%26us_priv...
  • https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a644e1d21c7-MIA
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:51 GMT
Content-Type
text/html; charset=utf-8
Location
https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
178
Expires
Thu, 01 Dec 1994 16:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 96D9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
54440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 09:53:30 GMT
g.pixel
aa.agkn.com/adscores/ Frame 5146 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=6357c2e7-4cd5-482f-9711-81a1b5e74228
Requested by
Host: outbrain-d.openx.net
URL: https://outbrain-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-26.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://outbrain-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 0112af6219abab80a1c298e0563cf966.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
PS153K7NZXgGaYSHfZEnLSfPG1-HubrEGp84e4aiNRdW2midhjWB3A==
expires
0
/
bpi.rtactivate.com/tag/ Frame 5146 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=50019&user_id=e1fa0966-dc91-41c2-9bf8-2222c7d9b5df
Requested by
Host: outbrain-d.openx.net
URL: https://outbrain-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.144.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-144-39.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://outbrain-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
37274
stags.bluekai.com/site/ Frame 5146 		62 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=58c17a3f-366e-4e3f-87a4-920fae71b0bd
Requested by
Host: outbrain-d.openx.net
URL: https://outbrain-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.109.53 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-109-53.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://outbrain-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 29 Jan 2024 01:00:51 GMT
content-length
62
bk-server
48d5
content-type
image/gif
709996.gif
id.rlcdn.com/ Frame 5146 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: outbrain-d.openx.net
URL: https://outbrain-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://outbrain-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 5146
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=d378b713-1b81-5688-0a7a-46d810ec90cc
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=03ewmqp3qg3hw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=03ewmqp3qg3hw
Requested by
Host: outbrain-d.openx.net
URL: https://outbrain-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://outbrain-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=03ewmqp3qg3hw
cache-control
no-cache
cf-ray
84cd8a62291b3353-MIA
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 5146
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=vC4MldVUXx1-4THjD_zAjiaEdkk
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=vC4MldVUXx1-4THjD_zAjiaEdkk
Requested by
Host: outbrain-d.openx.net
URL: https://outbrain-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://outbrain-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=vC4MldVUXx1-4THjD_zAjiaEdkk
Date
Mon, 29 Jan 2024 01:00:50 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 8754 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Mon, 29 Jan 2024 01:15:50 GMT
15261875772562278
decide.dev/lad/ Frame 1BD1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://decide.dev/lad/15261875772562278?pubid=ld-5018-4415&pubo=https%3A%2F%2Fnypost.com&rid=&width=300&path=%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&x=0&y=0
Requested by
Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.139.149.34.bc.googleusercontent.com
Software
/
Resource Hash
f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1342
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 google
pbscookie
a.vidoomy.com/api/rtbserver/ Frame C8A9
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=460bad56-ba86-4057-96df-cd3eb47a1283&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=460bad56-ba86-4057-96df-cd3eb47a1283&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:51 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=460bad56-ba86-4057-96df-cd3eb47a1283&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
cookie
a.vidoomy.com/api/rtbserver/ Frame C8A9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRY83WXS-13-DGE9&gdpr=0
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRY83WXS-13-DGE9&gdpr=0
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:51 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRY83WXS-13-DGE9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
cookie
a.vidoomy.com/api/rtbserver/ Frame C8A9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_ed40bd2c-f36a-4e4a-860e-5e326e0cd80a&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:51 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Date
Mon, 29 Jan 2024 01:00:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
user-sync
sync.adkernel.com/ Frame F233
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adkernel&us_privacy=1---&khaos=LRY83WXS-13-DGE9
  • https://sync.adkernel.com/user-sync?dsp=84&t=image&uid=LRY83WXS-13-DGE9&us_privacy=1---
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=84&t=image&uid=LRY83WXS-13-DGE9&us_privacy=1---
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3Ded4a94647a2ace32
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:51 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.adkernel.com/user-sync?dsp=84&t=image&uid=LRY83WXS-13-DGE9&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 9C2F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=IEdcARZHXsIbyiq9SwayWrz3&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
97H77Z7Z9KTZD8F15H0W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 9C2F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
18.233.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-54-235.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:50 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 9C2F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=H8rkIRuldlvq&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=H8rkIRuldlvq&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
18.233.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-54-235.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=H8rkIRuldlvq&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
merge
ce.lijit.com/ Frame 9C2F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=210aed4c-1290-40df-ade0-996605a0ba01
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=210aed4c-1290-40df-ade0-996605a0ba01
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
18.233.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-54-235.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=210aed4c-1290-40df-ade0-996605a0ba01
date
Mon, 29 Jan 2024 01:00:51 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
ssc-cms.33across.com/ps/ Frame 9C2F
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://cs.krushmedia.com/42e07a438e71ad07eabd104f7c353355.gif?puid=14839fa2-63c1-53df-8bec-a8ea01ed3fd6
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcs.krushmedia.com%2F7fd23a3f0217f27d6c9750c140876344.gif%3Fpuid%3D%24UID&uid=$UID
  • https://cs.krushmedia.com/7fd23a3f0217f27d6c9750c140876344.gif?puid=264943876892460233441
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002ZoRYhAAN&ru=https%3A%2F%2Fcs.krushmedia.com%2Fbab275f2c431a4602c12e1d489dd0838.gif%3Fpuid%3D33XUSERID33X
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002ZoRYhAAN&ru=https%3A%2F%2Fcs.krushmedia.com%2Fbab275f2c431a4602c12e1d489dd0838.gif%3Fpuid%3D33XUSERID33X
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:51 GMT
server
33XP020

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:51 GMT
Server
nginx
Location
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002ZoRYhAAN&ru=https%3A%2F%2Fcs.krushmedia.com%2Fbab275f2c431a4602c12e1d489dd0838.gif%3Fpuid%3D33XUSERID33X
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame 9C2F
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
43 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
18.233.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-54-235.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:50 GMT
server
Kestrel
content-length
223
generate_204
tpc.googlesyndication.com/ Frame 96D9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?azClWA
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dc.js
stats.g.doubleclick.net/ Frame 1BD1 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: decide.dev
URL: https://decide.dev/lad/15261875772562278?pubid=ld-5018-4415&pubo=https%3A%2F%2Fnypost.com&rid=&width=300&path=%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jan 2024 00:25:33 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2118
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17093
expires
Mon, 29 Jan 2024 02:25:33 GMT
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490051022&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=4&d5=4&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:51 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:11 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		103 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=6&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*XCYF6UuCJgkvMN_9P_tfXqOI1dDfGlKHs4NcHvF2U26ALdcZJJtVZ0p_koTv8sFygC6EAAdm4Jizl-AAtpKwpA%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
e45cff4bee80ec959543e36de9c2071beba5c8f562288eefe1e53e5a38f67f19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:50 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
103
x-amz-cf-id
A3Ist1a9_pzh0EWjdCuY8J0UAQGedAuRje3fxMwqPjlp5Acxvxp-nQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 481D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXK8_xBBIfQ366dJOFo4jEs5tSDdIqo2NxkK8PB4qIUmg1EgnGXUN2OJ3iadTC5B1JAQFzGISd6h0B7ZXYW1bQTRCsWRTAjauTgWQpQmY-K_pWnV8cfEzBItliAikwCRANU8MmLxffDsH6Z-GPtvgksqVqKm11fA6bcXTcticLZwXvGYIq3yvUQfP9QD9SfBFVw4UzK4l48qZ-uU0V5QCQ3IuX0zHyih-X6MfYNeTBq42oPY5qT-YWeAnVMlQ8L-EZhHQS3Ic0Z0ALZL2vQ_FeqhJ5BJH4rix4k6GIXMBQrqVOWKtvQ3lIDHSh29z4MUn5P6k-I5kkH0kifTs5mpF2aO2D8qBEa0OrrF2G4VF1Rh_xLi0G0A7AE-Y&sai=AMfl-YRuMoxNTnKCGYzS97lLYBel-UJItIYcIBk7M-z3GTGd2mzMh0mTA1kZuXNr8pf-pE3ETYZyayIx10g1IirXVdMiZvKeo2fmeu6kCCeq3msJcUGgrzDzZ2PLR8PobDE&sig=Cg0ArKJSzO8SHQiRYVNQEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 29 Jan 2024 01:00:51 GMT
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_pri...
  • https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a65b8ac21c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940
date
Mon, 29 Jan 2024 00:59:09 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 29 Jan 2024 01:00:51 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 5AFC 		11 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
multitracking
sghb.spotim.market/adunit/ Frame 5311 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/efmgc/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nypost.com
Date
Mon, 29 Jan 2024 01:00:51 GMT
Access-Control-Allow-Credentials
true
Server
Spotim
Connection
Keep-Alive
X-Robots-Tag
noindex
sodar
pagead2.googlesyndication.com/pagead/ Frame 5311 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401230101&jk=521768890325389&bg=!AAOlA0zNAAa8BdJLnAU7ADQBe5WfOLhy21Xm1LwfeWNWV9t4-FTiigCxzUdkjya9Ea4c86E8VxHqX1feIch76j8TeiVWAgAAAJJSAAAABGgBBwoAaVMLQj4x1-VPHBOJWgBN3Xli0CYqDF4nDQMLZxjxPE04Dibu6TsCFu8BwCllN82dp0VkE8u35ePzLZush5c3ui0PDlBl_OcumS-eQm8P4AZK4QOrZz6dZIueWw-rDfqCjS1yvn4okX7RiZkCy5xxPI1mFw7lvHdldI69QsikkJWhoLWjWPsFObtec4TkeBOw6nkJGXOl_qxSDIYlqe8SJkLAFyGGp-Yvkadrr43RgLo_TnmYzdeEISTLr0IqfxbYqIz9wc2omVVQZ44eXFfMWnYEOg7Y59U2yulKlL6l7F_HkDKsFpc9RAC6oGG7zbdUq1lWW6uuVroe22bFfllwl_hzICbaq5cRjDjqw6qzjKMR1FNRs5-kY8oLu69lWnFB_2PLJmZ4PcaOQ_Hnzf4yCpd4nsfRuKvzEgLIRKsrk1nzRMFN1xpJRKazg6qXtJNcvD94kFqJZiXmmC0zP0ev4e6AgExgkNHZH_9vj13rxOCdgbFe7MkkBXsEI2YKKhUBdZkt8r5YQHRt5C0WVMybffW4gqX7Xd8GoM1QGNUhilC9zHJa9NpYArpSF7axvKpQ5N9zuX4IpFjz7yKhnhC5R54DUyVsqmM7MUtrYC0fxAVXx3GUlgGRR5rtei7xWPLEoDChV7ChlxwMveV2o085Phi23v4HcalUG2BXSqBfd1bMZM9WqS8WFt7NZ_uH-XrGIjSoSiTitp1WAlp979yDHESL0FySd4WEjbg2QGzsYrF-A__Ipu5yJ1HoR0toWpFc_ClDo-AR5sYa8FkOrPOHQO_rWwEbulb9cjdSuBM3DR2aUlX8OPKBpAXW55tNtQTgyudNOSdkG5FFZXWafqY6HxAZppQdLAPRe16LfBaoevoBukhYvflzYPnNjkmJ3Iv5QE4tAqz-kxc9be1pObrlFJV3TDnHeYdisuklmimxAMYucKnd3WA3URzoZa2rb5O-SIzYhTnt0yrkIDiiQXee-QCVE5I668_fiAJjyVzR9aqdoPop6i-PhPZyPGej5gIr80SBUsoLZeMrj6r4A6TKapKHbT6nlDExf0c6h99vpxidfLyo_V1x-LIoFxfYOFkDPnMYxb8XiIQ
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?uid=AAGDg07LbfEAABOt5hXgMg&bidder=beeswax
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?uid=AAGDg07LbfEAABOt5hXgMg&bidder=beeswax
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a6689e321c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?uid=AAGDg07LbfEAABOt5hXgMg&bidder=beeswax
Date
Mon, 29 Jan 2024 01:00:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
csync
sync.spotim.market/ Frame 7667 		43 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=570607&a=281178
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D570607%26a%3D281178
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:51 GMT
Etag
7c6e7f15a4ce5182
Server
Spotim
csync
sync.spotim.market/ Frame 162E 		43 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&traffic_source=snippet&session=85AD5D56E2433DA9&sp=833229&pb=305583&c=570607&a=281178
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D570607%26a%3D281178
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:51 GMT
Etag
7c6e7f15a4ce5182
Server
Spotim
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dmed...
  • https://elb.the-ozone-project.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3494916401524150000V10
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3494916401524150000V10
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a67cbf121c7-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 29 Jan 2024 01:00:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://elb.the-ozone-project.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3494916401524150000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:51 GMT
async_usersync
ib.adnxs.com/ Frame 3031 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
an-x-request-uuid
2ddc5685-daf3-4e29-8217-0fc9f370783f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track4.aniview.com/ Frame F09B 		0
145 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track4.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=nypost.com&rs=nypost.com&sid=19820&t=1706490046&cip=38.132.118.73&sn=&tgt=0&osv=10&bv=120.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&d64=54742657b6d8f9ab646b94e6a422264d&d63=54742657b6d8f9ab646b94e6a422264d&aafaid=&proto=https&uid=1706490044009-172030175079-000676-010-006630&cha=0.7&stagid=&stplid=&d35=&d36=6.2.166&cb=30952989042&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd4=b285b3f2-e93f-49c6-b87c-554187f4a939&cd5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&cd6=tier1-conv3&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.10.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&cd16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=reactions&d9=0000&d37=realtime&d65=General&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%2...
  • https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=9363056e-f379-a42f-e624-ad2d64afb44d&us_privacy=pbs-ozone
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=9363056e-f379-a42f-e624-ad2d64afb44d&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a694dfc21c7-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
content-encoding
gzip
x-accel-expires
0
vary
Origin
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=9363056e-f379-a42f-e624-ad2d64afb44d&us_privacy=pbs-ozone
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
152
expires
Thu, 01 Jan 1970 00:00:00 UTC
um
u-iad04.e-planning.net/ Frame A5A4 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?uid=A4495936762966581276&dc=eba3ecb667ab30ab&fi=ed4a94647a2ace32
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3Ded4a94647a2ace32
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
server
openresty
mut
sghb.adtelligent.com/adunit/ Frame 9249 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/adunit/mut
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19751/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.safeservingcdn.com
Date
Mon, 29 Jan 2024 01:00:51 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 55FE 		155 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 01:48:59 GMT
via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
83514
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
H2ramsv1Urqnt6WnWpvaLGM-BNXQjwDhODiKoAPPW2f2WxE05F8o-g==
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&s=pbs&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-o...
  • https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a6a0f9d21c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LRY83WXS-13-DGE9&gdpr=0
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LRY83WXS-13-DGE9&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a6ac8e121c7-MIA
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LRY83WXS-13-DGE9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
data
bcp.crwdcntrl.net/6/ Frame 55FE 		263 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fd57eb3f5ea23eaef7791a9513f757eb699e04abbffff59ff88e92aea05efce5

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.40.48.7
access-control-allow-credentials
true
content-length
263
expires
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ Frame 9249 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 01:00:52 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 29 Jan 2024 01:00:51 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
449737
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 5311
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1&us_privacy=1---
  • https://mug.criteo.com/sid?cpp=uAfH0HxBNjJpaU1rMEhBVUVJK1A2T3NIZ2hTcllIUVY1UTY2dHlPRmdTOEFJM2syUkhVNVRuZ3lUMXNDcGNpUnExRmE0YlE1empqTEgxcmxkNTJNNzBTUUN6NHhqMWE2THhMVkNkc3kvc2F1UjJzOVF1NE1pcG40bDZmYm...
426 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uAfH0HxBNjJpaU1rMEhBVUVJK1A2T3NIZ2hTcllIUVY1UTY2dHlPRmdTOEFJM2syUkhVNVRuZ3lUMXNDcGNpUnExRmE0YlE1empqTEgxcmxkNTJNNzBTUUN6NHhqMWE2THhMVkNkc3kvc2F1UjJzOVF1NE1pcG40bDZmYmVXNkg3YVlhYXJ0MHZSNEFLVmRtOS9mbHhpUXVwSFpoeEJ4VDJ1eDdzMkh1OUxWSk5zeWZKbjNHV3JUbG82TXo3VTZVS09LTWJWeGNQQXFHcCtDVnYyTzg5U0c4a21zRU9xL3dSbzZKM1lWZFdqd0NZR0Nlcmh0bzVuRS85S0xsUVBQVk8rRElYMTMxK1hSWWhBM1R4V2ZOMGVXQXgyQT09fA&cppv=2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8603215f5bcb99af8c11bc910420dd8b9a744c283180dba8904dafc128b0fe8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1021507
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://nypost.com
location
https://mug.criteo.com/sid?cpp=uAfH0HxBNjJpaU1rMEhBVUVJK1A2T3NIZ2hTcllIUVY1UTY2dHlPRmdTOEFJM2syUkhVNVRuZ3lUMXNDcGNpUnExRmE0YlE1empqTEgxcmxkNTJNNzBTUUN6NHhqMWE2THhMVkNkc3kvc2F1UjJzOVF1NE1pcG40bDZmYmVXNkg3YVlhYXJ0MHZSNEFLVmRtOS9mbHhpUXVwSFpoeEJ4VDJ1eDdzMkh1OUxWSk5zeWZKbjNHV3JUbG82TXo3VTZVS09LTWJWeGNQQXFHcCtDVnYyTzg5U0c4a21zRU9xL3dSbzZKM1lWZFdqd0NZR0Nlcmh0bzVuRS85S0xsUVBQVk8rRElYMTMxK1hSWWhBM1R4V2ZOMGVXQXgyQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
341270
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 5311 		135 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 5311 		152 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e15b90c339ab3bba5621ba316045c96bcfdf17cf8fcc73240ad9b50d371bd074

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.40.61.88
access-control-allow-credentials
true
content-length
152
expires
0
rid
match.adsrvr.org/track/ Frame 5311 		108 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
b99411f14968db7930119c4e7f81efdc135c80757f22c9809d40a45e01942515

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 28 Feb 2024 01:00:52 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 70FB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.175 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-175.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 29 Jan 2024 01:00:52 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 30 Jan 2024 01:00:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
X-Check-Cacheable
YES
checksync.php
contextual.media.net/ Frame D581 		37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2033%2C2110%2C2030%2C273%2C550%2C233%2C2028%2C2027%2C2026%2C2025%2C237%2C117%2C359%2C97%2C2109%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C446%2C9%2C2090%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C542%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f0cba26b5ca9ae3f3ad580fbb1af6d5f46a3cf92cae527ec9b7db9ca8e4bde0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
12230
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Wed, 31 Jan 2024 01:00:52 GMT
quic-version
0x00000001
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 81C7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2432FD1%26sp%3D833229%26pb%3D305583%26c%3D570607%26a%3D281178%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48083
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame 7C75 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
6051bf48dfa43b2e77c5fb958ef160377674be4e35dc2f5def5adc1a408e84c6

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Mon, 29 Jan 2024 01:00:52 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1220
pbs-iframe
pbs-cs.yellowblue.io/ Frame 2011 		114 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D756033%26extuid%3D%5BPBS_UID%5D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2432FD1%26sp%3D833229%26pb%3D305583%26c%3D756621%26a%3D756033%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.235.119.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-119-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
81c1b0d999627f24cc9836f5c4477d232751f66c29dfd4706d98ab29f93798b8

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
114
content-type
text/plain
date
Mon, 29 Jan 2024 01:00:58 GMT
server
istio-envoy
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF3A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48083
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 1794
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2431DCD&sp=860902&pb=283366&c=750708&a=754412&domain=https://nypost.com/2022/0...
43 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2431DCD&sp=860902&pb=283366&c=750708&a=754412&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:52 GMT
Etag
6fc9875509c021ac
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Mon, 29 Jan 2024 01:00:52 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E2431DCD&sp=860902&pb=283366&c=750708&a=754412&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
isyn
prebid.a-mo.net/ Frame 6668 		485 B
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
f2996983b38c9595b2e32e49d77938c25758a70b755c0ca7ff1f0345ef584e8a

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:51 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
4
/
de.tynt.com/deb/ Frame 2649
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
aa0e44abdd6c4ecb90561d9e7cceaa7472354ff279247b46aee299e191ce6ce5

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2092
content-type
text/html
date
Mon, 29 Jan 2024 01:00:51 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8340000A
ixmatch.html
js-sec.indexww.com/um/ Frame 30BD 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
608
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84cd8a6bdcd55c82-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Mon, 29 Jan 2024 05:00:52 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 604C 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:52 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D815 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.175 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-175.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 29 Jan 2024 01:00:52 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 30 Jan 2024 01:00:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
X-Check-Cacheable
YES
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E4C8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48083
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
v1
match.sharethrough.com/sync/ Frame 5311
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NzBiYzU1M2QtMTdlYy00MjJiLWE3YWMtZWVlYjVlYzFjMDJi
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 5311
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=ShareThrough&rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DYnUBs5Yz9Zqjy9VCcoCxquFP%26source_user_id%3D_wfivefivec_
  • https://match.sharethrough.com/sync/v1?source_id=YnUBs5Yz9Zqjy9VCcoCxquFP&source_user_id=MGfTdgLu1Rug0Y5
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=YnUBs5Yz9Zqjy9VCcoCxquFP&source_user_id=MGfTdgLu1Rug0Y5
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:51 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-00082f09574424acc@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://match.sharethrough.com/sync/v1?source_id=YnUBs5Yz9Zqjy9VCcoCxquFP&source_user_id=MGfTdgLu1Rug0Y5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
cookies.nextmillmedia.com/ Frame 5311 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D%26traffic_source%3Dsnippet%26session%3D13A9985C26ECD461%26sp%3D617860%26pb%3D283366%26c%3D719582%26a%3D722242%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-143-64.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
v1
match.sharethrough.com/sync/ Frame 5311
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:52 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 5311
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3DB6C54284-E1B4-4E89-8D95-9C6E4...
  • https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
184.72.185.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-185-131.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
date
Sun, 28 Jan 2024 13:08:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 5311 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M1513VYCGA00FRVQ61R2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 3A23 		2 KB
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN}
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
47242098432885ff6449fd864249bf66f83d665577c76d97d98873087d9f0168
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
793
content-type
text/html
strict-transport-security
max-age=15552000
syncframe
gum.criteo.com/ Frame BBE9 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nypost.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:52 GMT
server
Kestrel
server-processing-duration-in-ticks
1257942
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ Frame 9249 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 01:00:52 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 28EB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
81101
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 28 Jan 2024 02:29:12 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-id
4PszEd98JODGtTr-uDovPCRrSfr7Xe3eqmPm2iqSoLJjsNY-oKFKvg==
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
um
sync.e-planning.net/ Frame 7C75
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=49&redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BuserId%7D%26dc%3D0abbcb4eba840e59%26fi%3D726ae5e0bff11241
  • https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D726ae5e0bff11241
  • https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=726ae5e0bff11241&ev=1&us_privacy=${us_privacy}&pid=562965
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=726ae5e0bff11241&ev=1&us_privacy=${us_privacy}&pid=562965
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=726ae5e0bff11241&ev=1&us_privacy=${us_privacy}&pid=562965
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
pbs.gif
sync.admanmedia.com/ Frame 7C75 		9 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D726ae5e0bff11241%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 7C75 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:51 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 27 Jan 2029 01:00:51 GMT
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D726ae5e0bff11241%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=726ae5e0bff11241&uid=460bad56-ba86-4057-96df-cd3eb47a1283
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=726ae5e0bff11241&uid=460bad56-ba86-4057-96df-cd3eb47a1283
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=726ae5e0bff11241&uid=460bad56-ba86-4057-96df-cd3eb47a1283
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 7C75 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:51 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 27 Jan 2029 01:00:51 GMT
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D726ae5e0bff11241%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=61678e4866ee141a&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=726ae5e0bff11241&uid=AAAHaYfdwKIEaANES3-XAAAAAAA&expiration=1706576452
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=726ae5e0bff11241&uid=AAAHaYfdwKIEaANES3-XAAAAAAA&expiration=1706576452
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=726ae5e0bff11241&uid=AAAHaYfdwKIEaANES3-XAAAAAAA&expiration=1706576452
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D726ae5e0bff11241
  • https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=726ae5e0bff11241
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=726ae5e0bff11241
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=726ae5e0bff11241
date
Mon, 29 Jan 2024 00:59:10 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D726ae5e0bff11241%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=726ae5e0bff11241&uid=569908430852131164
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=726ae5e0bff11241&uid=569908430852131164
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
an-x-request-uuid
37bcd184-d327-4539-9df9-a0af617f0bb0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=726ae5e0bff11241&uid=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D726ae5e0bff11241%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=726ae5e0bff11241&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=726ae5e0bff11241&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-110
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=726ae5e0bff11241&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3D726ae5e0bff11241%26uid%3D
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=726ae5e0bff11241&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=726ae5e0bff11241&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=726ae5e0bff11241&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
date
Mon, 29 Jan 2024 01:00:52 GMT
content-length
0
ztgl358.gif
eexsync.com/ Frame 7C75
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D726ae5e0bff11241%26uid%3D%24UID&partner=eplanning
  • https://eexsync.com/ztgl358.gif?gdpr=&gdpr_consent=&us_privacy=&coppa=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D38%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlO...
0
0
um
sync.e-planning.net/ Frame 7C75
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
date
Mon, 29 Jan 2024 01:00:52 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-iad04.e-planning.net/um?uid=csuid_0983445b-869a-4a0c-bbfb-ec07905c489b&dc=b337141cfdc8cf59&fi=726ae5e0bff11241
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=csuid_0983445b-869a-4a0c-bbfb-ec07905c489b&dc=b337141cfdc8cf59&fi=726ae5e0bff11241
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=csuid_0983445b-869a-4a0c-bbfb-ec07905c489b&dc=b337141cfdc8cf59&fi=726ae5e0bff11241
date
Mon, 29 Jan 2024 01:00:52 GMT
server
fasthttp
content-length
0
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3D726ae5e0bff11241
  • https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=726ae5e0bff11241
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=726ae5e0bff11241
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=726ae5e0bff11241
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
x.bidswitch.net/ Frame 7C75
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Deplanning%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=eplanning&user_id=k-tjiKgshAAZMRmtHJMFdIz0hSE5NBemds6t8VOQ&gdpr=&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=462&ssp=eplanning&user_id=k-tjiKgshAAZMRmtHJMFdIz0hSE5NBemds6t8VOQ&gdpr=&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://x.bidswitch.net/sync?dsp_id=462&ssp=eplanning&user_id=k-tjiKgshAAZMRmtHJMFdIz0hSE5NBemds6t8VOQ&gdpr=&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1268720
content-length
0
expires
Mon, 29 Jan 2024 00:00:00 GMT
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3D726ae5e0bff11241
  • https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=726ae5e0bff11241
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=726ae5e0bff11241
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=726ae5e0bff11241
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
um
u-iad04.e-planning.net/ Frame 7C75
Redirect Chain
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_us...
  • https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=726ae5e0bff11241
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=726ae5e0bff11241
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=726ae5e0bff11241
access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
um
sync.e-planning.net/ Frame 7C75
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005%26dc%3Dfc74...
  • https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
date
Mon, 29 Jan 2024 01:00:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame EDA1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:52 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:52 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1B9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D726ae5e0bff11241%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48083
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 8DCF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08385e38890091b203af2a10a5c92553ede6f7400bc23e8e8acf5d7c0cc656f5

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a6bcf5774a4-MIA
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOa37fBiFneWIjigEfjei1hgAcXbHYnAEC2HVocksUbOVLpS%2FAiAuanw%2FlQk5pLXoWTPDKYp1OGQPdsJSSNDj2VfkCk%2B2U4TlLCTYqE%2BjTVKNBVG1SkFfX%2FMSBuMxEehDuS%2BCb6%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cframe.js
assets.a-mo.net/js/ Frame 6668 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79e82fb537b0621dd3cad7ccff489e28d71450ae91ee4e27b85c5e0f0fd26d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
via
1.1 945393cefc4bfc81e302c26bac47e4f0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
239
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 Jan 2024 17:28:00 GMT
server
cloudflare
etag
W/"d458c9c4d04e49d089648ee8a1473ba4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
84cd8a6c39b78da0-MIA
x-amz-cf-id
GOdfSVb-Ca-M1gCWMoQYcG9VtPhOId3ZX_VuonIvVU281261XguMUg==
expires
Mon, 29 Jan 2024 02:00:52 GMT
usync.js
eus.rubiconproject.com/ Frame 604C 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:52 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76174
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
async_usersync
ib.adnxs.com/ Frame 70FB 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
an-x-request-uuid
f761a878-6d83-4434-9784-3bdabaf5131e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 5311 		33 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e48825fd281a445ae6cb84b6c78fde2f1a839c6ecc313e7c0441dcc0b3359c00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
setuid
elb.the-ozone-project.com/ Frame 3A23 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a6c4b9521c7-MIA
content-length
0
expires
0
csync
sync.adtelligent.com/ Frame 0EE6 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&traffic_source=snippet&session=85AD5D56E2432FD1&sp=833229&pb=305583&c=570607&a=281178&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2432FD1%26sp%3D833229%26pb%3D305583%26c%3D570607%26a%3D281178%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:52 GMT
Etag
02f1cd731049d4ac
Server
Adtelligent
crum
dsum-sec.casalemedia.com/ Frame 8DCF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=59948840237444FFB186652355CB1705
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=59948840237444FFB186652355CB1705
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBBURQFFwP%2Fb62Bmi51XBXeq%2Fd9RtjBUURYxJs12YEL5uo%2By1vQnjyskNSOrVtuW4Qv7lNv7gB3NxHoojW7BUWJN31tyTcQQ8rDFAjxP1xP2rskiTodiu0ee5iiwYX8B1anvgHPpRNz8NA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a6ceac174a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=59948840237444FFB186652355CB1705
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 28 Jan 2024 01:00:52 GMT
rum
dsum.casalemedia.com/ Frame 8DCF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=f4f792d7-5274-4dab-801d-f0fe8546e2ad&ssp=index&expires=30&user_group=5&bsw_param=82ce5fbb-faf3-47ec-acb9-51ab4b739685
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
43 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwaxu2wcSRCGbU67JORK8BB6B%2FmT2j%2BKvVmNmQmtuBhUqmoYmszOOIloM3QD8Ox4lIV20ELfu2F7McuZuxXWOnxRPD20iIIW5BAoXdfyXFz%2Boe4fG3F9426CkhZLPw7niCWhvMmk"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a6f59fb74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 29 Jan 2024 01:00:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 8DCF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=&gdpr_consent=
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnmsntDU86Pv2dAVJeukJtxyotBa95ju7f3ldZ3iSe94mbN62lUFoz9eHVsoBTjc0fP8cbEzPFLRCDqJUP2lFBePUHOuajByvjSp1Qf1nKZRX4GqyUZjwEUisgyqSzqKsLh1NJWKy%2FxiTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a6d8c9b74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 29 Jan 2024 01:00:52 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x51 config_version:"539"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 29 Jan 2024 01:00:51 GMT
pixel
capi.connatix.com/us/ Frame 8DCF 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&pId=17&gdpr_consent=&us_privacy=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a6ce9ad67b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
pixie
jelly.mdhv.io/v4/ Frame 8DCF
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4c318e13d98a247655254ea5ac3ea1c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo2b61_7329319012296256201&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/4c318e13d98a247655254ea5ac3ea1c?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-B7s07.5E2oOVuJ_YdNVytq8Enhp8LqCDWRWixocF~A
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAGDg07LbfEAABOt5hXgMg&dataProviderId=817&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGMzMThlMTNkOThhMjQ3NjU1MjU0ZWE1YWMzZWExYw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENE-QsqyUZrIprWHMJY8XSc&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=MGfTdgLu1Rug0Y5&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=569908430852131164&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=3153556&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=2686f86f-e79d-485e-ba10-74b2c691a418
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
  • https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent=
0
0
dcm
s.amazon-adsystem.com/ Frame 8DCF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
881CSCDJ2Q06GD56P9F5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8DCF 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
um
u-iad04.e-planning.net/ Frame 8DCF 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=726ae5e0bff11241&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif
/
ssc-cms.33across.com/ps/ Frame 2649 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?_=1706490052468.&ri=0010b00002T3JniAAF&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:52 GMT
server
33XP015
match
events-ssc.33across.com/ Frame 2649
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706490052468.2&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=569908430852131164
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=569908430852131164
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
an-x-request-uuid
728a8e98-4101-4593-9963-f8d9068086f3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
match
events-ssc.33across.com/ Frame 2649
Redirect Chain
  • https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=b82c204e-23a5-4c37-b8ee-e7d70eb88eda
  • https://events-ssc.33across.com/match?bidder_id=121&external_user_id=b82c204e-23a5-4c37-b8ee-e7d70eb88eda&ts=1706490052&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=121&external_user_id=b82c204e-23a5-4c37-b8ee-e7d70eb88eda&ts=1706490052&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=121&external_user_id=b82c204e-23a5-4c37-b8ee-e7d70eb88eda&ts=1706490052&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame 2649
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDI2NzU4Mi90LzI/url/https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D44%26ts%3D1706490052468.4%26us_privacy%3D%26xu%3D%24!%7BTURN_UUID%7D
  • https://ssc-cms.33across.com/ps/?xi=44&ts=1706490052468.4&us_privacy=&xu=7275493187359501348
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=44&ts=1706490052468.4&us_privacy=&xu=7275493187359501348
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:51 GMT
server
33XP013

Redirect headers

location
https://ssc-cms.33across.com/ps/?xi=44&ts=1706490052468.4&us_privacy=&xu=7275493187359501348
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
ssc-cms.33across.com/ps/ Frame 2649
Redirect Chain
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-4949403a...
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:51 GMT
server
33XP013

Redirect headers

location
https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
date
Mon, 29 Jan 2024 01:00:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
/
ssc-cms.33across.com/ps/ Frame 2649
Redirect Chain
  • https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D
  • https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&gdpr=0
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&gdpr=0
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:52 GMT
server
33XP020

Redirect headers

location
https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=5a8e7a58-5360-4042-bd21-3b1e486462a2&gdpr_consent=null&gdpr=0
date
Mon, 29 Jan 2024 01:00:52 GMT
server
_
content-length
0
match
events-ssc.33across.com/ Frame 2649
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D40%26ts%3D1706490052468.7%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=40&ts=1706490052468.7&us_privacy=&xu=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
  • https://events-ssc.33across.com/match?bidder_id=40&external_user_id=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2&ts=1706490052&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=40&external_user_id=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2&ts=1706490052&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=40&external_user_id=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2&ts=1706490052&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uAfH0HxBNjJpaU1rMEhBVUVJK1A2T3NIZ2hTcllIUVY1UTY2dHlPRmdTOEFJM2syUkhVNVRuZ3lUMXNDcGNpUnExRmE0YlE1empqTEgxcmxkNTJNNzBTUUN6NHhqMWE2THhMVkNkc3kvc2F1UjJzOVF1NE1pcG40bDZmYmVXNkg3YVlhYXJ0MHZSNEFLVmRtOS9mbHhpUXVwSFpoeEJ4VDJ1eDdzMkh1OUxWSk5zeWZKbjNHV3JUbG82TXo3VTZVS09LTWJWeGNQQXFHcCtDVnYyTzg5U0c4a21zRU9xL3dSbzZKM1lWZFdqd0NZR0Nlcmh0bzVuRS85S0xsUVBQVk8rRElYMTMxK1hSWWhBM1R4V2ZOMGVXQXgyQT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
184405
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame A78F
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=6706e737-2b3b-4ae1-90dc-918a56782337&expiration=1714352452
43 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=6706e737-2b3b-4ae1-90dc-918a56782337&expiration=1714352452
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a6dfde074a4-MIA
content-length
43
content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BNgFPvDTOgFTOwqxbupm9fkt3t%2BrAcMXF0%2Fbj4zds5qW%2BMwXxOon7uhLtWIVEAAv3gJ7%2FghHMKqgeQYIjmSJVO29vGTu1VzVWjhH%2BQSchc7%2FX1GZbqtu5KSlZi5PETqHrHvHSEuJheMeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=6706e737-2b3b-4ae1-90dc-918a56782337&expiration=1714352452
usync.js
eus.rubiconproject.com/ Frame EDA1 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:52 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76174
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
csync
sync.adtelligent.com/ Frame 4A26 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&traffic_source=snippet&session=85AD5D56E2432FD1&sp=833229&pb=305583&c=570607&a=281178&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2432FD1%26sp%3D833229%26pb%3D305583%26c%3D570607%26a%3D281178%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:52 GMT
Etag
02f1cd731049d4ac
Server
Adtelligent
async_usersync
ib.adnxs.com/ Frame D815 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
an-x-request-uuid
94676c1c-4da4-4d4f-b2d4-7fd8522b963b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame BBE9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.safeservingcdn.com&sn=ChromeSyncframe&so=0&topUrl=nypost.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=o2WDLnxPTy9Pb1dyZnpRZWxnK2NWTTZDTnZ4UWtMSFF3Vk5EZXdJV3dWdGFUeDhQZU1JakxoUHpCdGpmS3RJUmNqYUdXMmRvdVU0VVpvZVI3Y2l2M3Fsb1dET2ZRK0w1OWFwZjBFcEJsTXI3ZW5VTnBLUjVWd052QW9JWU...
435 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=o2WDLnxPTy9Pb1dyZnpRZWxnK2NWTTZDTnZ4UWtMSFF3Vk5EZXdJV3dWdGFUeDhQZU1JakxoUHpCdGpmS3RJUmNqYUdXMmRvdVU0VVpvZVI3Y2l2M3Fsb1dET2ZRK0w1OWFwZjBFcEJsTXI3ZW5VTnBLUjVWd052QW9JWUlZVWMrYkJXajlGUXE1NEpydHFzR2pEb1RKd0JwZTRLS3RIOVBEWElyQlVsSCt3a3pUcFFKczBKOHFuakhuWUtPRStlV3lEVlk0RUdxcC85emJlNGc0VUdrdVo0Q1Y4Y05vSlM4ZnF5YzFadVdHSUphdHh5a2paNGpaelRibk5tTElXSktIcTVMRGhhS2NtNmFpNlF1S2hxRWl3dFJIVmpXZFlwYi9vMXZ0cWswR2dhLzBSRT18&cppv=2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
74d619af143ed85705afb31ceeb27a011a20b5ef88266a5bfc8070486468ca2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2701362
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=o2WDLnxPTy9Pb1dyZnpRZWxnK2NWTTZDTnZ4UWtMSFF3Vk5EZXdJV3dWdGFUeDhQZU1JakxoUHpCdGpmS3RJUmNqYUdXMmRvdVU0VVpvZVI3Y2l2M3Fsb1dET2ZRK0w1OWFwZjBFcEJsTXI3ZW5VTnBLUjVWd052QW9JWUlZVWMrYkJXajlGUXE1NEpydHFzR2pEb1RKd0JwZTRLS3RIOVBEWElyQlVsSCt3a3pUcFFKczBKOHFuakhuWUtPRStlV3lEVlk0RUdxcC85emJlNGc0VUdrdVo0Q1Y4Y05vSlM4ZnF5YzFadVdHSUphdHh5a2paNGpaelRibk5tTElXSktIcTVMRGhhS2NtNmFpNlF1S2hxRWl3dFJIVmpXZFlwYi9vMXZ0cWswR2dhLzBSRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
621238
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpb...
  • https://elb.the-ozone-project.com/setuid?bidder=inmobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=inmobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a6f489f21c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=inmobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
usermatch
ssum-sec.casalemedia.com/ Frame BAE2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b240dfc3d08e8501daf14d2a0977dcbe3b4713df63d0db4a693673ea41dd6c6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a6d4be874a4-MIA
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FReUKleGRYL9glHZY%2FTCjZiDLl%2FDK99rrmx5Xe0vQf7iCZGNVivWU7npWxjzLf31Ixw5HPryyM01WyUCmQj0IvKS3rMAjKT8p2Im%2BZgkZHVfOsXEiYKsSWsgLaM6KY9cKIe2JU%2B3B8DYqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
692.json
id5-sync.com/g/v2/ Frame 5311 		625 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
9e52b371d86a4d2b8a46268cca892458efbc72af77ef69025971205433e5fcce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 6EA9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2033%2C2110%2C2030%2C273%2C550%2C233%2C2028%2C2027%2C2026%2C2025%2C237%2C117%2C359%2C97%2C2109%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C446%2C9%2C2090%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C542%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:53 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame F9C5 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2033%2C2110%2C2030%2C273%2C550%2C233%2C2028%2C2027%2C2026%2C2025%2C237%2C117%2C359%2C97%2C2109%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C446%2C9%2C2090%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C542%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
cksync.php
contextual.media.net/ Frame D581
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=son&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=son&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=son&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2033%2C2110%2C2030%2C273%2C550%2C233%2C2028%2C2027%2C2026%2C2025%2C237%2C117%2C359%2C97%2C2109%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C446%2C9%2C2090%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C542%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:52 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-110
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=son&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame D581
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3494916401524150...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=opx&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=b7f94b06-a819-495e-9e1c-734587ce42d2
231 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=opx&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=b7f94b06-a819-495e-9e1c-734587ce42d2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2033%2C2110%2C2030%2C273%2C550%2C233%2C2028%2C2027%2C2026%2C2025%2C237%2C117%2C359%2C97%2C2109%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C446%2C9%2C2090%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C542%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:52 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
231
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:52 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3494916401524150000V10&type=opx&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=b7f94b06-a819-495e-9e1c-734587ce42d2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame D581
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dr1%26refUrl%3D%26vid%3D64900527033494916401...
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3494916401524150000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=r1&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=r1&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2033%2C2110%2C2030%2C273%2C550%2C233%2C2028%2C2027%2C2026%2C2025%2C237%2C117%2C359%2C97%2C2109%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C446%2C9%2C2090%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C542%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:52 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3494916401524150000V10&type=r1&refUrl=&vid=64900527033494916401524150000V10&axid_e=&ovsid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
date
Mon, 29 Jan 2024 01:00:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
um
u-iad04.e-planning.net/ Frame 71FA 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=726ae5e0bff11241&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
server
openresty
/
onetag-sys.com/usync/ Frame B16D 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 7C75 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:44:11 GMT
content-encoding
gzip
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
55002
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
MOk_5qYf2gS6VLHJH4WAh2s0Wx7MWQnr5UIzTHdoADCKQpIYmTrmYw==
15581
rtb.gumgum.com/usync/ Frame 9A88 		2 KB
927 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.212.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-212-230.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4284971e26c973b066be642e7d5e2aece7ddba45e5701db63f0fc0a025aa6cc7

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 01:00:52 GMT
etag
W/"013cb48109164012f9e886c015543945a"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame CA94 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
aa5acd72f66749117fe93f0b7a4b126abc77b8afddcb929c54b9c52513e3e75b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1326
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:52 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user-sync
sync.adkernel.com/ Frame E774 		828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D726ae5e0bff11241
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
b06288da08bedbe97b78c467e92dd42e438ac3cadd505a372498d6ff6c1079ff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
828
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 01:00:52 GMT
Server
nginx
csync
sync.adtelligent.com/ Frame 4407 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKPdkJk4iTC0COCr&traffic_source=snippet&session=85AD5D56E2431DCD&sp=860902&pb=283366&c=484122&a=307971&domain=https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E2431DCD%26sp%3D860902%26pb%3D283366%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:52 GMT
Etag
6fc9875509c021ac
Server
Adtelligent
pixels
bcp.crwdcntrl.net/ Frame FD9C 		989 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2%2C81%2C100%2C122%2C150%2C94&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2a5572234ecd9398c856d9be0b8f178e1c7b8e1d726063c0a16d21ec42be3862

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
989
content-type
text/html
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.57.212
um
u-iad04.e-planning.net/ Frame EB99 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=726ae5e0bff11241&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
server
openresty
crum
dsum-sec.casalemedia.com/ Frame BAE2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=FGMyRixu_DgVHyivxn3d&puid=&us_privacy=1---
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=FGMyRixu_DgVHyivxn3d&puid=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0STYpXZR09thshth0ihsm1oDCWaCqR5vKsgIocCklzV5qvUllAlBTvwvJQVJ4TV81cqY5b6ou7rcDq7r%2FQt1awEUddtfQXXQVfr4g0PANLlULpmvR6LhjjyiruRIT66RuYi3mCzjPXjPSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a6e4f1374a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=FGMyRixu_DgVHyivxn3d&puid=&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
145
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BAE2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&us_privacy=1---&cm_callback_url=https%3A%2F...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662067529212940
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662067529212940
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3W7GWRdtGKCB8mOmlzVJWsrfPzEBlW3Pgcp%2FyV6tooVfIjTc2qRHVYq519OoVQZsqdanGxiESzI4Luo4LeyPeSahVUMOoFMvn4ypgVSAsFISPj0zSHlJPWq6F9Z1%2Ba%2BzM16lMGJp43JBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a6e8fb374a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
858
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662067529212940
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84cd8a6dd8cdda93-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BAE2
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a591ea3200184fecb5ef4715ed7a1859&expiration=1709082052
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a591ea3200184fecb5ef4715ed7a1859&expiration=1709082052
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPlUkhPriIv5UCLFfqh5sv3%2BMFSYyouNMlewvTn3NV3n7HGE%2BY1rwU%2FuY71xqtkZ%2BGzp8T2kvfDQYV8Gex2ZmMvHVd%2Fkwtm8dNSW1TIL1P2L1657X7l6U5jsUIpg2NpdwPcQ2RmvJnIuJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a6e6f5a74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a591ea3200184fecb5ef4715ed7a1859&expiration=1709082052
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BAE2
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a8e7a58-5360-4042-bd21-3b1e486462a2&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a8e7a58-5360-4042-bd21-3b1e486462a2&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVRoMvd8TVL1Kxtg40ruN2WSSItCVaFriVlDBUS1Mn%2F4ByTEedF0%2FGpexuETufyYoXJtWzbriQDUN4Q%2F7EsGUFL%2FkJxnim4yI%2FWr05Tygw06ogUKnIPrDlYFpjDVmEk6jYDc8n8iY0DVgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a6f8a7574a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a8e7a58-5360-4042-bd21-3b1e486462a2&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
date
Mon, 29 Jan 2024 01:00:52 GMT
server
_
content-length
0
dcm
s.amazon-adsystem.com/ Frame BAE2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KHT46RPQ4EBPQC1QZVCQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame BAE2 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:7278:7d7c:f993:dad2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame BAE2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=1---&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=&gdpr_consent=
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XqF4F01X%2B3KftmwPKZOqkgC6PIc1MqXnJm5xzfsHyuJwdqtgROtU8wOh3A4FzryIOdDKGRkgqPSpCv1M2n1EyrZIFRWAV2bysdk11%2B1pv6zgrfXx6TGX9%2BkOhB8YkAzx3MzE1JSEeS9RA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a6e6f6774a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 29 Jan 2024 01:00:52 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x35 config_version:"539"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b16465b6-f8b7-4700-825f-1f6d618c12a5&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 29 Jan 2024 01:00:51 GMT
pixel
capi.connatix.com/us/ Frame BAE2 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&pId=17&gdpr_consent=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a6dfb9567b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
htw-pixel.gif
cdn.indexww.com/ht/ Frame BAE2 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Zbb4t.4rlh.cZ2F6j5eVAQAA%261589=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
58804
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84cd8a6df86e5c82-MIA
content-length
43
expires
Tue, 30 Jan 2024 01:00:52 GMT
khaos.json
token.rubiconproject.com/ Frame EDA1 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
usersync
usersync.gumgum.com/ Frame 9A88
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 9A88
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 9A88
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9A88
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Date
Mon, 29 Jan 2024 01:00:52 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9A88
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
usersync
usersync.gumgum.com/ Frame 9A88
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
content-length
0
um
sync.e-planning.net/ Frame 9A88 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=726ae5e0bff11241&uid=u_409f2738-bb72-42b8-beec-9dce4873490b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=59948840237444FFB186652355CB1705&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=59948840237444FFB186652355CB1705&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=59948840237444FFB186652355CB1705&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 28 Jan 2024 01:00:52 GMT
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=FGMyRixu_DgVHyivxn3d&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=FGMyRixu_DgVHyivxn3d&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=FGMyRixu_DgVHyivxn3d&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7275493187359501348&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7275493187359501348&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7275493187359501348&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=kC2BrsAggaGLKYCgnnnOrcAugvqLKtD8nylZC8mz
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=kC2BrsAggaGLKYCgnnnOrcAugvqLKtD8nylZC8mz
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=kC2BrsAggaGLKYCgnnnOrcAugvqLKtD8nylZC8mz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=b16465b6-f8b7-4700-825f-1f6d618c12a5&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=b16465b6-f8b7-4700-825f-1f6d618c12a5&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 29 Jan 2024 01:00:52 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x29 config_version:"539"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=b16465b6-f8b7-4700-825f-1f6d618c12a5&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 29 Jan 2024 01:00:51 GMT
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Zbb4vAAA0m8FLAAg&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=Zbb4vAAA0m8FLAAg&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-mia-kmia1760028-MIA
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706490053.829198,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=Zbb4vAAA0m8FLAAg&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=888d5bf4-8617-4ac8-bcc6-2af092319710
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=888d5bf4-8617-4ac8-bcc6-2af092319710
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 29 Jan 2024 01:00:52 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.3lift.com
location
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=888d5bf4-8617-4ac8-bcc6-2af092319710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=MGfTdgLu1Rug0Y5&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=MGfTdgLu1Rug0Y5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-00082f09574424acc@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=MGfTdgLu1Rug0Y5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT, Mon, 29 Jan 2024 01:00:52 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CA94
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
text/plain
um
sync.e-planning.net/ Frame CA94 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=264943876892460233441&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:52 GMT
content-type
image/gif
idl.js
assets.a-mo.net/js/ Frame 6668 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=nypost.com&e=27&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
via
1.1 f465fdeca906afa0539bb462afc69502.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
84cd8a6e1cc38da0-MIA
x-amz-cf-id
ZCU_tyZ8Mm9Td-XxRfr7LCwCLFOs89nc0FiecYK7DyCzZXdblQyNjA==
expires
Mon, 29 Jan 2024 02:00:52 GMT
bidswitch
sync-dmp.mobtrakk.com/match/ Frame 6668
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=82ce5fbb-faf3-47ec-acb9-51ab4b739685
0
0
yahoo
prebid.a-mo.net/setuid/ Frame 6668
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ow.pubmatic.com/ Frame 6668 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&do=nypost.com
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:53 GMT
content-length
0
content-type
text/html
setuid
prebid-server.rubiconproject.com/ Frame 6668 		0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&do=nypost.com
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame 6668 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f&do=nypost.com
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
an-x-request-uuid
90273168-c53b-4323-bb4a-e391fa98a460
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5147
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usync.html
eus.rubiconproject.com/ Frame F92E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:52 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame 9E06 		170 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80MDlmMjczOC1iYjcyLTQyYjgtYmVlYy05ZGNlNDg3MzQ5MGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame C65A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D726ae5e0bff11241%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Mon, 29 Jan 2024 01:00:52 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
server
Kestrel
rand=713586109
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/ Frame FD9C
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=713586109
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/rand=713586109
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/rand=713586109
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2%2C81%2C100%2C122%2C150%2C94&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.53.217
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
an-x-request-uuid
6bd43f80-aa57-485d-8afa-7e8a700895ad
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/rand=713586109
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
lotame
sync.sharethis.com/ Frame FD9C 		42 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=5f72766870583b8c82c87eabd99f6997&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2%2C81%2C100%2C122%2C150%2C94&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.160.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-160-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHoAA2W2+MUAAAAJEMarAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
/
loadus.exelator.com/load/ Frame FD9C 		0
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=5f72766870583b8c82c87eabd99f6997&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2%2C81%2C100%2C122%2C150%2C94&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.243.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-243-161.us-west-2.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
41715
i.liadm.com/s/ Frame FD9C 		43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5f72766870583b8c82c87eabd99f6997
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2%2C81%2C100%2C122%2C150%2C94&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.125.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-125-227.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:52 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif
/
wt.rqtrk.eu/ Frame FD9C 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=274120547&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=5f72766870583b8c82c87eabd99f6997
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2%2C81%2C100%2C122%2C150%2C94&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.241.106 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-012.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Mon, 29 Jan 2024 01:00:51 GMT
ibs:dpid=121998&dpuuid=5f72766870583b8c82c87eabd99f6997&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
dpm.demdex.net/ Frame FD9C 		42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5f72766870583b8c82c87eabd99f6997&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2%2C81%2C100%2C122%2C150%2C94&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-200-15.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-08728bb62.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
oDq9Mka0TBU=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
cc6daa9f-c4bf-4fa6-90a6-e0a1ccdb5121
https://prebid.a-mo.net/ Frame 6668 		171 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/cc6daa9f-c4bf-4fa6-90a6-e0a1ccdb5121
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dad84719d9329ddde57fc3e27f735d2fdcb510e1fee9bcff6e3810545c2f402

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
171
Content-Type
user-sync
sync.adkernel.com/ Frame E774
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D343983%26t%3Dimage%26uid%3D
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D726ae5e0bff11241
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:53 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

location
//sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
date
Mon, 29 Jan 2024 01:00:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
user-sync
sync.adkernel.com/ Frame E774
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D726ae5e0bff11241
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:53 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:52 GMT
an-x-request-uuid
3ab22480-16d5-43fa-a409-776fb94d3251
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame B3E8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel
  • https://eus.rubiconproject.com/usync.html?p=adkernel
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adkernel
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D726ae5e0bff11241
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:53 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=adkernel
server
AkamaiGHost
fed
ups.analytics.yahoo.com/ups/58771/ Frame 6668 		316 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=nypost.com&e=27&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
a0ff8d6de9c5e5d18857aa8fedc276d58456aa3718af4619b84a613a71df0fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame F92E 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76173
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
pbs-user-sync
ads.stickyadstv.com/ Frame F741 		353 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
e139ae5fa453f363743046f7cef1ebb6348fe373f2c85964e96391e97503e1b9

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:53 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1706490053203047-280
khaos.json
token.rubiconproject.com/ Frame F92E 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
usync.js
eus.rubiconproject.com/ Frame B3E8 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adkernel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adkernel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76173
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
usync.js
eus.rubiconproject.com/ Frame 6EA9 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76173
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
khaos.json
token.rubiconproject.com/ Frame B3E8 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
um
u-iad04.e-planning.net/ Frame E774 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?uid=A4495936762966581276&dc=eba3ecb667ab30ab&fi=726ae5e0bff11241
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D726ae5e0bff11241
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:53 GMT
server
openresty
sync
sync.srv.stackadapt.com/ Frame 6B3A
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4c318e13d98a247655254ea5ac3ea1c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo2b61_7329319012296256201&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAGDg07LbfEAABOt5hXgMg&dataProviderId=817&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGMzMThlMTNkOThhMjQ3NjU1MjU0ZWE1YWMzZWExYw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENE-QsqyUZrIprWHMJY8XSc&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=41e24d93-d54c-44df-8e10-335978a5e3ce&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=569908430852131164&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=308520&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdp...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=2686f86f-e79d-485e-ba10-74b2c691a418
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&gdpr=0&gdpr_consent=
  • https://dsp.adfarm1.adition.com/cookie/?ssp=12&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=202&userId=7329318908464986269&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=${TM_USER_ID}&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Zbb4vAAA0m8FLAAg&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=169&gdpr=0&gdpr_consent=
0
0
setuid
elb.the-ozone-project.com/ Frame EDB5 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=4c318e13d98a247655254ea5ac3ea1c
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84cd8a710bdb21c7-MIA
content-length
0
date
Mon, 29 Jan 2024 01:00:53 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 6EA9 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame C8A9 		0
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1706490044009-172030175079-000676-010-006630&biddername=133&pid=59c9148628a0612da3689288&key=70a21ae20dfbf74c5fa4b7af696db04c
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 29 Jan 2024 01:00:53 GMT
async_usersync
ib.adnxs.com/ Frame 70FB 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
an-x-request-uuid
d9efc91a-5fe0-4749-a514-1cacaf754483
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 6EA9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=LRY83WXS-13-DGE9
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRY83WXS-13-DGE9&us_privacy=1---
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRY83WXS-13-DGE9&us_privacy=1---
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H3
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 01:00:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 29 Jan 2024 01:00:53 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRY83WXS-13-DGE9&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
Expires
0
109b859ac725447fa84b66654260cfc3.jpg
content.homenetiol.com/2002409/2188158/0x0/ Frame 51F9 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.homenetiol.com/2002409/2188158/0x0/109b859ac725447fa84b66654260cfc3.jpg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.168.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-168-123.bos50.r.cloudfront.net
Software
/
Resource Hash
8c034bd83aa1d0fcb23fb9eb72946352de0fed9c13a876c24b826b1a0372836b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:13:11 GMT
via
1.1 5bf4d747be36bbd75379552d7669c798.cloudfront.net (CloudFront)
last-modified
Mon, 01 Jan 2024 16:52:05 GMT
x-amz-cf-pop
BOS50-P3
age
820062
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
58645
x-amz-cf-id
RusAHQz7DIsrbqQ6xA8w9Ec4FQbc108YIciuh3lbiw1UR2Im8yHUBA==
async_usersync
ib.adnxs.com/ Frame D815 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
an-x-request-uuid
35911b54-230c-4bf3-aa5b-e13ace5c8305
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.ad.smaato.net/oapi/ Frame D367 		0
323 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.20.47.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-47-211.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:53 GMT
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
f39180fd-8845-d3a7-1906-68a713f1b336
x-smt-trace
https://tracing.smaato.net/api/traces/b73b021e3541701f76847e67c1b773da?prettyPrint=true
bid.json
reachms.bfmio.com/ Frame D367 		0
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=bcc1ce09-7963-4ec7-c219-22911d192fd5
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.71.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-71-61.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:53 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
server
nginx/1.24.0
vary
Origin
sync_iframe
sync.bfmio.com/ Frame 1F25 		869 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=bcc1ce09-7963-4ec7-c219-22911d192fd5&gdpr=0&gc=&gce=1&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.48.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-48-223.compute-1.amazonaws.com
Software
/
Resource Hash
a423c9e71a22acfaddca44764b5ebde4d2db3094dc985080344649741f9926f3

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
869
Content-Type
text/html
Date
Mon, 29 Jan 2024 01:00:53 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.safeservingcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 29 Jan 2024 01:00:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
250680
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 9249
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1&us_privacy=1---
  • https://mug.criteo.com/sid?cpp=Qs4zwXxyRjdqNjk5bm1OaVp2M2pPUVg4SXJKZnJMTHVBY25NbHB5dnZ0Yk5tZTdXaGJ6T3NIYjdpd1ZSNThDU3hKMDVqYm4xS09mYTJqUExHbVB0SEVwZFYvd2IzcUJoWjVzeFZ6THMrVEtDT25jOEVveWdYRjYyS3IxZk...
424 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Qs4zwXxyRjdqNjk5bm1OaVp2M2pPUVg4SXJKZnJMTHVBY25NbHB5dnZ0Yk5tZTdXaGJ6T3NIYjdpd1ZSNThDU3hKMDVqYm4xS09mYTJqUExHbVB0SEVwZFYvd2IzcUJoWjVzeFZ6THMrVEtDT25jOEVveWdYRjYyS3IxZkdjZUdVMFZLZmJIZWVFN2wvRVZJS0NPOTI2ZzdZZWh6RkxCTTBrYzlsbkx5NVlxRksyOTZLZ0NjOGlZclk5Ti9vbG9uL3BnWm1VNjN0MVRPRGNSc1RtMUYwdTBDc001Z2xjaUZXRGFFcGV5cVppMkJkNFFROWNHelNDY2NwVGZ4RWQ3QXhIM3kyV2FzNWQ2Q3J5b1RSemxpcFVhRnRKNGJtUCtYbU9QRTZ5a01Kc0M1UVlhZz18&cppv=2
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bcab70859f379c2f95bbc51ab0ddc72ed86f0374185fc2c9e1e3a9783744b47c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1353875
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://p.safeservingcdn.com
location
https://mug.criteo.com/sid?cpp=Qs4zwXxyRjdqNjk5bm1OaVp2M2pPUVg4SXJKZnJMTHVBY25NbHB5dnZ0Yk5tZTdXaGJ6T3NIYjdpd1ZSNThDU3hKMDVqYm4xS09mYTJqUExHbVB0SEVwZFYvd2IzcUJoWjVzeFZ6THMrVEtDT25jOEVveWdYRjYyS3IxZkdjZUdVMFZLZmJIZWVFN2wvRVZJS0NPOTI2ZzdZZWh6RkxCTTBrYzlsbkx5NVlxRksyOTZLZ0NjOGlZclk5Ti9vbG9uL3BnWm1VNjN0MVRPRGNSc1RtMUYwdTBDc001Z2xjaUZXRGFFcGV5cVppMkJkNFFROWNHelNDY2NwVGZ4RWQ3QXhIM3kyV2FzNWQ2Q3J5b1RSemxpcFVhRnRKNGJtUCtYbU9QRTZ5a01Kc0M1UVlhZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
507888
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 9249 		135 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 9249 		152 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
130bae96be45149b114f9eff50d18451c3e7bc18e725185a6dc1cc2d431fd5e7

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache
x-server
10.40.6.208
access-control-allow-credentials
true
content-length
152
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9536 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.175 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-175.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 29 Jan 2024 01:00:54 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 30 Jan 2024 01:00:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
X-Check-Cacheable
YES
sync-all.html
adxbid.info/ Frame 4C60 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1787a5dfdba5a51fbef09d57aaadebb83af016d1b4f087236fa1ce27c06a99c5

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84cd8a76addb23b5-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:54 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfqDRlMjreEmr7o7fiKo4D%2BinKf141JuJM8L%2F6kIGesTYbVsaK9p8a9RoKmWfdhQrTBUTLB1zutmGthLGOK81psrReQE%2FFv3NtSfx6LMLKfkVPg5vwvjWaHyol0ZU%2FJuF%2BI1HA65l8L8Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
csync
sync.adtelligent.com/ Frame A7FD
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E244B17B&sp=852559&pb=753264&c=750708&a=754412&domain=https://nypost.com
43 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E244B17B&sp=852559&pb=753264&c=750708&a=754412&domain=https://nypost.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:54 GMT
Etag
6fc9875509c021ac
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Mon, 29 Jan 2024 01:00:54 GMT
expires
Mon, 29 Jan 2024 01:00:54 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3494916401524150000V10&traffic_source=snippet&session=85AD5D56E244B17B&sp=852559&pb=753264&c=750708&a=754412&domain=https://nypost.com
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
/
de.tynt.com/deb/ Frame BCB7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
cf91df65a01f10adfab853295ada34fb1ef0be348e4fed16951bfbfd7d5502d5

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1806
content-type
text/html
date
Mon, 29 Jan 2024 01:00:53 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:53 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8340000A
/
ads.us.e-planning.net/uspd/1/ Frame 536F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
145d0ca36c0883ebcaed25e0f265b19f6b28ff9ff4a7b28c42528fa8a8470faf

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 29 Jan 2024 01:00:54 GMT
expires
Mon, 29 Jan 2024 01:00:54 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1220
sync
sync.bfmio.com/ Frame 1F25
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=41e24d93-d54c-44df-8e10-335978a5e3ce
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=bcc1ce09-7963-4ec7-c219-22911d192fd5&gdpr=0&gc=&gce=1&us_privacy=1---&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
52.23.48.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-48-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:53 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=106&uid=41e24d93-d54c-44df-8e10-335978a5e3ce
date
Mon, 29 Jan 2024 01:00:54 GMT
server
Kestrel
content-length
183
sync
sync.bfmio.com/ Frame 1F25
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=49&redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D167%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.bfmio.com/sync?pid=167&uid=av-fe0a58fc-35bc-4994-be9c-a4c4ce2035ae
0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=167&uid=av-fe0a58fc-35bc-4994-be9c-a4c4ce2035ae
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=bcc1ce09-7963-4ec7-c219-22911d192fd5&gdpr=0&gc=&gce=1&us_privacy=1---&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
52.23.48.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-48-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:53 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=167&uid=av-fe0a58fc-35bc-4994-be9c-a4c4ce2035ae
date
Mon, 29 Jan 2024 01:00:54 GMT
server
Apache-Coyote/1.1
content-length
0
sync
sync.bfmio.com/ Frame 1F25
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=59948840237444FFB186652355CB1705
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=59948840237444FFB186652355CB1705
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=bcc1ce09-7963-4ec7-c219-22911d192fd5&gdpr=0&gc=&gce=1&us_privacy=1---&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
52.23.48.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-48-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:53 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=59948840237444FFB186652355CB1705
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 28 Jan 2024 01:00:54 GMT
sync
sync.bfmio.com/ Frame 1F25
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D147%26uid%3D%24%7Bssky_uuid%7D
  • https://sync.bfmio.com/sync?pid=147&uid=d6.e76e07904f87467aa0560fd6be8edb8f
0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=147&uid=d6.e76e07904f87467aa0560fd6be8edb8f
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=bcc1ce09-7963-4ec7-c219-22911d192fd5&gdpr=0&gc=&gce=1&us_privacy=1---&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
52.23.48.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-48-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:53 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=147&uid=d6.e76e07904f87467aa0560fd6be8edb8f
date
Mon, 29 Jan 2024 01:00:54 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
/
sync.taboola.com/sg/beachfrontrtbvideo-network/1/rtb-h/ Frame 1F25
Redirect Chain
  • https://sync.bfmio.com/syncr?pid=180&uid=1
  • https://sync.taboola.com/sg/beachfrontrtbvideo-network/1/rtb-h/?taboola_hm=2f2dd0d93af01ed1f16bd81432811c10616eae61
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/beachfrontrtbvideo-network/1/rtb-h/?taboola_hm=2f2dd0d93af01ed1f16bd81432811c10616eae61
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=bcc1ce09-7963-4ec7-c219-22911d192fd5&gdpr=0&gc=&gce=1&us_privacy=1---&gpp=&gpp_sid=
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61703

Redirect headers

Location
https://sync.taboola.com/sg/beachfrontrtbvideo-network/1/rtb-h/?taboola_hm=2f2dd0d93af01ed1f16bd81432811c10616eae61
Date
Mon, 29 Jan 2024 01:00:53 GMT
Connection
keep-alive
Content-Length
0
sync
sync.bfmio.com/ Frame 1F25
Redirect Chain
  • https://sync.1rx.io/usersync2/beachfront
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D179%26uid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005
  • https://sync.bfmio.com/sync?pid=179&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
0
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=179&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=bcc1ce09-7963-4ec7-c219-22911d192fd5&gdpr=0&gc=&gce=1&us_privacy=1---&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
52.23.48.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-48-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:53 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=179&uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005
date
Mon, 29 Jan 2024 01:00:54 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
um
sync.e-planning.net/ Frame 536F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=49&redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BuserId%7D%26dc%3D0abbcb4eba840e59%26fi%3D650e9f26e182b7eb
  • https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.e-planning.net/um?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&dc=0abbcb4eba840e59&iss=1
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D650e9f26e182b7eb
  • https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=650e9f26e182b7eb&ev=1&us_privacy=${us_privacy}&pid=562965
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=650e9f26e182b7eb&ev=1&us_privacy=${us_privacy}&pid=562965
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://u-iad04.e-planning.net/um?uid=H8rkIRuldlvq&dc=66b7ef4184d94c10&fi=650e9f26e182b7eb&ev=1&us_privacy=${us_privacy}&pid=562965
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
pbs.gif
sync.admanmedia.com/ Frame 536F 		9 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D650e9f26e182b7eb%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:54 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 536F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:53 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 27 Jan 2029 01:00:53 GMT
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D650e9f26e182b7eb%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=650e9f26e182b7eb&uid=460bad56-ba86-4057-96df-cd3eb47a1283
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=650e9f26e182b7eb&uid=460bad56-ba86-4057-96df-cd3eb47a1283
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=650e9f26e182b7eb&uid=460bad56-ba86-4057-96df-cd3eb47a1283
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 536F 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:53 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 27 Jan 2029 01:00:53 GMT
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D650e9f26e182b7eb%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=17750400e610108b&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=650e9f26e182b7eb&uid=AAAHJEC4Nl3ETQMCtJ60AAAAAAA&expiration=1706576454
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=650e9f26e182b7eb&uid=AAAHJEC4Nl3ETQMCtJ60AAAAAAA&expiration=1706576454
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=650e9f26e182b7eb&uid=AAAHJEC4Nl3ETQMCtJ60AAAAAAA&expiration=1706576454
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D650e9f26e182b7eb
  • https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=650e9f26e182b7eb
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=650e9f26e182b7eb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=d9eb6a8a-a0c0-4a0c-a489-1zz1706489940&dc=fabfd6762b833237&fi=650e9f26e182b7eb
date
Mon, 29 Jan 2024 00:59:12 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D650e9f26e182b7eb%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=650e9f26e182b7eb&uid=569908430852131164
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=650e9f26e182b7eb&uid=569908430852131164
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
an-x-request-uuid
b942a0e5-0dda-414b-a654-043c4ee600fc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=650e9f26e182b7eb&uid=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D650e9f26e182b7eb%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=650e9f26e182b7eb&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=650e9f26e182b7eb&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-110
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=650e9f26e182b7eb&uid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3D650e9f26e182b7eb%26uid%3D
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=650e9f26e182b7eb&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=650e9f26e182b7eb&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=650e9f26e182b7eb&uid=caa0bec4-bd37-40ab-b247-e235d4b0c6c0
date
Mon, 29 Jan 2024 01:00:54 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D650e9f26e182b7eb%26uid%3D%24UID&partner=eplanning
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTN...
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D343983%26t%3Dimage%26uid%3D
  • https://sync.adkernel.com/user-sync?zone=176971&dsp=343983&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
  • https://ssp.disqus.com/match?bidder=27&buyeruid=A4495936762966581276&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NG...
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubm...
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=650e9f26e182b7eb&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=650e9f26e182b7eb&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=650e9f26e182b7eb&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame 536F
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&dc=769fefa8321c94fb&iss=1
date
Mon, 29 Jan 2024 01:00:54 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-iad04.e-planning.net/um?uid=csuid_0983445b-869a-4a0c-bbfb-ec07905c489b&dc=b337141cfdc8cf59&fi=650e9f26e182b7eb
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=csuid_0983445b-869a-4a0c-bbfb-ec07905c489b&dc=b337141cfdc8cf59&fi=650e9f26e182b7eb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=csuid_0983445b-869a-4a0c-bbfb-ec07905c489b&dc=b337141cfdc8cf59&fi=650e9f26e182b7eb
date
Mon, 29 Jan 2024 01:00:54 GMT
server
fasthttp
content-length
0
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3D650e9f26e182b7eb
  • https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=650e9f26e182b7eb
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=650e9f26e182b7eb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=4059c788-c609-458d-bd4a-2742a3475cda&dc=d015773253e1640b&fi=650e9f26e182b7eb
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
x.bidswitch.net/ Frame 536F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=82ce5fbb-faf3-47ec-acb9-51ab4b739685&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Deplanning%26...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=eplanning&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=437&ssp=eplanning&user_id=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://x.bidswitch.net/sync?dsp_id=437&ssp=eplanning&user_id=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3D650e9f26e182b7eb
  • https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=650e9f26e182b7eb
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=650e9f26e182b7eb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=o0sIVghABe0h&dc=98bd04598763300f&fi=650e9f26e182b7eb
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
um
u-iad04.e-planning.net/ Frame 536F
Redirect Chain
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_us...
  • https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=650e9f26e182b7eb
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=650e9f26e182b7eb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=ym_user_98517b9f-fb41-4f41-9498-996f8a657350&dc=dbfd729d40c9c3fc&fi=650e9f26e182b7eb
access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
um
sync.e-planning.net/ Frame 536F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://sync.targeting.unrulymedia.com/csync/RX-4949403a-4567-4413-86a8-64a4c6123dda-005?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4949403a-4567-4413-86a8-64a4c6123dda-005%26dc%3Dfc74...
  • https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005&dc=fc741bbdfeedcd57&iss=1
date
Mon, 29 Jan 2024 01:00:54 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4949403a4567441386a864a4c6123dda005
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame B2D8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:54 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:54 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB9C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D650e9f26e182b7eb%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48081
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:54 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame DF72 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f083104b048718bc1d67594495d8001c49975ab9af465fedb1a1d74b1ec7365

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a76aace74a4-MIA
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 01:00:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnR%2BdxtCP5trztBozkleybxmivT5j3juiLYtDxsZ2p76vc4lOeGpLcZyGvyPxqUzjbozVCamYL%2BDBc82Ui%2FFCgvkvNq%2B8sdIkQozw%2BUSO4q4Naz8rzHS%2FwlntS%2FFtCFi%2FdGng2Oi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Qs4zwXxyRjdqNjk5bm1OaVp2M2pPUVg4SXJKZnJMTHVBY25NbHB5dnZ0Yk5tZTdXaGJ6T3NIYjdpd1ZSNThDU3hKMDVqYm4xS09mYTJqUExHbVB0SEVwZFYvd2IzcUJoWjVzeFZ6THMrVEtDT25jOEVveWdYRjYyS3IxZkdjZUdVMFZLZmJIZWVFN2wvRVZJS0NPOTI2ZzdZZWh6RkxCTTBrYzlsbkx5NVlxRksyOTZLZ0NjOGlZclk5Ti9vbG9uL3BnWm1VNjN0MVRPRGNSc1RtMUYwdTBDc001Z2xjaUZXRGFFcGV5cVppMkJkNFFROWNHelNDY2NwVGZ4RWQ3QXhIM3kyV2FzNWQ2Q3J5b1RSemxpcFVhRnRKNGJtUCtYbU9QRTZ5a01Kc0M1UVlhZz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 29 Jan 2024 01:00:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
410465
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 9536 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
an-x-request-uuid
9162764e-ebe4-41c5-aca9-d0d24c3687f0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 9249 		33 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
dab67af45245b444a66717dcbe90d8d91367c61d8846c00f768fc622a294c4e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Mon, 29 Jan 2024 01:00:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
ssc-cms.33across.com/ps/ Frame BCB7 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?_=1706490054179.&ri=0010b00002T3JniAAF&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:53 GMT
server
33XP019
match
events-ssc.33across.com/ Frame BCB7
Redirect Chain
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1706490054179.2%26us_privacy%3D%26xu%3D%5BPUID%5D
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1706490054179.2&us_privacy=&xu=0c76e7f2-ba47-446a-abb1-da8b922c46d6
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=0c76e7f2-ba47-446a-abb1-da8b922c46d6&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=0c76e7f2-ba47-446a-abb1-da8b922c46d6&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=0c76e7f2-ba47-446a-abb1-da8b922c46d6&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame BCB7
Redirect Chain
  • https://cs.mobfox.com/4601c426c7c74dd7172eb80111ccb2bf.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D126%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=b060a4b1-4f5b-46cb-a377-2057d65cc65b
  • https://events-ssc.33across.com/match?bidder_id=126&external_user_id=b060a4b1-4f5b-46cb-a377-2057d65cc65b&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=126&external_user_id=b060a4b1-4f5b-46cb-a377-2057d65cc65b&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=126&external_user_id=b060a4b1-4f5b-46cb-a377-2057d65cc65b&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame BCB7
Redirect Chain
  • https://match.deepintent.com/usersync/149?us_privacy=
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=75&xu=di_3a32b05a45c5481c88778
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&xi=75&xu=di_3a32b05a45c5481c88778
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:54 GMT
server
33XP014

Redirect headers

location
https://ssc-cms.33across.com/ps/?us_privacy=&xi=75&xu=di_3a32b05a45c5481c88778
date
Mon, 29 Jan 2024 01:00:53 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
match
events-ssc.33across.com/ Frame BCB7
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43963&callback_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D124%26ts%3D1706490054179.5%26us_privacy%3D%26xu%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43963&callback_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D124%26ts%3D1706490054179.5%26us_privacy%3D%26xu%3D%24%7BUSER_ID%7D&crf=1&rts=5737...
  • https://ssc-cms.33across.com/ps/?xi=124&ts=1706490054179.5&us_privacy=&xu=f8b04070-229a-521d-b7ea-3719d25ccfdf
  • https://events-ssc.33across.com/match?bidder_id=124&external_user_id=f8b04070-229a-521d-b7ea-3719d25ccfdf&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=124&external_user_id=f8b04070-229a-521d-b7ea-3719d25ccfdf&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=124&external_user_id=f8b04070-229a-521d-b7ea-3719d25ccfdf&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame BCB7
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=78&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D125%26ts%3D1706490054179.6%26us_privacy%3D%26xu%3D%5Bssb_sy...
  • https://ssc-cms.33across.com/ps/?xi=125&ts=1706490054179.6&us_privacy=&xu=2405212159101885593
  • https://events-ssc.33across.com/match?bidder_id=125&external_user_id=2405212159101885593&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=125&external_user_id=2405212159101885593&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:53 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=125&external_user_id=2405212159101885593&ts=1706490054&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame BCB7
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1706490054179.7
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=f5c2153d-a7ef-4252-a851-b13887473ee8
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=f5c2153d-a7ef-4252-a851-b13887473ee8
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 29 Jan 2024 01:00:54 GMT
server
33XP020

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:24 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=f5c2153d-a7ef-4252-a851-b13887473ee8
cache-control
private,no-cache
content-length
215
expires
-1
/
onetag-sys.com/usync/ Frame 77DA 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 536F 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:44:11 GMT
content-encoding
gzip
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
55004
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
pEmxcntcTsP4Ht7iwg6J0YDCUNQ25YxmZs_K-mwBFudlOUCBBuzlJg==
15581
rtb.gumgum.com/usync/ Frame 3AF6 		2 KB
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.212.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-212-230.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3c22d0387bdd46730c40b2f88db75192a7713159f2d68b40b62605d7783be0b5

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 01:00:54 GMT
etag
W/"083efc6aaddb8895d8ea1376131933c1a"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 551D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
5f750004918e4b5d09644d61380d8feb4b8ee51e035ff8e5f42dbbb676c0b110

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1373
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 01:00:54 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user-sync
sync.adkernel.com/ Frame 65EC 		828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D650e9f26e182b7eb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
71c1573ac13fc303a024fb236f1c0b3af8877b50fd7dc671649545b19f2c6641

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
828
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 01:00:54 GMT
Server
nginx
csync
sync.adtelligent.com/ Frame 9FDA 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKPdkJk4iTC0COCr&traffic_source=snippet&session=85AD5D56E244B17B&sp=852559&pb=753264&c=484122&a=307971&domain=https://nypost.com
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D85AD5D56E244B17B%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnypost.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:53 GMT
Etag
6fc9875509c021ac
Server
Adtelligent
crum
dsum-sec.casalemedia.com/ Frame DF72
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=882424164061&us_privacy=1---
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=882424164061&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Out%2FfFQgZvN7CpczCu5YSWKG0DlYtJQYlWGI6hddJCMJ4s3cHqZBjmDVbCnO7z2cMitO%2Fg7WrUkgdg%2F%2F8cxL0rqBZEbzwfV40%2FlSmd26lwkSc1C4WxCX5hpcQR%2BSgswyIwga9IVdVJxm4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a782e4c74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=882424164061&us_privacy=1---
Content-Length
0
ibs:dpid=23728&dpuuid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
dpm.demdex.net/ Frame DF72 		42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-200-15.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-03f885568.edge-va6.demdex.com 4 ms
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
IyGqbmUoTrk=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
ium
dsum-sec.casalemedia.com/ Frame DF72
Redirect Chain
  • https://id.rlcdn.com/711587.gif
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
0
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3egs4DkJCmDbiJGWODzYnkK4qtVTvOfFaoYPr6y4wFpn5oRsszssW0IReKSXjs4iPkMfrjkceejyTQq4USJD5ogZbJOMDKiFmpn4GYFJ7A43Quuwqmla6%2B%2FrVqaAKb%2BL4vPgBrQSQGDvmg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
cf-ray
84cd8a779d2774a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Mon, 29 Jan 2024 01:00:54 GMT

Redirect headers

date
Mon, 29 Jan 2024 01:00:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame DF72
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2405212159101885593&gdpr=0&gdpr_consent=
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2405212159101885593&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM7XYIwCKR%2BI209n1PNLn4HPyMjDB7mYXPmxC1mBXAie2%2Fm5h098AXuD%2BcYiyt%2BNSejz%2BIsylsvusnwS6BZ3wdQJrU1BIYxQqowl32bCYMKCP8dzQeaF7%2FGw9SCVXMjrEVdcT8GPSXI%2BAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a778d0474a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2405212159101885593&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:53 GMT
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame DF72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Fpv207A9DBm8dB1sf4knSpsTVq6uWlDJlQnSxuY%2FtdX6z5K97Hv8R4YX8VaPOiDaPynvV1GVGDbrVKqaS%2BnFlZhOpwp8K3aNoj3Rbk43%2BHjECeFcPRI6hFmoutPMYIJSmLrNNe7nlAKNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a778d1c74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
capi.connatix.com/us/ Frame DF72 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&pId=17&gdpr_consent=&us_privacy=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a7729bd67b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DF72
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame DF72 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0DF3JEJQNM349087DKV7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
um
u-iad04.e-planning.net/ Frame DF72 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=650e9f26e182b7eb&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif
auction
prebid-server.rubiconproject.com/openrtb2/ Frame D367 		209 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
837bf494ff8a6bd2a0e4982137744325c941dfad2fca20f2bff245513ddb838a

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.8.0
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
191
Expires
0
um
u-iad04.e-planning.net/ Frame 52B2 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=650e9f26e182b7eb&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
server
openresty
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=210aed4c-1290-40df-ade0-996605a0ba01&dongle=31ac&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=210aed4c-1290-40df-ade0-996605a0ba01&dongle=31ac&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=210aed4c-1290-40df-ade0-996605a0ba01&dongle=31ac&gdpr=0&gdpr_consent=
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58382/ Frame 551D 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58382/sync?uid=264943876892460233441&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6126&xuid=5a8e7a58-5360-4042-bd21-3b1e486462a2&dongle=9e4f&gdpr
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6126&xuid=5a8e7a58-5360-4042-bd21-3b1e486462a2&dongle=9e4f&gdpr
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6126&xuid=5a8e7a58-5360-4042-bd21-3b1e486462a2&dongle=9e4f&gdpr
date
Mon, 29 Jan 2024 01:00:54 GMT
server
_
content-length
0
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://event.hgrtb.com/sync/triplelift?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmfuid%26dongle%3D8f7
  • https://eb2.3lift.com/xuid?mid=7666&xuid=33e7505c-b727-4569-98b9-11a06ab4e987&dongle=8f7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7666&xuid=33e7505c-b727-4569-98b9-11a06ab4e987&dongle=8f7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7666&xuid=33e7505c-b727-4569-98b9-11a06ab4e987&dongle=8f7
date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
119
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7414&xuid=969751697415783635&dongle=U48
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7414&xuid=969751697415783635&dongle=U48
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=7414&xuid=969751697415783635&dongle=U48
Date
Mon, 29 Jan 2024 01:00:54 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3DH8rkIRuldlvq%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=H8rkIRuldlvq&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=H8rkIRuldlvq&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://eb2.3lift.com/xuid?mid=2636&xuid=H8rkIRuldlvq&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://trc.taboola.com/sg/TripleliftSCoD/1/cm?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7772%26xuid%3D%3CTUID%3E%26dongle%3Dtbla
  • https://eb2.3lift.com/xuid?mid=7772&xuid=5233d684-7765-4388-8fce-f79bbabc6716-tuctcb07e3c&dongle=tbla
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=5233d684-7765-4388-8fce-f79bbabc6716-tuctcb07e3c&dongle=tbla
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-vcl-time-ms
32
date
Mon, 29 Jan 2024 01:00:54 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760041-MIA
server
nginx
x-timer
S1706490054.382851,VS0,VE32
x-fastly-to-nlb-rtt
30836
x-cache
MISS
location
https://eb2.3lift.com/xuid?mid=7772&xuid=5233d684-7765-4388-8fce-f79bbabc6716-tuctcb07e3c&dongle=tbla
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3De31d6ac8-1779-4c98-ab2c-af9179c39dfe%26dongle%3Dc7e1
  • https://eb2.3lift.com/xuid?mid=3396&xuid=e31d6ac8-1779-4c98-ab2c-af9179c39dfe&dongle=c7e1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3396&xuid=e31d6ac8-1779-4c98-ab2c-af9179c39dfe&dongle=c7e1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3396&xuid=e31d6ac8-1779-4c98-ab2c-af9179c39dfe&dongle=c7e1
date
Mon, 29 Jan 2024 01:00:54 GMT
content-length
0
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7354&xuid=6499456437357126316&dongle=AD20&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=6499456437357126316&dongle=AD20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eb2.3lift.com/xuid?mid=7354&xuid=6499456437357126316&dongle=AD20&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
xuid
eb2.3lift.com/ Frame 551D
Redirect Chain
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_3a32b05a45c5481c88778&dongle=fg7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7596&xuid=di_3a32b05a45c5481c88778&dongle=fg7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7596&xuid=di_3a32b05a45c5481c88778&dongle=fg7
date
Mon, 29 Jan 2024 01:00:53 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
um
sync.e-planning.net/ Frame 551D 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=264943876892460233441&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 3AF6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=88e886e9-2b0c-4be8-9a28-1dc6fd71d148
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 3AF6
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_3a32b05a45c5481c88778
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 3AF6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_409f2738-bb72-42b8-beec-9dce4873490b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=FGMyRixu_DgVHyivxn3d
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3AF6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Date
Mon, 29 Jan 2024 01:00:54 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3AF6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-j4ndk
expires
-1
usersync
usersync.gumgum.com/ Frame 3AF6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 29 Jan 2024 01:00:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-RkllMDdE2pdTtKrIPXNYd2tH5KI0j8MM6Tdy~A
content-length
0
um
sync.e-planning.net/ Frame 3AF6 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=650e9f26e182b7eb&uid=u_409f2738-bb72-42b8-beec-9dce4873490b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame DAE6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 29 Jan 2024 01:00:54 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6499456437357126316&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usync.html
eus.rubiconproject.com/ Frame A631
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:54 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame CDA9 		170 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80MDlmMjczOC1iYjcyLTQyYjgtYmVlYy05ZGNlNDg3MzQ5MGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 01:00:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 6A9B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Mon, 29 Jan 2024 01:00:54 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=41e24d93-d54c-44df-8e10-335978a5e3ce
server
Kestrel
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490054316&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=5&d5=7&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:14 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		103 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=7&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*R_0lW1BZBrs06_9PJCB_7LhT9WLEwXI1qFh8rOqtc9yALVN6CVtuDHO1nscCY1d_gC6uajQpJKKpzTo1l3lQlQ%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
37daea9e7b6162f298cabd21a4c4a838090264fbf6bfed5b30c5ce3e2a18e708

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:53 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
103
x-amz-cf-id
hXP40yB3DJh-n7scyua9ZPOqcg9euKxgryHQUCtDVc1bFt9C64Co6Q==
setuid
rtb.adxpremium.services/ Frame 4C60
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=264943876892460233441
0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=264943876892460233441
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:54 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=264943876892460233441
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
692.json
id5-sync.com/g/v2/ Frame 9249 		625 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
7508406b13ba0d55cdb2a2275cb9fe8aad9ad3da18355acb46d547f4fb6d675e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Mon, 29 Jan 2024 01:00:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame B2D8 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76172
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
um
u-iad04.e-planning.net/ Frame 4321 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=650e9f26e182b7eb&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D650e9f26e182b7eb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
server
openresty
usync.html
eus.rubiconproject.com/ Frame 7FEB 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:54 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
um
u-iad04.e-planning.net/ Frame 65EC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D343983%26t%3Dimage%26uid%3D
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f
  • https://ssp.disqus.com/match?bidder=27&buyeruid=A4495936762966581276&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NG...
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubm...
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=650e9f26e182b7eb&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=650e9f26e182b7eb&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D650e9f26e182b7eb
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Jan 2024 01:00:54 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=650e9f26e182b7eb&uid=ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
cache-control
no-store
content-length
0
expires
0
user-sync
sync.adkernel.com/ Frame 65EC
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D650e9f26e182b7eb
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:54 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:54 GMT
an-x-request-uuid
9632bbcd-1569-41d4-be2c-d41711f11f89
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CA64
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel
  • https://eus.rubiconproject.com/usync.html?p=adkernel
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adkernel
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D650e9f26e182b7eb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:00:54 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 29 Jan 2024 01:00:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=adkernel
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame A631 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76172
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
usync.js
eus.rubiconproject.com/ Frame 7FEB 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76172
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
khaos.json
token.rubiconproject.com/ Frame A631 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b08c627b67f10e75995ce6908d3f9f7b
Expires
0
khaos.json
token.rubiconproject.com/ Frame B2D8 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5e07703167439847c6c49a939083c0fd
Expires
0
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490054587&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=6&d5=7&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:14 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		103 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=8&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*R_0lW1BZBrs06_9PJCB_7LhT9WLEwXI1qFh8rOqtc9yALVN6CVtuDHO1nscCY1d_gC6uajQpJKKpzTo1l3lQlQ%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
3eeb480f0a0a62b58023cdc4db49dc1203084cc63144adf05a607b10c24788ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
103
x-amz-cf-id
hgGol5S3gGm1C6-uAh-cp4cstRKfyX0s_VqGshBXmIY7_VlfNNYAwA==
prebid.gif
as.ck-ie.com/ Frame 4C60 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Jan 2024 01:00:54 GMT
Content-Type
text/plain
usync.js
eus.rubiconproject.com/ Frame CA64 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adkernel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adkernel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 22:10:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76172
Connection
keep-alive
Content-Length
10900
Expires
Mon, 29 Jan 2024 22:10:26 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame D367 		209 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
0d28275873fb6306d7c674b0fa597cda0f39313f44e8e5949ca03a65a69e14a0

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.8.0
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
189
Expires
0
khaos.json
token.rubiconproject.com/ Frame CA64 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRY83WXS-13-DGE9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 29 Jan 2024 01:00:54 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 5AFC 		11 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490054827&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=7&d5=8&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:15 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		103 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=9&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*R_0lW1BZBrs06_9PJCB_7LhT9WLEwXI1qFh8rOqtc9yALVN6CVtuDHO1nscCY1d_gC6uajQpJKKpzTo1l3lQlQ%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
a70bc1126f01d9372c2a260a3f9a74fba3c38f316bf0caae8f19ac63857dfd9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:54 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
103
x-amz-cf-id
7ijJgIiFcPPOZ5_C4Czb9uBi7uM4leGD_v7wXBkYULensh1v2ua4zg==
um
u-iad04.e-planning.net/ Frame 65EC 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?uid=A4495936762966581276&dc=eba3ecb667ab30ab&fi=650e9f26e182b7eb
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D650e9f26e182b7eb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Mon, 29 Jan 2024 01:00:54 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 6A3E 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 29 Jan 2024 01:00:54 GMT
etag
W/"a9290c6b5f8c75ebc321b414a16a5c2a"
last-modified
Tue, 12 Dec 2023 09:09:26 GMT
server
CDN77-Turbo
vary
Accept-Encoding Accept-Encoding
x-77-age
384779
x-77-cache
HIT
x-77-nzt
AyUTzgQ3NzfvC98FAJySO983NzexbT1aAhPEcQA
x-77-nzt-ray
8e305f1cef5a6fa5c6f8b66505193738
x-77-pop
ashburnUSVA
x-accel-date
1706105275
x-accel-expires
@1707142075
x-age-lb
384779
x-amz-request-id
tx00000233c775c208f3c08-0065b119bb-2bae485-prg
x-amz-storage-class
STANDARD
x-cache-lb
HIT
x-rgw-object-type
Normal
setuid
user-sync.adxpremium.services/ Frame 4C60
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
86 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SCvEdZ8MGXJukOZBDkQhM%2BruLqB06QcPHiW3K5yWU%2FcXDnFSr1hv6Vm%2BZ2ps%2FamDEOKpomgJFmOdQq%2FTEcTNF3UcSiuSCViyym7C2a3KlwS%2BfjIa6eHFzkDHvGOQtHP6KZ7bXDb"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
cache-control
no-cache
cf-ray
84cd8a7beda274a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 536F 		155 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 01:48:59 GMT
via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
83517
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
sCjry5CZ3TIpJKQTa97VWrFuCFJGfmzKBnb5RU7dCmxVBtiAD9jOeA==
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 6A3E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Mon, 29 Jan 2024 01:00:55 GMT
content-encoding
gzip
x-age-lb
216193
x-amz-request-id
tx00000338a9d38d48655a4-0065b3ac46-2bbae03-prg
x-77-cache
HIT
x-amz-storage-class
STANDARD
x-accel-date
1706273862
x-77-nzt
AyUTzgQ3Nzf/gUwDALk73xQ3NzexWbu8qRkRtwA
x-accel-expires
@1707310662
x-77-age
216193
x-cache-lb
HIT
last-modified
Tue, 26 Dec 2023 20:45:55 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
atime:1703619207/ctime:1703619207/gid:1000/gname:federicoi/md5:d0bbf411bc053227f208739885ca90c0/mode:33204/mtime:1703619207/uid:1000/uname:federicoi
etag
W/"d0bbf411bc053227f208739885ca90c0"
x-77-nzt-ray
8e305f1c655467dac7f8b665db68cf04
vary
Accept-Encoding, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame D367 		37 B
598 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=435540
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0fe063e3d3849b171e5b7108b7e7145b302bfac3c091ef886a34f26333631e

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7eMVT1pMxutPWrNCH4MMjt9ocb5K0ZWiyhAQIvAEr6rcT0mgFDv1mm1xhd2UC8LyoxrTbakAq9P4uoRgIOPifhjhyguS%2FwXMub4ums57eNRA1%2BGavMrmN4fOysk45lYbXmvYsOq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84cd8a7c2e3a74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
data
bcp.crwdcntrl.net/6/ Frame 536F 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
306ecaa955d928a28e9392798238b396db21cfa1f58daf69648bf7a4209e0d68

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.40.2.136
access-control-allow-credentials
true
content-length
260
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame D367 		37 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=620444
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afffe2cc10dac0c40aa6826dba4ad633aae7e77e558ae982b85cf91de8faafa

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BvgglEcTX%2FPXFyXut9MsWDw23xR8IG%2FP53W9ZdJixdPpmDCLKhjdxNRfb4o7GSmgStexye4awBMd2qSXMXPI87SrywyoWwoRGsdEnFzgBIRSvnjoJ9Mi9bKgXEdU0zN5pkYP6fe"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84cd8a7c8f5574a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 50BC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
81104
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 28 Jan 2024 02:29:12 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-id
FSNicAz49g7KuZzb7jwGC7tIV-idYExtd3ldQ9EaB9wg_4pONR2G4A==
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=6499456437357126316
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=6499456437357126316
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a7e2aaa21c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=6499456437357126316
date
Mon, 29 Jan 2024 01:00:55 GMT
server
nginx
content-length
0
content-type
text/plain
async_usersync
ib.adnxs.com/ Frame 9536 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
an-x-request-uuid
037135cc-e185-4def-8f46-4f72c05fc176
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490055245&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=8&d5=8&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:15 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		104 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=10&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*R_0lW1BZBrs06_9PJCB_7LhT9WLEwXI1qFh8rOqtc9yALVN6CVtuDHO1nscCY1d_gC6uajQpJKKpzTo1l3lQlQ%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
317d02f9e41448739ff01860ad45238957bc436bdbabac0b51195a98bae98303

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
104
x-amz-cf-id
ElUrKn0uwdKeNBQ54yDm_hp6eTPWHxynmyNynOon97dbm9v2XCTaAw==
ixmatch.html
js-sec.indexww.com/um/ Frame 038A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
611
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84cd8a7d8cb65c82-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 01:00:55 GMT
expires
Mon, 29 Jan 2024 05:00:55 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7AAB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48080
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:55 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
elb.the-ozone-project.com/ Frame F6DC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212440012054719
0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212440012054719
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84cd8a7facb121c7-MIA
content-length
0
date
Mon, 29 Jan 2024 01:00:55 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 29 Jan 2024 01:00:54 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212440012054719
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000A
translator
hbopenbid.pubmatic.com/ Frame D367 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
usermatch
ssum-sec.casalemedia.com/ Frame 7A67 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3639fb54f429b51233e7fb921bb90fbdfa504e5f47defca07be1c3cd8eb8a79

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84cd8a7f7df274a4-MIA
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 01:00:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeDA9w3p7Ov45U8LakZQAE1LSPNCty4EbBzneEjzYPaW%2FC6APslrmRQYpbcJhTEhrk2eI2nFx0BqOJGva0mXMaMOOOBz%2Fp6L%2B1ZnPDMliTRRmLqhb6lbe82LakmAKVZla7vfys%2FYI%2FhKCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixels
bcp.crwdcntrl.net/ Frame 70F5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4603b5b5ea6fe474da6dd85404c1d429c635b5022292fbc9a47bd34add7635d4

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
1273
content-type
text/html
date
Mon, 29 Jan 2024 01:00:55 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.7.56
setuid
user-sync.adxpremium.services/ Frame 4C60
Redirect Chain
  • https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=IEdcARZHXsIbyiq9SwayWrz3
86 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=IEdcARZHXsIbyiq9SwayWrz3
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=IEdcARZHXsIbyiq9SwayWrz3
access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
2981
tags.bluekai.com/site/ Frame 70F5
Redirect Chain
  • https://pixel.onaudience.com/?mapped=5f72766870583b8c82c87eabd99f6997&partner=104&gdpr=0
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-OP_q8g5E2pTIgeUESTubwSKPDmKxbrLvFA--~A&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=aa4d1cb88e3054ea
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=ZnJGd21lSVM5OU83WGZqaw%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMRQZkFzDMXZKfj0vi6apaE&google_cver=1
62 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMRQZkFzDMXZKfj0vi6apaE&google_cver=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
23.197.109.53 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-109-53.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 29 Jan 2024 01:00:56 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMRQZkFzDMXZKfj0vi6apaE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utsync.ashx
ml314.com/ Frame 70F5 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=5f72766870583b8c82c87eabd99f6997&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0,Tue, 30 Jan 2024 01:00:55 GMT
g.json
aa.agkn.com/adscores/ Frame 70F5 		129 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-26.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
67b7943bf8068c3c2f8b509b6725d332935f6ff70d45b745fcb270336563999f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
via
1.1 0112af6219abab80a1c298e0563cf966.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
129
x-amz-cf-id
ThfTbWNSNTl1VNvR4b7xa5qvcn73Ctl3z6s-Ufi27mHacIiAxvgN9g==
expires
0
match
ps.eyeota.net/ Frame 70F5 		70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=51mdg9u&uid=5f72766870583b8c82c87eabd99f6997&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.232.64.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-64-79.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 29 Jan 2024 01:00:55 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
rand=559488885
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/ Frame 70F5
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=559488885
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/rand=559488885
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/rand=559488885
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.123
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
an-x-request-uuid
f33c30ff-6efe-47ea-a169-5b9f96974628
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=569908430852131164/gdpr=0/rand=559488885
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ltm
audex.userreport.com/sync/put/ Frame 70F5 		43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audex.userreport.com/sync/put/ltm?ltmid=5f72766870583b8c82c87eabd99f6997
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.52.66 -, , ASN (),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:55 GMT
Via
1.1 41958139e7d828579c6466c1ce1c7b26.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
MIA3-C3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
pU0djMVaNuLAdpIDLs_ZfFcnWBYCNSPpPhfKDOaWxGz7s_t4VLMLgA==
setuid
user-sync.adxpremium.services/ Frame 934D 		86 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 29 Jan 2024 01:00:55 GMT
crum
dsum-sec.casalemedia.com/ Frame 7A67
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=cfd08bcc-90eb-4708-b389-0707c71d75d8&expiration=1738112456
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=cfd08bcc-90eb-4708-b389-0707c71d75d8&expiration=1738112456
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfPnuwHZYUJ12FFRCwKxtihTC9gF8%2FpZuC%2BMI7NcC1Ypx8DJUUimyAAFe6bE1lDWAyPKmkxXJq%2FCeESeE1FIxhFN3fdYbnUHEO3CrG7lW0g7ynlcaL2pYVvV5ZVTzVZL3dkPG%2Fc%2BQOKrlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a86acf374a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=cfd08bcc-90eb-4708-b389-0707c71d75d8&expiration=1738112456
Date
Mon, 29 Jan 2024 01:00:56 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7A67 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame 7A67
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlHWth%2FUIlGTGQ6OTjdwzQNpyeK5WlspVPwOEIMi%2F%2FBFFjkviIcoGyRq2xd6yhTpR%2B84bsKuB8%2BfQruPkNB%2FbxRUK78hYbjY5G5WXbMlK7Cow8fVEowdCngBTe%2BSexsRxsJTQ2dbiWkuVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84cd8a805f9e74a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBggd60P0MC3JmmfJoPDPL4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixie
jelly.mdhv.io/v4/ Frame 7A67
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7275493187359501348&redirectID=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1580%26userId%3D$UID&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=264943876892460233441
  • https://jelly.mdhv.io/v4/pixie?
0
0
Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7A67
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
date
Mon, 29 Jan 2024 01:00:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tp_out
d.adroll.com/cm/index/ Frame 7A67 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:7278:7d7c:f993:dad2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
pixel
capi.connatix.com/us/ Frame 7A67 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&pId=17&gdpr_consent=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84cd8a7ff82567b6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
dcm
s.amazon-adsystem.com/ Frame 7A67 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N2YSV061WFW0JPT024KH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7A67 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Zbb4t.4rlh.cZ2F6j5eVAQAA%261589=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:55 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
58807
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84cd8a7ff8b05c82-MIA
content-length
43
expires
Tue, 30 Jan 2024 01:00:55 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F9E2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1---
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.184.187 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-184-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48080
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 29 Jan 2024 01:00:55 GMT
expires
Mon, 29 Jan 2024 14:22:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_p...
  • https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=VEUOBrrWWOrhYC5oqQHd&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=VEUOBrrWWOrhYC5oqQHd&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a811ee021c7-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=VEUOBrrWWOrhYC5oqQHd&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
translator
hbopenbid.pubmatic.com/ Frame D367 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Mon, 29 Jan 2024 01:00:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
setuid
user-sync.adxpremium.services/ Frame 3BCC 		86 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 29 Jan 2024 01:00:56 GMT
setuid
rtb.adxpremium.services/ Frame 4C60
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1---
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LRY83WXS-13-DGE9&us_privacy=1---
86 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LRY83WXS-13-DGE9&us_privacy=1---
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:00:55 GMT
Server
nginx
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LRY83WXS-13-DGE9&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
gdpr=0
sync.crwdcntrl.net/map/c=368/tp=TARG/tpid=214390604776000554849/ Frame 70F5 		49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=368/tp=TARG/tpid=214390604776000554849/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=89%2C61%2C8%2C49%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.50
content-length
49
expires
0
dc_oe=ChMIxKeh5rKBhAMV3yyICR0IuAwXEAAYACD27cBFQhMI_fTH5LKBhAMVTC1oCB1G_g_-;dc_eps=AHas8cCmKCGJU7QJJ8t2srROR5lQCH4xOX6b_yGyq6P2arMbBeD8nfqL4duebErItD46hGfdiSS_SwTziQ;met=1;&timestamp=1706490055909;e...
ade.googlesyndication.com/ddm/activity/ Frame C9CD 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxKeh5rKBhAMV3yyICR0IuAwXEAAYACD27cBFQhMI_fTH5LKBhAMVTC1oCB1G_g_-;dc_eps=AHas8cCmKCGJU7QJJ8t2srROR5lQCH4xOX6b_yGyq6P2arMbBeD8nfqL4duebErItD46hGfdiSS_SwTziQ;met=1;&timestamp=1706490055909;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=IEdcARZHXsIbyiq9SwayWrz3
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=IEdcARZHXsIbyiq9SwayWrz3
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a8208be21c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=IEdcARZHXsIbyiq9SwayWrz3
access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
setuid
user-sync.adxpremium.services/ Frame 4C60
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6499456437357126316
86 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6499456437357126316
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:56 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6499456437357126316
date
Mon, 29 Jan 2024 01:00:56 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%...
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a82da4521c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=70bc553d-17ec-422b-a7ac-eeeb5ec1c02b&gdpr=0
date
Mon, 29 Jan 2024 01:00:56 GMT
content-length
0
prebidjs
rtb.openx.net/openrtbb/ Frame D367 		53 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
eec6956d2d7c0267248ac42ab63591c5ffc8dc814534a5ad9ad6bcb2e84ab868

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:56 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a842c7121c7-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06xdDjfQBGEjoo4ZGhu2QpzPHOa%2F4HVw2zVUM3LR8l%2BsxDqUQ6ay9AP3dd0wCwBzhbwFOA8JYS8TiMKX3%2Fit1MlRCCXhuNESl5ByR019yo9eTtsOXCy0eoZzwUhZiDnZbXEImltM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Zbb4t.4rlh.cZ2F6j5eVAQAA%261589
cache-control
no-cache
cf-ray
84cd8a835dc874a4-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
track
track4.aniview.com/ Frame 5AFC 		0
145 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track4.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=nypost.com&rs=nypost.com&sid=67399&t=1706490044&cip=38.132.118.73&sn=770&tgt=0&osv=10&bv=120.0&brn=Chrome&wi=728&he=409&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&d64=ca124b9151419b19b0ad986e6d2596ce&d63=ca124b9151419b19b0ad986e6d2596ce&aafaid=&proto=https&uid=1706490044009-172030175079-000676-010-006630&cha=0.7&stagid=&stplid=&d35=&d36=6.2.166&cb=74457843611&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd1=AR_3%23FMS_PS_1&cd2=11741-89554-88301&cd3=5192495&cd4=footer&cd5=11741-89554-88301%2C12756-90591-90592%2C12838-0-%2C13002-93668-0%2C12495-0-&d9=0000&d37=realtime&AV_WIDTH=728&AV_HEIGHT=409
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
v1
prg.smartadserver.com/prebid/ Frame D367 		0
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.131 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ Frame F09B 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 01:00:56 GMT
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=569908430852131164
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=569908430852131164
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a851e2421c7-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
an-x-request-uuid
13eb8af9-a9cd-49a8-a137-413637c3ff3b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=569908430852131164
x-proxy-origin
38.132.118.73; 38.132.118.73; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=460bad56-ba86-4057-96df-cd3eb47a1283
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=460bad56-ba86-4057-96df-cd3eb47a1283
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a85ef4521c7-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=460bad56-ba86-4057-96df-cd3eb47a1283
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
cm-notify
creativecdn.com/ Frame C3B8 		42 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creativecdn.com/cm-notify?pi=vidoomy
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
content-type
image/gif
date
Mon, 29 Jan 2024 01:00:56 GMT Mon, 29 Jan 2024 01:00:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 6A3E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D70a21ae20dfbf74c5fa4b7af696d...
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=CEN
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=CEN
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:57 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=CEN
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 6A3E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=460bad56-ba86-4057-96df-cd3eb47a1283&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=460bad56-ba86-4057-96df-cd3eb47a1283&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
HTTP/1.1
Server
212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:00:57 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=460bad56-ba86-4057-96df-cd3eb47a1283&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
prebidjs
rtb.openx.net/openrtbb/ Frame D367 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.853/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
55aa19193d7afb65e2d0269b09594b1a00088e3b41abaed22e1e0f6a731b901f

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:56 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A&gdpr=0
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a86b8b321c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-215gmWtE2uHxgsxo_OUEE3_Ysi7oTlyHz3o4_E0-~A&gdpr=0
date
Mon, 29 Jan 2024 01:00:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
elb.the-ozone-project.com/ Frame E20C
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=264943876892460233441
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=264943876892460233441
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&pubcid=ce0eda65-0932-4d09-add5-d204b5a3438f&publisherId=OZONENYP0001&siteId=1500000033&cb=1706490038802&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:00:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84cd8a878a1521c7-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=264943876892460233441
date
Mon, 29 Jan 2024 01:00:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pbs-iframe
pbs-cs.yellowblue.io/ Frame 9EEC 		0
0
bf7d1be24b1c49a5a6f04ab541809a8a.jpg
content.homenetiol.com/2002409/2188158/0x0/ Frame 51F9 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.homenetiol.com/2002409/2188158/0x0/bf7d1be24b1c49a5a6f04ab541809a8a.jpg
Requested by
Host: nypost.com
URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.168.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-168-123.bos50.r.cloudfront.net
Software
/
Resource Hash
de8b9d5d01a2aaf22f6ee9e7934105602fbf38605f4ec8f127bafb93fda21d40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 17:22:20 GMT
via
1.1 5bf4d747be36bbd75379552d7669c798.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 04:58:10 GMT
x-amz-cf-pop
BOS50-P3
age
2273917
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
76681
x-amz-cf-id
XGvAYePCJYtaW6722KAUToC6qoizIlwi6qlXbMvduU8k5oRrFHa_Tg==
pixels
pix.spot.im/api/v1/ 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-41.iad89.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 01:00:57 GMT
via
1.1 ffa8ec5cfe61dcaaebc108ff8c867054.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
nVsMXHkndw_5g9bI3GxtcHJJwq--HqucUneyu2JBE6Nk66yZ9JjUEw==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 29 Jan 2024 01:00:58 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 5AFC 		11 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Mon, 29 Jan 2024 01:00:58 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490058484&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=9&d5=11&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:59 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:19 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		104 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=11&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*R_0lW1BZBrs06_9PJCB_7LhT9WLEwXI1qFh8rOqtc9yALVN6CVtuDHO1nscCY1d_gC6uajQpJKKpzTo1l3lQlQ%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
32e0e87cc2ddb0885425092ffbf9511c88eeee4335a2825dfd1c4dd10553276b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:58 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
104
x-amz-cf-id
mtO_mWw5MxTr23bv_ALFULzjj4iw6nfPWzZH4VgWmI9xyDJ2ZzS4uQ==
track
track4.aniview.com/ Frame F09B 		0
145 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track4.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=nypost.com&rs=nypost.com&sid=19820&t=1706490046&cip=38.132.118.73&sn=&tgt=0&osv=10&bv=120.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&d64=54742657b6d8f9ab646b94e6a422264d&d63=54742657b6d8f9ab646b94e6a422264d&aafaid=&proto=https&uid=1706490044009-172030175079-000676-010-006630&cha=0.7&stagid=&stplid=&d35=&d36=6.2.166&cb=30952989042&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd4=b285b3f2-e93f-49c6-b87c-554187f4a939&cd5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&cd6=tier1-conv3&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.10.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&cd16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=reactions&d9=0000&d37=realtime&d65=General&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 01:00:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490059092&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=10&d5=12&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:59 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:19 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		104 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=12&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*R_0lW1BZBrs06_9PJCB_7LhT9WLEwXI1qFh8rOqtc9yALVN6CVtuDHO1nscCY1d_gC6uajQpJKKpzTo1l3lQlQ%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
98ccc1af76d20172bc5c49b52f4737320d26faedb6714a74309b594ca40b7985

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:58 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
104
x-amz-cf-id
wpF2v66dMrXXX10-7gkyDfMQ2BdPUbvtX0YHS2Sy7ikedJCBs0VtAw==
setuid
user-sync.adxpremium.services/ Frame 6A3E 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=70a21ae20dfbf74c5fa4b7af696db04c
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 29 Jan 2024 01:00:59 GMT
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490059336&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=11&d5=12&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:59 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:19 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		104 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=13&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*R_0lW1BZBrs06_9PJCB_7LhT9WLEwXI1qFh8rOqtc9yALVN6CVtuDHO1nscCY1d_gC6uajQpJKKpzTo1l3lQlQ%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
a9195ef3edf5b18820aa1e4d428d928be77c65eb50e1cff657325c77e74b10dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:58 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
104
x-amz-cf-id
ZGjGd7-xAaSxiYDZujqYYvg1MkvbzpW1bjt28fOlqMWFTEnnAPIUlg==
s2s
s2ssc.aniview.com/api/adserver/ 		0
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=54742657b6d8f9ab646b94e6a422264d&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=b285b3f2-e93f-49c6-b87c-554187f4a939&AV_CDIM5=h7WQR2Q5kYX4hH-a8dH44l2Mphq3ZKZyyXkGKEhXRKSYrwxZO8rtD-7G65gRHBif&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.10.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6052025c979e457a0861de0a&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6052025c979e457a0861de0a/nypost.com&d36=6.2.166&responsive=1&sver=4&avtoken=46782&omv=1.0.1&clsid=c4d6c3ce-7be5-45b7-a243-87380e7f5645&rando=56&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=6490059655&AV_C_USER_ID=1706490044009-172030175079-000676-010-006630&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=12&d5=12&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.176 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 01:00:59 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 17 Jan 2024 11:14:19 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8754 		104 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&pid=U1ZxgvySkipPj&cb=14&ws=1600x1200&v=24.117.1925&t=8000&slots=%5B%7B%22id%22%3A%22VDM%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*R_0lW1BZBrs06_9PJCB_7LhT9WLEwXI1qFh8rOqtc9yALVN6CVtuDHO1nscCY1d_gC6uajQpJKKpzTo1l3lQlQ%22%2C%22pubcommon%22%3A%22ce0eda65-0932-4d09-add5-d204b5a3438f%22%2C%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22lotame%22%3A%227c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
2eb3a672e138de9101186e81e84cbf5f451f19b97a66c9eca878bd7150cf6ba2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:00:59 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
104
x-amz-cf-id
2TzTkPxWsg7z8ztA54DszIYZDUG5FIggQGtHxBD-2cbIikjUTUGJ8Q==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
live.rezync.com
URL
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968625796319955998&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Db22f58fe-1bd6-45ec-85d0-a530447e0578%253A1706490038.8884192%26pid%3D500040%26it%3D1%26iv%3Db22f58fe-1bd6-45ec-85d0-a530447e0578%253A1706490038.8884192%26_%3D1706490038.8909276
Domain
id.geistm.com
URL
https://id.geistm.com/m/OB/BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Domain
id5-sync.com
URL
https://id5-sync.com/c/164/796/1/9.gif?puid=2686f86f-e79d-485e-ba10-74b2c691a418&gdpr=0&gdpr_consent=
Domain
widgets.outbrain.com
URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Domain
widgets.outbrain.com
URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Domain
widgets.outbrain.com
URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Domain
widgets.outbrain.com
URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Domain
widgets.outbrain.com
URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Domain
widgets.outbrain.com
URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Domain
sync.extend.tv
URL
https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEBI0DR37rAljIzmlurGXMKk&google_cver=1&google_push=AXcoOmSv3IieOapP09fo2-iKNrjbTt7sKzCrNdwGpRlPlt5YG8H-zIO9gdkmjMGcQYHk4jZAFgANs5jfxzs8pYH_1IP-7Mw60f2RjIZ62KHQZZrBmCK9V5kOA2iNex3f1rFyfM9UjaytIJVqkolWP2mRfdQ
Domain
xsync.iqzone.com
URL
http://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=undefined
Domain
eexsync.com
URL
https://eexsync.com/ztgl358.gif?gdpr=&gdpr_consent=&us_privacy=&coppa=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D38%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzI2YWU1ZTBiZmYxMTI0MSZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgImEjgB
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent=
Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=82ce5fbb-faf3-47ec-acb9-51ab4b739685
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=169&gdpr=0&gdpr_consent=
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?
Domain
pbs-cs.yellowblue.io
URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]

Verdicts & Comments Add Verdict or Comment

470 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper object| ga4Dims function| gtag object| dataLayer function| nypGa object| nypScripts string| nypost_screen object| _wpemojiSettings object| tag object| Sailthru object| nypAqfer string| usprivacy object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al function| admiral object| googletag object| saasquatch_settings object| sailthru_vars string| ob_id object| OB_element object| OB_elements string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData string| dimension21 function| nypGoogletag object| nypMembership object| nypZephr object| _stq object| sharing_js_options undefined| windowOpen object| google_conversion_id object| google_custom_params object| google_remarketing_only object| google_tag_data function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| zephr object| __otccpaooLocation function| 4dm1r11545242527 function| FlipboardWidgets object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| webpackChunknypost_2016 object| MicroModal object| Optanon object| OneTrust object| PARSELY object| google_tag_manager number| hits object| initialized number| lastVisit number| sessionLastVisit number| sessionStarted boolean| triggerFlag boolean| startChatFlag number| differenceInHours object| GlobalSnowplowNamespace function| snowplow string| GoogleAnalyticsObject function| ga object| optimizely object| apstag function| getCookie object| newsId boolean| subscriber object| z_session object| identityArr object| ncgCookie object| permutive object| pbjs function| nypostAdRefresh object| dfp_ad_slots_desktop object| dfp_ad_slots_mobile object| PushlySDK function| pushly object| _comscore object| unruly object| adWrapper function| ncgGetCookie object| ncgId object| ncgSpId object| gaAutId string| hasAmazon object| links object| amazonLinks undefined| gaEventData undefined| amazonGaEvent undefined| amazonGa4Event undefined| currentGaEvent undefined| currentGa4Event object| ProgrammaticBidding object| pbjsChunk object| _pbjsGlobals object| mnet object| mnjs object| liQ_instances boolean| __bt_already_invoked object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| __OPEN_WEB__ object| webpackChunknyp_membership object| regeneratorRuntime function| sprintf function| vsprintf object| core object| cj object| _uxa object| default_gsi object| _F_toggles object| google object| closure_lm_764934 function| clearImmediate function| setImmediate function| st_go function| linktracker_init object| wpcom object| LI object| __li__evt_bus object| liQ object| fGux7T function| fGux7z object| xop object| -1c4xvark5qtc object| c057Data object| gaplugins object| nb object| ncg_data function| _ncg_snowplow object| gaGlobal object| _aps boolean| apstagLOADED object| nypDataLayer function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| _typeof object| ggeac object| google_js_reporting_queue string| __unrulyPageLoadId function| playerApi622640 object| bouncex object| twemoji object| wp object| gaData object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| ZERG object| COMSCORE object| ns_p object| process object| SPOTIM string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ string| pxSegmentIDs function| noop object| mnjsWebpackJsonp object| rtd object| OBR string| OB_releaseVer object| OBREvents function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater boolean| availablePlans object| i2G4Go2 function| i2G4Go3 function| xblocker object| JMnHgz function| JMnHgE object| xblacklist object| CS_CONF object| CS_INTEGRATIONS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics function| pd_callback undefined| google_measure_js_timing object| definedSlots object| webpackChunksmart_tag object| json9261885 object| apscustom object| Criteo function| obApi boolean| creativeVendorLibraryLoaded object| bxgraph function| apiObj function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie undefined| $ function| jQuery function| positionApi_62af35d851923c62777207b4_1706490039414 function| playerApi_62af35d851923c62777207b4_1706490039414 function| configApi_62af35d851923c62777207b4_1706490039414 number| google_unique_id object| aniplayerPos object| ObVideoChunk string| OB_VIDEO_VERSION object| OB_VIDEO function| owActionQueue boolean| DFPMessageEnabled object| atsdetectionmodule object| atsenvelopemodule object| ats object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| googDdmPs object| vdz string| @vsrv function| avPlayer number| _tlTagsPending object| cnx_player_usr_storage object| webpackChunknotifications object| storageAni function| __SPOTIM_DISABLE_ADS__ object| cnx_webpack_global function| webpackJsonpb73jkj9lyq13 object| __vidazooPlayer__ object| vidazoo function| @4878ofcgcys object| webpackChunkconversation object| webpackChunkreactions object| cnx_usr_storage object| lotame_sync_17331 object| DD_LOGS object| ADAGIO object| __SPOTIM_DEV_STORE__ function| lotameIsCompatible function| sync17331_aa function| sync17331_c undefined| sync17331_d undefined| sync17331_ba undefined| sync17331_e function| sync17331_f object| sync17331_h function| sync17331_ca function| sync17331_j function| sync17331_da object| sync17331_ object| sync17331_ga object| sync17331_v object| sync17331_oa object| sync17331_xa object| sync17331_ya function| sync17331_a function| sync17331_b function| sync17331_g function| sync17331_i function| sync17331_k function| sync17331_l function| sync17331_m function| sync17331_n function| sync17331_o function| sync17331_p function| sync17331_q function| sync17331_r function| sync17331_fa function| sync17331_ea function| sync17331_s function| sync17331_t function| sync17331_u function| sync17331_w function| sync17331_ha function| sync17331_ia function| sync17331_y function| sync17331_ja function| sync17331_z function| sync17331_A function| sync17331_x function| sync17331_B function| sync17331_ka function| sync17331_C function| sync17331_D function| sync17331_E function| sync17331_F function| sync17331_G function| sync17331_H function| sync17331_I function| sync17331_J function| sync17331_K function| sync17331_L function| sync17331_la function| sync17331_ma function| sync17331_na function| sync17331_M function| sync17331_N function| sync17331_pa function| sync17331_O function| sync17331_qa function| sync17331_ra function| sync17331_sa function| sync17331_P function| sync17331_ta function| sync17331_ua function| sync17331_va function| sync17331_wa function| sync17331_Q function| sync17331_R function| sync17331_za function| sync17331_S function| sync17331_T function| sync17331_U function| sync17331_V function| sync17331_Aa function| sync17331_W function| sync17331_X function| sync17331_Y function| sync17331_Z function| sync17331__ function| sync17331_0 function| sync17331_Ea function| sync17331_Ba function| sync17331_1 function| sync17331_Da function| sync17331_Ca function| sync17331_2 function| sync17331_3 function| sync17331_4 function| sync17331_5 function| sync17331_Ga function| sync17331_Ha function| sync17331_Ja function| sync17331_Fa function| sync17331_7 function| sync17331_Ia function| sync17331_La function| sync17331_Ka function| sync17331_8 function| sync17331_6 function| sync17331_9 function| sync17331_Ma function| sync17331_Na function| sync17331_Oa function| sync17331_Pa function| sync17331_$ function| sync17331_Qa function| sync17331_Ra function| sync17331_Sa function| sync17331_Ta object| hadron boolean| __halo_loaded__ object| _ADAGIO object| au

535 Cookies

Domain/Path Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
.3lift.com/sync Name: sync
Value: CgoIgAIQ_eHuldUxCgoIgQIQ_eHuldUxCgoIhwIQgbTuldUxCgkISRD94e6V1TEKCQgLEJWB75XVMQoKCIsCEJWB75XVMQoKCIwCEIG07pXVMQoKCM4BEJWB75XVMQoKCI4BEJWB75XVMQoJCA4Q-IzvldUxCgoIkAIQ-IzvldUxCgoIkQIQgbTuldUxCgoIkgIQ_eHuldUxCgoIkwIQ-IzvldUxCgoIlAIQ_eHuldUxCgoIlQIQ-IzvldUxCgoI1gEQ-IzvldUxCgoIlgIQ-IzvldUxCgkIGxD94e6V1TEKCgidAhCVge-V1TEKCgjeARD94e6V1TEKCQhfEIG07pXVMQoJCB8QgbTuldUxCgoIoQEQgbTuldUxCgoI4gEQ_eHuldUxCgoI4wEQlYHvldUxCgoI5gEQgbTuldUxCgoI5wEQlYHvldUxCgoIrAIQ_eHuldUxCgoIrQIQ_eHuldUxCgoIsAIQ-IzvldUxCgoIswIQ-IzvldUxCgoItAIQgbTuldUxCgoItQIQlYHvldUxCgoItwIQgbTuldUxCgkIORCVge-V1TEKCQg6EIG07pXVMQoKCPsBEPiM75XVMQoKCP8BEJWB75XVMQoJCD8Q-IzvldUx
.liadm.com/j Name: lidid
Value: a00f9526-1dfc-4162-8f58-70eba1170baf
i6.liadm.com/s Name: _li_ss
Value: CgA
i.liadm.com/s Name: _li_ss
Value: Cl4KBQgKEIsXCgYI3QEQixcKBQgGEIsXCgYIpQEQixcKBgjhARCLFwoGCIEBEIsXCgUIDBCVFwoGCKIBEIsXCgkI_____wcQlRcKBQgLEIsXCgYIiwEQixcKBQh-EIsX
nypost.com/ Name: lux_uid
Value: 170649003660413055
nypost.com/ Name: usprivacy
Value: 1---
.nypost.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+Jan+28+2024+15%3A00%3A36+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=668fd4cd-48f0-4146-af22-6b15a051730b&interactionCount=0&landingPath=https%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1%2C5%3A1%2C8%3A1%2C9%3A1%2CC0022%3A1%2CC0012%3A1%2CC0013%3A1%2CC0017%3A1%2CC0020%3A1%2CC0021%3A1%2CC0023%3A1%2CC0024%3A1%2CC0030%3A1%2CC0029%3A1%2CC0033%3A0
.nypost.com/ Name: _li_dcdm_c
Value: .nypost.com
.nypost.com/ Name: _lc2_fpi
Value: 37577191df7a--01hn9bq0tbkbm4ke32gsfs49t6
.nypost.com/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1706490037068%7D
.nypost.com/ Name: _pubcid
Value: ce0eda65-0932-4d09-add5-d204b5a3438f
.nypost.com/ Name: _pubcid_cst
Value: VyxHLMwsHQ%3D%3D
.nypost.com/ Name: blaize_session
Value: f99aedd1-f91c-48ae-867e-d18485e1ce1d
.nypost.com/ Name: _nyp_ses.64db
Value: *
.nypost.com/ Name: _nyp_id.64db
Value: .1706490037.1.1706490037..d5ba9f21-697a-4dca-ae88-b35b0b59813d..21f5cc03-8b2a-4814-bdbc-c954b140ca79.1706490037383.1
.nypost.com/ Name: _ncg_sp_ses.64db
Value: *
.nypost.com/ Name: _ncg_id_
Value: ce8ee306-cd62-47ea-9165-7c4fc74ee28f
.nypost.com/ Name: permutive-id
Value: 17048c32-02c1-4f4e-8e58-c8a65542c17e
.nypost.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/%22%2C%22sref%22:%22%22%2C%22sts%22:1706490037637%2C%22slts%22:0}
.nypost.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=20d71400-4a39-4f28-bfbb-a8486796d2d2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1706490037637}
.newscgp.com/ Name: sp
Value: c3340d8a-73ae-48f3-b63a-c29abe327e45
.nypost.com/ Name: _ncg_domain_id_
Value: ce8ee306-cd62-47ea-9165-7c4fc74ee28f.1.1706490037442.1769562037442
.nypost.com/ Name: _pnvl
Value: false
.nypost.com/ Name: pushly.user_puuid
Value: qlOgoRRWxN4shgXhrVub6oC2WexNEyO3
.nypost.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.nypost.com/ Name: _gid
Value: GA1.2.2119401761.1706490038
.liadm.com/ Name: lidid
Value: a00f9526-1dfc-4162-8f58-70eba1170baf
.newscgp.com/ Name: _ncg_g_id_
Value: c3340d8a-73ae-48f3-b63a-c29abe327e45.3.1706490037.1769562037442
nypost.com/ Name: _scor_uid
Value: 78b47f70d5e345a690b644b2e0f4f423
.0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co/ Name: pxid
Value: b179baed-1932-49f0-880b-e5fc645250c9
.zergnet.com/ Name: seen_crc
Value: %5B4012178508%2C3035514471%2C3755266113%2C1086835229%2C2911708529%2C2266169642%2C3343589226%2C3715573977%2C3400062459%5D
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.scorecardresearch.com/ Name: UID
Value: 11D7153226fbdaa89b4ee3c1706490037
.nypost.com/ Name: _autid
Value: 65b6f8b53e83c2171317f6fe
.nypost.com/ Name: _ncg_g_id_
Value: c3340d8a-73ae-48f3-b63a-c29abe327e45.3.1706490037.1769562037442
.nypost.com/ Name: _pnxd
Value: 649758697.1706490038
.nypost.com/ Name: _gat
Value: 1
.spot.im/ Name: device_uuid
Value: 71f3befa-7111-46eb-8308-02c08342e2dd
.nypost.com/ Name: _ncg_sp_id.64db
Value: ce8ee306-cd62-47ea-9165-7c4fc74ee28f.1706490037.1.1706490038.1706490037.8d43d7a9-0112-4310-80dd-6360009f1335
.outbrain.com/ Name: obuid
Value: 5c6c44da-5154-421b-aa75-2ed668f63e76
.nypost.com/ Name: _awl
Value: 2.1706490038.5-e8b67717b765ce525333678cdaac6a2d-6763652d75732d6561737431-0
.3lift.com/ Name: tluid
Value: 264943876892460233441
.the-ozone-project.com/ Name: __cf_bm
Value: bHgGn0oEH.PTJjV6LX_SmS91yukiB3zlWY1sbJJLN2Y-1706490038-1-ATXlN1eKUZjGh4NMNbLNoQg/LKY2PjwiVDDRziFVfm62yb2EQM01yr8molw2ZGWpZ06SERNeaIHhCC42rOQjyRo=
.nypost.com/ Name: _li_ss
Value: CjUKBQgKEIsXCgYI3QEQixcKBgjhARCLFwoGCKIBEIsXCgUICxCLFwoGCIsBEIsXCgUIfhCLFw
.nypost.com/ Name: _li_ss_meta
Value: {%22w%22:1706490038744%2C%22e%22:1709082038744}
.adnxs.com/ Name: XANDR_PANID
Value: enaHHP8GQySmuTv4bTBtWai3QV9HEbCTaqoJsUi4qjCcvBSyC5s_u_3qk-Y6Gch2PPfmC3WlABNfdK-hNrOxPdgZuu5thLtiSVTr1narpd8.
.adnxs.com/ Name: uuid2
Value: 569908430852131164
.nypost.com/ Name: _cs_ex
Value: 1645376079
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.nypost.com/ Name: _cs_c
Value: 0
.csxd.contentsquare.net/ Name: _cs_ex___5764
Value: 1645376079
.adsrvr.org/ Name: TDID
Value: 41e24d93-d54c-44df-8e10-335978a5e3ce
.rubiconproject.com/ Name: khaos
Value: LRY83WXS-13-DGE9
.kargo.com/ Name: ktcid
Value: a2c7382c-d779-027e-1b75-edc91c70703e
.demdex.net/ Name: demdex
Value: 32327484771080788001847257897123682831
zephr-v4.nypost.com/ Name: AWSALB
Value: UOnIXuyxdI5X2JcSPc7SakeFvPJZP+Wu0zIv3cG+P+UCCZojICSSmfOiwKeb3bYBPzOfBGW/2EiNRdIfUHPqLTqsYFfNCGeB640Zh+GtOfzfWtn+nGHazk+G5J2B
zephr-v4.nypost.com/ Name: AWSALBCORS
Value: UOnIXuyxdI5X2JcSPc7SakeFvPJZP+Wu0zIv3cG+P+UCCZojICSSmfOiwKeb3bYBPzOfBGW/2EiNRdIfUHPqLTqsYFfNCGeB640Zh+GtOfzfWtn+nGHazk+G5J2B
.yahoo.com/ Name: A3
Value: d=AQABBLb4tmUCEMIabqJtc1QkQZK3HBbJwSAFEgEBAQFKuGXAZdxH0iMA_eMAAA&S=AQAAAu-brR3KScx81YhW5_3DSt0
.dpm.demdex.net/ Name: dpm
Value: 32327484771080788001847257897123682831
.bidswitch.net/ Name: tuuid
Value: 82ce5fbb-faf3-47ec-acb9-51ab4b739685
.bidswitch.net/ Name: c
Value: 1706490039
.bidswitch.net/ Name: tuuid_lu
Value: 1706490039
.addthis.com/ Name: na_id
Value: 2024012901003800076117698509
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 65b6f8b6d95a75a7
.addthis.com/ Name: ouid
Value: 65b6f8b600019ed413330c548eb628705d1c0fbead41fa970def
.krxd.net/ Name: _kuid_
Value: QEFAyLsQ
.mfadsrvr.com/ Name: tuuid
Value: 210aed4c-1290-40df-ade0-996605a0ba01
.mfadsrvr.com/ Name: c
Value: 1706490039
.mfadsrvr.com/ Name: tuuid_lu
Value: 1706490039
.mathtag.com/ Name: uuid
Value: b16465b6-f8b7-4700-825f-1f6d618c12a5
.doubleclick.net/ Name: IDE
Value: AHWqTUk_nncKfSw_992kGuEAT5d4FiPNo3f982lvPfEA5tAthxdtJc5-vMJh46LpcoU
.agkn.com/ Name: ab
Value: 0001%3AoPQryju%2FgTkiOdIzDbTAeVyr7IiZJXSG
.eyeota.net/ Name: mako_uid
Value: 18d52bb8cfc-2b830000010a4452
.eyeota.net/ Name: SERVERID
Value: 17490~DM
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.zemanta.com/ Name: zuid
Value: FGMyRixu_DgVHyivxn3d
.zemanta.com/ Name: obuid
Value: BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
.im-apps.net/ Name: imid_secure
Value: 7DqI9UnJQamgO8U9ljH2LA
.im-apps.net/ Name: imid_created_secure
Value: 1706490039
.adfarm1.adition.com/ Name: UserID1
Value: 7329318908464986269
.amazon-adsystem.com/ Name: ad-id
Value: A8V4DU7LvkkvntHmtZGaysE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
nypost.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1706490039440%7D
.casalemedia.com/ Name: CMID
Value: Zbb4t.4rlh.cZ2F6j5eVAQAA
.casalemedia.com/ Name: CMPS
Value: 1589
.casalemedia.com/ Name: CMPRO
Value: 1589
.creativecdn.com/ Name: g
Value: FCMU7c67YaL95QDc1lFB_1706490039717
nypost.com/ Name: __zephruser
Value: {"pu_disclosurebanner_updatednotice":"shown:1|rotation:1|converted:0|expired:0"}
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e.gIj46Qea8fC4ucDx1rThHOgA011KtrLfbk127J47IS4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e.gIj46Qea8fC4ucDx1rThHOgA011KtrLfbk127J47IS4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvC4MldVUXx1-4THjD_zAjiaEdkk.%2FEUN702yjbLc1J3bOoMM80Rz8uVMPbBjSxGHyXpu2E4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvC4MldVUXx1-4THjD_zAjiaEdkk.%2FEUN702yjbLc1J3bOoMM80Rz8uVMPbBjSxGHyXpu2E4
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOEPig05Vqz7wDFSZnir7E4XyBt1YVycXWaR4RSf1G3eEHwYBCC38dutBjABOgQ7vvenQgRT0Ozg.iuGgIA2yJKnjgA9uHMTKcGmzw8PsFvxswmqOsMQ9ivA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOEPig05Vqz7wDFSZnir7E4XyBt1YVycXWaR4RSf1G3eEHwYBCC38dutBjABOgQ7vvenQgRT0Ozg.iuGgIA2yJKnjgA9uHMTKcGmzw8PsFvxswmqOsMQ9ivA
.pippio.com/ Name: did
Value: z0MyKPRPb6OaP9gx
.pippio.com/ Name: didts
Value: 1706490040
.pippio.com/ Name: nnls
Value:
.openx.net/ Name: i
Value: ac791dc0-aa9e-4c49-a785-c5c35106e3f3|1706490040
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
.exelator.com/ Name: EE
Value: "b2f3e4a936ff274cb4d6187e2d380508"
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.media.net/ Name: visitor-id
Value: 3494916401524150000V10
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"2bbiBC2yVMrXwhq8yxcSY5MdPYa","deviceID":"2bbiB7GCilGdiXnVecd4SJxgZ4U","iv":"","v":""}
.linkedin.com/ Name: li_sugr
Value: add80fa8-b4a2-46e6-8a7b-a4d3bd12eb6e
.linkedin.com/ Name: bcookie
Value: "v=2&6aeac882-732f-4f7e-840b-f68b7a91aa5b"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2750:u=1:x=1:i=1706490040:t=1706576440:v=2:sig=AQE8pYy_V7cIc4VUDYFzFxfgHvFnRSu3"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHJKM041STR0tgsLc3I3CQ5ySTFzNDCPNUoxdjCwNTAYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR9bGQcAnUQqVA%253D%253D"
.nypost.com/ Name: __gads
Value: ID=bc514c59524b517a:T=1706490039:RT=1706490039:S=ALNI_MaQ32EVOhA20Tn0AJrZgPnoldgoHA
.nypost.com/ Name: __gpi
Value: UID=00000dbac01c5f12:T=1706490039:RT=1706490039:S=ALNI_MYDp-IuTIeHZfmBZcRoolfm_PRBvg
.sharethrough.com/ Name: stx_user_id
Value: 70bc553d-17ec-422b-a7ac-eeeb5ec1c02b
.gumgum.com/ Name: vst
Value: u_409f2738-bb72-42b8-beec-9dce4873490b
.smaato.net/ Name: SCM
Value: 8ee963035d
.smaato.net/ Name: SCMo
Value: 8ee963035d
.nypost.com/ Name: __eoi
Value: ID=bf94e68088bb323a:T=1706490039:RT=1706490039:S=AA-AfjZb3bL6Ey55inWTB2XlfGXD
.bing.com/ Name: MUID
Value: 0F6AA3141BE564092482B7011A5B6590
.c.bing.com/ Name: MR
Value: 0
.contextweb.com/ Name: ccpa
Value: 1---
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 2076bc542b7e16cb
.sitescout.com/ Name: ssi
Value: 7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0#1706490040588
.contextweb.com/ Name: V
Value: H8rkIRuldlvq
.mediago.io/ Name: __mguid_
Value: 09dd4f7e0d9f86852vuzd500lry83yic
.outbrain.com/ Name: recs
Value: 4003B5467304080A5346329074ACD1
.outbrain.com/ Name: obsessionid-p770
Value: d943cfe0-ae58-ffa0-0000-018d52bb88a7|2011|1
.smartadserver.com/ Name: pid
Value: 2405212159101885593
gsght.com/ Name: session_id
Value: 1eebe41d-26a1-6a2c-80d5-e6ac69596595
gsght.com/ Name: session_id_7azz5g&campaign
Value: prime-outbrain-us-desktop-nov23&obRequestId=7PeFkI4ovGo7iXyyVtXWafdPV0-UcYwrkMmDTaqxbNelnalyfKJvM70mso9LwUR4&obTimestamp=1706490038841_impression=1eebe41d-26a1-6a2c-80d5-e6ac69596595
.presage.io/ Name: presage-ssp
Value: %7B%22uuid%22%3A%22681e0275-e311-4b50-a4f4-e8072169643a%22%7D
.rezync.com/ Name: zync-uuid
Value: b22f58fe-1bd6-45ec-85d0-a530447e0578:1706490038.8884192
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiYjIyZjU4ZmUtMWJkNi00NWVjLTg1ZDAtYTUzMDQ0N2UwNTc4OjE3MDY0OTAwMzguODg4NDE5MiJ9.Zbb4uA.LH-vN3fTGgAAGqprLxBIFp2Xw0E
.openx.net/ Name: univ_id
Value: 537072971|41e24d93-d54c-44df-8e10-335978a5e3ce|1706490041031637
.exelator.com/ Name: hsk_1600
Value: "gAAAAAQAAACSKLUv%252FSCSkQQAiKRidWlk2gBAQlFUX2ZOTDkwUXI5VjFjUngyU0xRUEczMEhYdFQxU0k2WUZ2V3JSaUk3WU5EY2dHYnQyOG93MDI0a29mWWZRQ6Noc2ukNjIzNqhkZWxpdmVyeaQ2MjM2o3ZlcgGlYm5hbWWnUzIwNE9VVKV0c2Vnc6cyOTQ0NTQ0pWJjb2RlzQZAonRzylPGqV4%253D"
.nypost.com/ Name: __idcontext
Value: eyJjb29raWVJRCI6IjJiYmlCQzJ5Vk1yWHdocTh5eGNTWTVNZFBZYSIsImRldmljZUlEIjoiMmJiaUI3R0NpbEdkaVhuVmVjZDRTSnhnWjRVIiwiaXYiOiIiLCJ2IjoiIn0%3D
.doubleclick.net/ Name: APC
Value: AfxxVi5mHcsGLsi6WdU6tR1pjW3jVffTtbZ4vQuViQDiP51EiXypLQ
.quantserve.com/ Name: mc
Value: 65b6f8b9-1c88a-5f6ab-23d91
.tapad.com/ Name: TapAd_TS
Value: 1706490041305
.tapad.com/ Name: TapAd_DID
Value: 509c862a-d03a-43aa-a731-974d8d72abf6
.pxl.iqm.com/ Name: outbrain
Value: MTcwNzY5OTY0MTM2Mw==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 0c76e7f2-ba47-446a-abb1-da8b922c46d6
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRHAIAgEwE_aIXMgyJluomIhqTy735XT7ARPic7dxaOWMDbkjQb3LETy0UT3ATTeJF2H_UEbqQA6AAAA
.rtbsystem.com/ Name: ut-112-0
Value: 2DA702CB23312B0710ECCFB3049C6FB3236BB82FF90B3CDB9349DC3B98868476D7391AB958D825A09ED5B2B297AC922B99694B11FB0763FEE5E6F8E067501BAB6E9195295F0DCC890CF46F0367CE9494AADD803E0D7B3DDDA30894B8E7C04E9D
.rtbsystem.com/ Name: ut-0-112
Value: FC4DB8698D844308029DA60A52129006F42E2A6D8425B1B53DF23862D90C92FE4D96479C13244380BEAB04FD08E2A6096CC91A3CA44BAE0347A28BB8E929FFA8
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDc1BBImhqbmFsZmxqZCfIa6nomm7pkRAcn-8Ra5AB3EKAYkAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDc1BBImhqbmFsZmxqZCfIa6nomm7pkRAcn-8Ra5AB3EKAYkAAAA
.deepintent.com/ Name: CDIUSER
Value: di_3a32b05a45c5481c88778
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwS7GOL6AHAHX1KEDXM4nQizIkOOOTpocIjGKX7J5x7TnouvIGr2zxvt3pQC4TM1
.adform.net/ Name: C
Value: 1
.ipredictive.com/ Name: cu
Value: 2686f86f-e79d-485e-ba10-74b2c691a418|1706490041542
.server.cpmstar.com/ Name: USER_ID
Value: %ff*%a1J%8a7%af%ea(%fc%bfk%80%a5%7b
.adx.opera.com/ Name: UID
Value: OPUab9db8a93a1447b9af78df625a0ecba4
.adform.net/ Name: uid
Value: 6499456437357126316
.turn.com/ Name: uid
Value: 7275493187359501348
nypost.com/ Name: _lr_geo_location_state
Value: FL
nypost.com/ Name: _lr_geo_location
Value: US
.nypost.com/ Name: _ga_0DZ7LHF5PZ
Value: GS1.1.1706490041.1.0.1706490041.0.0.0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4949403a-4567-4413-86a8-64a4c6123dda-005%22%7D
.nypost.com/ Name: spotim_visitId
Value: {%22visitId%22:%2271f3befa-7111-46eb-8308-02c08342e2dd%22%2C%22creationDate%22:%22Sun%20Jan%2028%202024%2015:00:40%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22duration%22:2}
.lkqd.net/ Name: lkqdidts
Value: 1706490041
.lkqd.net/ Name: sr59
Value: 1|CAESEFNNohK6F8p3qiNrheBmyug|1706490041
.lkqd.net/ Name: lkqdid
Value: aZrOBUOECqg
.socdm.com/ Name: SOC
Value: Zbb4ucCo5swAACZwrzgAAAAA
.pippio.com/ Name: pxrc
Value: CLjx260GEgUI9ywQAhIGCIK9KxAA
.adotmob.com/ Name: uid
Value: 0a1822040049791feeac8450
.adotmob.com/ Name: uuid
Value: 0a1822040049791feeac8450
.adotmob.com/ Name: partners
Value: SMA%3A1706490042300
.richaudience.com/ Name: pdid
Value: d9eb6a8a-a0c0-4a0c-a489-1zz1706489940
.audrte.com/ Name: arcki2
Value: 0h7IOF91s3ESVmEA9jvyyJa0w!20220908!1706490042434!ip#38.132.118.73
.criteo.com/ Name: uid
Value: 3fbfc4ff-725e-459d-8cd2-1da079402854
.audrte.com/ Name: arcki2_ddp2
Value: 0h7IOF91s3ESVmEA9jvyyJa0w!20220908!1706490042754
nypost.com/ Name: _lr_retry_request
Value: true
nypost.com/ Name: _lr_env_src_ats
Value: false
nypost.com/ Name: _lr_sampling_rate
Value: 100
.360yield.com/ Name: tuuid
Value: 00b4fe7a-171e-41c9-b430-72af5b941e2e
.360yield.com/ Name: tuuid_lu
Value: 1706490042
.360yield.com/ Name: um
Value: !79,1hlYvaGdzy6oTthKZN0bV.-gnn0NezUNACj3-MlSGSGUeXQXy3KzzPY28lDMrH6dCWjwtFu87ZFh34Mu,1714266042
.360yield.com/ Name: umeh
Value: !79,0,1768698042,-1
.audrte.com/ Name: arcki2_adform
Value: 6499456437357126316!20220908!1706490042979
.simpli.fi/ Name: suid
Value: 59948840237444FFB186652355CB1705
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:59948840237444FFB186652355CB1705&KRTB&23486-uid:59948840237444FFB186652355CB1705&KRTB&23489-uid:59948840237444FFB186652355CB1705&KRTB&23539-uid:59948840237444FFB186652355CB1705
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFgvbstX_IMB5gzVqKDvmng&KRTB&23025-CAESEFgvbstX_IMB5gzVqKDvmng&KRTB&23386-CAESEFgvbstX_IMB5gzVqKDvmng
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-41e24d93-d54c-44df-8e10-335978a5e3ce&KRTB&22918-41e24d93-d54c-44df-8e10-335978a5e3ce&KRTB&22926-41e24d93-d54c-44df-8e10-335978a5e3ce&KRTB&23031-41e24d93-d54c-44df-8e10-335978a5e3ce
.admixer.net/ Name: am-uid
Value: a0d7576d9e1f4d62b901874e2cf64d14
nypost.com/ Name: pbjs-unifiedid_cst
Value: VyxHLMwsHQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: IEdcARZHXsIbyiq9SwayWrz3
.the-ozone-project.com/ Name: ozone_uid
Value: 2bbiBVcjkE6BTXUhdTpANCbELPy
.media.net/ Name: data-p
Value: H8rkIRuldlvq~~8
.media.net/ Name: data-c
Value: 3fbfc4ff-725e-459d-8cd2-1da079402854~~1
.media.net/ Name: data-c-ts
Value: 1706490043
.media.net/ Name: data-mf
Value: 210aed4c-1290-40df-ade0-996605a0ba01~~1
.audrte.com/ Name: arcki2_smart
Value: 2405212159101885593!20220908!1706490043953
.media.net/ Name: data-g
Value: CAESEOCrHLxhpsJXWnvWJ2NZlTo~~8
.bidr.io/ Name: bito
Value: AAGDg07LbfEAABOt5hXgMg
.bidr.io/ Name: bitoIsSecure
Value: ok
.w55c.net/ Name: wfivefivec
Value: MGfTdgLu1Rug0Y5
.media.net/ Name: data-co
Value: AAAF4JnAkSDv2gMR2A26AAAAAAA~~8
.media.net/ Name: data-rbh
Value: uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU~~1
.media.net/ Name: data-ttd
Value: 41e24d93-d54c-44df-8e10-335978a5e3ce~~1
.media.net/ Name: data-rk
Value: 969751697415783635~~8
.w55c.net/ Name: matchmedianet
Value: 5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: cfd08bcc-90eb-4708-b389-0707c71d75d8
.pswec.com/ Name: tuuid
Value: eef444ba-73d2-41cc-8090-949d0e38089a
.pswec.com/ Name: c
Value: 1706490044
.pswec.com/ Name: tuuid_lu
Value: 1706490044
.aniview.com/ Name: aniC
Value: 1706490044009-172030175079-000676-010-006630
.media.net/ Name: data-ze
Value: FGMyRixu_DgVHyivxn3d~~1
.smaato.net/ Name: SCMt
Value: 8ee963035d
.connatix.com/ Name: cnx_userId
Value: fcbe1cca89d74a54a114006b7671810e
.media.net/ Name: data-xu
Value: MGfTdgLu1Rug0Y5~~8
.adingo.jp/ Name: ID
Value: e4ab3414abfc3f86df311480b97b5148
.intentiq.com/ Name: intentIQ
Value: YuCD0eRlkT
.intentiq.com/ Name: IQver
Value: 1.9
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 79ecc2e7-3d87-4da9-a246-f257ba23ae0f
.prebid.a-mo.net/ Name: sd_amuid2
Value: 79ecc2e7-3d87-4da9-a246-f257ba23ae0f
cs.chocolateplatform.com/ Name: sp_cookie
Value: sp-dd16e8cd92f641dba246eb4de44d841f
.aniview.com/ Name: 1_C_78
Value: y-9a4stuZE2uKU2FCaDPsyZX20TOX5Rc9Y~A
sync.aniview.com/ Name: 1_C_78
Value: y-9a4stuZE2uKU2FCaDPsyZX20TOX5Rc9Y~A
.aniview.com/ Name: 1_C_55
Value: 569908430852131164
sync.aniview.com/ Name: 1_C_55
Value: 569908430852131164
.aniview.com/ Name: 1_C_31
Value: a0d7576d9e1f4d62b901874e2cf64d14
sync.aniview.com/ Name: 1_C_31
Value: a0d7576d9e1f4d62b901874e2cf64d14
.aniview.com/ Name: 1_C_49
Value: 2405212159101885593
sync.aniview.com/ Name: 1_C_49
Value: 2405212159101885593
.taboola.com/ Name: t_gid
Value: 5233d684-7765-4388-8fce-f79bbabc6716-tuctcb07e3c
.taboola.com/ Name: t_pt_gid
Value: 5233d684-7765-4388-8fce-f79bbabc6716-tuctcb07e3c
.media.net/ Name: data-bs
Value: 82ce5fbb-faf3-47ec-acb9-51ab4b739685~~1
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.hb.yahoo.net/ Name: visitor-id
Value: 3494916441524155000V10
.hb.yahoo.net/ Name: data-mag
Value: LRY83WXS-13-DGE9~~63
.aniview.com/ Name: 1_C_18
Value: IEdcARZHXsIbyiq9SwayWrz3
sync.aniview.com/ Name: 1_C_18
Value: IEdcARZHXsIbyiq9SwayWrz3
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zbb4vAAA0m8FLAAg
.admanmedia.com/ Name: admtr
Value: b82c204e-23a5-4c37-b8ee-e7d70eb88eda
.mgid.com/ Name: muidn
Value: o0sIVghABe0h
.mgid.com/ Name: __cf_bm
Value: IeeeTI52MYBw3fPuuIYKioJUmCMZNCXQhx8EV2rXVyw-1706490044-1-AT+JT5uGqndSYwHfse9vVMfB3BBONbuHAdEz9HlUThv8y6ki+h4bmggPntzsNy5d/CDTQ11XQqhDCLE7SxK5+TU=
.aniview.com/ Name: 1_C_9
Value: 6cdfaa70225d6647ed904c432d8f0b
sync.aniview.com/ Name: 1_C_9
Value: 6cdfaa70225d6647ed904c432d8f0b
.ads.stickyadstv.com/ Name: UID
Value: 4c318e13d98a247655254ea5ac3ea1c
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Zbb4t-4rlh-cZ2F6j5eVAQAABjUAAAAB
.c.appier.net/ Name: _auid
Value: dWfkx1yXDteYeVQ-vPi2ZQ
.c.appier.net/ Name: _gu
Value: CAESEG0Onbv9S2Gkm0kvykqITuk
cm.mgid.com/ Name: mg_sync
Value: {}
.intentiq.com/ Name: intentIQCDate
Value: 1706490044622
.intentiq.com/ Name: ASDT
Value: 0
.csync.loopme.me/ Name: viewer_token
Value: 5a8e7a58-5360-4042-bd21-3b1e486462a2
.aniview.com/ Name: 1_C_56
Value: 5a8e7a58-5360-4042-bd21-3b1e486462a2
sync.aniview.com/ Name: 1_C_56
Value: 5a8e7a58-5360-4042-bd21-3b1e486462a2
.adgrx.com/ Name: ADGRX_UID
Value: d4d740f0-be41-11ee-8602-6e51ba46ead9
.rkdms.com/ Name: sc
Value: 13%3A114624
.rkdms.com/ Name: sessionid
Value: h-869d01602ac342df9a9c409daca26dff_t-1706490044
nypost.com/ Name: cnx_userId
Value: fcbe1cca89d74a54a114006b7671810e
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.aniview.com/ Name: 1_C_200
Value: RX-4949403a-4567-4413-86a8-64a4c6123dda-005
sync.aniview.com/ Name: 1_C_200
Value: RX-4949403a-4567-4413-86a8-64a4c6123dda-005
.sundaysky.com/ Name: sskyu
Value: d6.e76e07904f87467aa0560fd6be8edb8f
.sundaysky.com/ Name: sskyCreationTime
Value: 1706490045301
.tremorhub.com/ Name: tvid
Value: 2d3f182001b74b158a894fe53259fbfd
.tremorhub.com/ Name: tv_UISCX
Value: fcbe1cca89d74a54a114006b7671810e
.33across.com/ Name: 33x_ps
Value: u%3D212440012054719%3As1%3D1706490045300%3Ats%3D1706490045300
.yieldmo.com/ Name: yieldmo_id
Value: VEUOBrrWWOrhYC5oqQHd%7C1706486400000%7C0
.go.sonobi.com/ Name: __uis
Value: 13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2
.tynt.com/ Name: uid
Value: k3eNWWW2+L0HOLzCV3ncoQ==
.resetdigital.co/ Name: ckbk
Value: 0000012B8D2A74F7
.colossusssp.com/ Name: gtm_usr
Value: 4059c788-c609-458d-bd4a-2742a3475cda
.servenobid.com/ Name: pid_312
Value: 569908430852131164
nypost.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-2686f86f-e79d-485e-ba10-74b2c691a418&KRTB&23011-2686f86f-e79d-485e-ba10-74b2c691a418&KRTB&23355-2686f86f-e79d-485e-ba10-74b2c691a418
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-d4d740f0-be41-11ee-8602-6e51ba46ead9&KRTB&23275-d4d740f0-be41-11ee-8602-6e51ba46ead9
.servenobid.com/ Name: pid_321
Value: RX-4949403a-4567-4413-86a8-64a4c6123dda-005
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-569908430852131164&KRTB&23339-569908430852131164
.bfmio.com/ Name: __187_cid
Value: B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
.thrtle.com/ Name: mc
Value: eyJpZCI6IjdiNDI3NzIzLTk4YWUtNGIzOC04YTg1LWYxZGRjZjc1M2I3MCIsImwiOjE3MDY0OTAwNDY0MzUsInQiOjF9
.aniview.com/ Name: 1_C_1
Value: B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
sync.aniview.com/ Name: 1_C_1
Value: B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHJEC4Nl3DCwN_lO4vAAAAAAA&KRTB&22713-AAAHJEC4Nl3DCwN_lO4vAAAAAAA&KRTB&22715-AAAHJEC4Nl3DCwN_lO4vAAAAAAA&KRTB&23519-AAAHJEC4Nl3DCwN_lO4vAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_3a32b05a45c5481c88778
.w55c.net/ Name: matchpubmatic
Value: 5
.mxptint.net/ Name: mxpim
Value: R35CAB_11005FCC9_87F666AC.1.000000000000000065B6F8BE
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:MGfTdgLu1Rug0Y5&KRTB&23421-uid:MGfTdgLu1Rug0Y5
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-cfd08bcc-90eb-4708-b389-0707c71d75d8&KRTB&23340-cfd08bcc-90eb-4708-b389-0707c71d75d8&KRTB&23498-cfd08bcc-90eb-4708-b389-0707c71d75d8
a.clickcertain.com/ Name: _ccpx_u
Value: f8c7369e%2d473e%2d4cf5%2d8717%2d09a89cc78e6f
.spot.im/ Name: access_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfUFZlelZ6SG9aWEVRIiwiZGlzcGxheV9uYW1lIjoiUmVkR2xhc3NlcyIsInVzZXJfbmFtZSI6IlJlZEdsYXNzZXMiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjUmVkLUdsYXNzZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNzA2NDkwMDQyLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjQwMTI5N002TmRPLjFhMWY0NjA3NGY3MjBiNjI2NjNkYWZjNjQ4NDAyNWJlZGZmNmY1NTdmNjkyYWMxZmI2NWZlN2IzOTI0NGFlY2YiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTWFWcWRZV1ZIeXN6QzR5RG5JdWgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzM0OTEyMDQyLCJzdWIiOiJ1X1BWZXpWekhvWlhFUSJ9.ovscRX6d9pLUkBVvHqkeh6l6UZM9BhB_oV0ftXBtu_4
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 7g1VnQ2ox%2BiSlyCw6oQczzoBn9wIFSGeNX9Lk1dGbJn%2BgrAbv3basSzFjR1xtddDf6fN%2Bi9t6sRcZeKF9WZjFDN8ooWPWksR%2FavEVL3nnTU%3D
.semasio.net/ Name: SEUNCY
Value: 72051B607ADFDF1F
.aniview.com/ Name: 1_C_5
Value: LRY83WXS-13-DGE9
sync.aniview.com/ Name: 1_C_5
Value: LRY83WXS-13-DGE9
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn&KRTB&19420-sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn&KRTB&22979-sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn&KRTB&23462-sydjcOMqY3-oI2J-vXMsc-MkYCSoIDIivCMu9YKn
.nypost.com/ Name: _pnlspid
Value: 12135
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7275493187359501348&KRTB&23150-7275493187359501348&KRTB&23527-7275493187359501348
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553&KRTB&23418-7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
.pubmatic.com/ Name: KRTBCOOKIE_964
Value: 20918-cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11&KRTB&23354-cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11&KRTB&23415-cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11&KRTB&23542-cuid_d2ca2980-be41-11ee-8be4-12fa6b58ae11
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&KRTB&23047-uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&KRTB&23234-uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU&KRTB&23361-uK9RRLNGNn_4wln5_zit3LIbcaWmy6oBKKP3kXQfYJU
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CAB_11005FCC9_87F666AC&KRTB&23092-R35CAB_11005FCC9_87F666AC
.smartadserver.com/ Name: csync
Value: 66:0a1822040049791feeac8450|75:41e24d93-d54c-44df-8e10-335978a5e3ce|94:Zbb4vAAA0m8FLAAg|111:ID5-91aeLpVChUonu3Fa7DvSxp-xXLoNNgvWlDiSlGE34g|113:RX-4949403a-4567-4413-86a8-64a4c6123dda-005|127:AAGDg07LbfEAABOt5hXgMg|141:0h7IOF91s3ESVmEA9jvyyJa0w
.crwdcntrl.net/ Name: _cc_id
Value: 5f72766870583b8c82c87eabd99f6997
.intentiq.com/ Name: IQPData
Value: 646215242#1706490046863#0#1706490044620
.intentiq.com/ Name: CSDT
Value: UEQ6MTU2NDhfMCZVMmkyS0Z1IzE1Mzg2XzAmVTJpMktMeCMxNTM1OF8wJlUyaTJKbG4
.prebid.a-mo.net/ Name: __amc
Value: 1_1706490046_1706490046
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!697-2!697-3!697
.acuityplatform.com/ Name: auid
Value: 882424164061
.nypost.com/ Name: _pnss
Value: dismissed
.nypost.com/ Name: _pnpdm
Value: true
io.narrative.io/ Name: io.narrative.guid.v2
Value: d6293300-be41-11ee-a180-0a02e9f38595
.nypost.com/ Name: _cc_id
Value: 5f72766870583b8c82c87eabd99f6997
.nypost.com/ Name: panoramaId
Value: 7c704167d598db94443f5075e061a9fb927a60ea7c9907114275bb1379ff4198
.nypost.com/ Name: panoramaIdType
Value: panoDevice
.pubmatic.com/ Name: SyncRTB3
Value: 1707696000%3A234_264_214_13_104_22_166_46_165_176_220_48_240_71_243_231_238_233_96_81_54_178_21_250_99_55_8_7_249_56_3_266_5%7C1707091200%3A15_2_38_223%7C1709078400%3A224%7C1711670400%3A69%7C1707350400%3A63%7C1707782400%3A35
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: 922de6c6-5f1d-35bf-9db0-f45acbbadf1e
.technoratimedia.com/ Name: tads_uidp_44
Value: LRY7AETQ-24-78U5
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 4559731294907678916
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAHQ9849_-uUwMypWn-AAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 475d8fcf-4dd9-4c7e-8c89-64b850fd765c
.technoratimedia.com/ Name: tads_uidp_61
Value: 212439984202536
.technoratimedia.com/ Name: tads_uidp_62
Value: 3494902621524370000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: XkcEIgl8_ICAWRAyUEUvNy3wBAoDhlpB
.technoratimedia.com/ Name: tads_uidp_7
Value: b05b53f2-b558-44cd-bc85-7de693101358
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AAGDg07LbfEAABOt5hXgMg
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-577b9e67-17e1-461d-ad81-5208abe8e4a3-005
.technoratimedia.com/ Name: tads_uidp_77
Value: ueKBc3MrZBavRVsQze5glr7pcdxyKAiIO5AJWJRB6FQ
.technoratimedia.com/ Name: tads_uidp_79
Value: 9236d96f-054e-4221-a469-4e1b65202e2c
.technoratimedia.com/ Name: tads_uidp_80
Value: y-aF6FPF9E2uFirRkIuVhJFIfK.jKKZHC.~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZbbzVZTehquAhtYAfV.IIgAA&5636
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 3936722861207646401647
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1703211272902
.a.usbrowserspeed.com/ Name: tuid
Value: b0dc123d-be54-4ba2-a818-2494c8e610de
.spotim.market/ Name: vmuid
Value: 7c6e7f15a4ce5182
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6499456437357126316&KRTB&23263-6499456437357126316&KRTB&23481-6499456437357126316
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUab9db8a93a1447b9af78df625a0ecba4&KRTB&23485-OPUab9db8a93a1447b9af78df625a0ecba4&KRTB&23524-OPUab9db8a93a1447b9af78df625a0ecba4
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-vC4MldVUXx1-4THjD_zAjiaEdkk&KRTB&23334-vC4MldVUXx1-4THjD_zAjiaEdkk&KRTB&23417-vC4MldVUXx1-4THjD_zAjiaEdkk&KRTB&23426-vC4MldVUXx1-4THjD_zAjiaEdkk
.omnitagjs.com/ Name: ayl_visitor
Value: c24309f4423767150cd0668cbe853dca
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-969751697415783635
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-882424164061&KRTB&23428-882424164061
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b16465b6-f8b7-4700-825f-1f6d618c12a5
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGDg07LbfEAABOt5hXgMg
.w55c.net/ Name: matchid5
Value: 5
ads.us.e-planning.net/ Name: CT
Value: 1
.ctnsnet.com/ Name: cid
Value: a591ea3200184fecb5ef4715ed7a1859
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-dWfkx1yXDteYeVQ-vPi2ZQ&KRTB&23557-dWfkx1yXDteYeVQ-vPi2ZQ
.e-planning.net/ Name: E
Value: AKPdkJk4iTC0COCr
.mgid.com/ Name: lmg_usr
Value: o0sIVghABe0h
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7597764471930027755P
.owneriq.net/ Name: pmc
Value: 1
.id5-sync.com/ Name: 3pi
Value: 2#1706490041928#454600301#569908430852131164|163#1706490047911#-574844411|164#1706490041084#1584778204|102#1706490044886#1487894755|264#1706490044260#-156263853#41e24d93-d54c-44df-8e10-335978a5e3ce|104#1706490046282#1047822478#82ce5fbb-faf3-47ec-acb9-51ab4b739685|10#1706490045936#1184503607#6499456437357126316|203#1706490042753#107057013#3fbfc4ff-725e-459d-8cd2-1da079402854|108#1706490041455#-1218975799|112#1706490047004#638228718#72051B607ADFDF1F|441#1706490041660#-801490215#u_409f2738-bb72-42b8-beec-9dce4873490b|155#1706490045284#-1687049155#AAGDg07LbfEAABOt5hXgMg|123#1706490045603#-1713754363|124#1706490043465#-554770316|796#1706490044496#-1472849105|1246#1706490044062#-556385354
.audrte.com/ Name: arcki2_pubmatic
Value: B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2!20220908!1706490048085
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-82ce5fbb-faf3-47ec-acb9-51ab4b739685
.pubmatic.com/ Name: PugT
Value: 1706490047
.spotim.market/ Name: a754412
Value: 3494916401524150000V10
.spotim.market/ Name: a733068
Value: IEdcARZHXsIbyiq9SwayWrz3
.spotim.market/ Name: a751004
Value: 569908430852131164
.spotim.market/ Name: a309017
Value: 7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
.spotim.market/ Name: a323551
Value: IEdcARZHXsIbyiq9SwayWrz3
.spotim.market/ Name: a310570
Value: IEdcARZHXsIbyiq9SwayWrz3
.trafmag.com/ Name: vid
Value: 1448798061454077
.adsby.bidtheatre.com/ Name: __kuid
Value: 3213fc64-36ea-4b3c-bc02-489b41ed3180.475704048
.spotim.market/ Name: a753378
Value: o0sIVghABe0h
.spotim.market/ Name: a297253
Value: 569908430852131164
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_0983445b-869a-4a0c-bbfb-ec07905c489b
.mgid.com/ Name: lmg_r
Value: 25|27
a4p.adpartner.pro/ Name: apuid
Value: 26a2fa4e-2f3e-44eb-9c5d-705656140371
.pubmatic.com/ Name: DPSync3
Value: 1706572800%3A248_255%7C1707696000%3A263_262_260_197_258_219_228_256_236_226_259_235_245_261_201%7C1707091200%3A252_253_164_265%7C1707523200%3A257
.admanmedia.com/ Name: admtr_red
Value: undefined
.onaudience.com/ Name: cookie
Value: 6bcc2b7bf5bd0e96
.onaudience.com/ Name: done_redirects104
Value: 1
.spotim.market/ Name: a307558
Value: 26a2fa4e-2f3e-44eb-9c5d-705656140371
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-4949403a-4567-4413-86a8-64a4c6123dda-005&KRTB&17107-RX-4949403a-4567-4413-86a8-64a4c6123dda-005
.sportradarserving.com/ Name: zuuid
Value: 48961215-5862-4647-9cd4-cab4f0e5ce54
.sportradarserving.com/ Name: c
Value: 1706490048
.sportradarserving.com/ Name: zuuid_lu
Value: 1706490048
.rtb.om-meta.com/ Name: om-bidder
Value: xknE2kk5Mpw+Murl8yjNyHZKbr+oTCImPKfbuCsdh141C3GWoHZjglNVDzCy3hbj
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4949403a-4567-4413-86a8-64a4c6123dda-005%22%7D
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1706490048
.ymmobi.com/ Name: ym_user_cookie
Value: ym_user_98517b9f-fb41-4f41-9498-996f8a657350
.aniview.com/ Name: 1_C_142
Value: 70bc553d-17ec-422b-a7ac-eeeb5ec1c02b
sync.aniview.com/ Name: 1_C_142
Value: 70bc553d-17ec-422b-a7ac-eeeb5ec1c02b
.aniview.com/ Name: 1_C_72
Value: 7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
sync.aniview.com/ Name: 1_C_72
Value: 7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
.aniview.com/ Name: 1_C_23
Value: 933e2efb-9384-45f1-819b-125fe772a322
sync.aniview.com/ Name: 1_C_23
Value: 933e2efb-9384-45f1-819b-125fe772a322
.aniview.com/ Name: 1_C_41
Value: 264943876892460233441
sync.aniview.com/ Name: 1_C_41
Value: 264943876892460233441
.w55c.net/ Name: matchcasale
Value: 5
.clickagy.com/ Name: cb
Value: Zbb4wFVvkpzyqWGi7AwJyTvx
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2024-01-29 01:00:48"}]
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1706511648761
.brand-display.com/ Name: _knxq_
Value: 95c619af-f55c-7348-b1a4351b.1706490048.0.1706490048.1706490048
.company-target.com/ Name: tuuid
Value: 888d5bf4-8617-4ac8-bcc6-2af092319710
.aniview.com/ Name: 1_C_42
Value: Zbb4t.4rlh.cZ2F6j5eVAQAA&1589
sync.aniview.com/ Name: 1_C_42
Value: Zbb4t.4rlh.cZ2F6j5eVAQAA&1589
.onaudience.com/ Name: done_redirects147
Value: 1
.spotim.market/ Name: a307971
Value: AKPdkJk4iTC0COCr
.adkernel.com/ Name: DSP2F_84
Value: 504345
.adkernel.com/ Name: DSP2F_40
Value: 649145
.adkernel.com/ Name: ADKUID
Value: A4495936762966581276
.onaudience.com/ Name: done_redirects236
Value: 1
.nypost.com/ Name: _au_1d
Value: AU1D-0100-001706490049-PIV1W3FA-T4HJ
.nypost.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDY0OTAwNDksInR0ZCI6MTcwNjQ5MDA0OSwicHViIjoxNzA2NDkwMDQ5LCJydWIiOjE3MDY0OTAwNDksInRhcGFkIjoxNzA2NDkwMDQ5LCJhZHgiOjE3MDY0OTAwNDksImdvbyI6MTcwNjQ5MDA0OSwiY29sb3NzdXMiOjE3MDY0OTAwNDksImJlZXMiOjE3MDY0OTAwNDl9
.colossusssp.com/ Name: lmg_r
Value: 74|76|66
.ad.gt/ Name: au_id
Value: AU1D-0100-001706490049-PIV1W3FA-T4HJ
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.nypost.com/ Name: _ga
Value: GA1.2.649758697.1706490038
.openx.net/ Name: pd
Value: v2|1706490040.8.2|vPvMgakWgy.mmiKbwuYeShEgKwrg2f8.wvwDwtvJwiwI
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNDcwN7O0NDM10FEysUTlGxoYoQpYmKPyjaB8A0sTC1ODWgCxBBCv
.lijit.com/ Name: _ljtrtb_16
Value: 7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
.lijit.com/ Name: _ljtrtb_27
Value: 41e24d93-d54c-44df-8e10-335978a5e3ce
.lijit.com/ Name: _ljtrtb_49
Value: H8rkIRuldlvq
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlBMz0Bfcw0zpBnnWNP1+1LEVNueR6EpHm6pDt16FPBDAaLip1W6N6nR616CJEpxtEeJJu99e0WnT=
.bluekai.com/ Name: bku
Value: ZoW991nT+ZPnT1XT
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_ed40bd2c-f36a-4e4a-860e-5e326e0cd80a
.media6degrees.com/ Name: clid
Value: 2s8005f011703ewmqp3qg3hw000000010s010501101
.media6degrees.com/ Name: acs
Value: 012020k1s8005fxzt10
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.lijit.com/ Name: ljtrtb
Value: eJwNyzsOAjEMANG7pMZSHH9icwJoucHG8TZsAxI0iLtv2tGbX0Et19JzRN9bg6rpwNk38IgJ4jpjII%2BMCipDdxsGIkLlUtjXebP38%2F74HPP4vlZrfTXGbDydYAoHMM8dLLECkXi3TZIil%2FW2rKh7NaZq0pAQlcv%2FBFeKJVY%3D
.lijit.com/ Name: _ljtrtb_87
Value: 210aed4c-1290-40df-ade0-996605a0ba01
.krushmedia.com/ Name: krm_usr
Value: 14839fa2-63c1-53df-8bec-a8ea01ed3fd6
.a-mx.com/ Name: amdt_t
Value: p::1706490051231
.a-mx.com/ Name: amuid2
Value: 79ecc2e7-3d87-4da9-a246-f257ba23ae0f
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.krushmedia.com/ Name: krm_r
Value: 572|1|154
.spotim.market/ Name: a281178
Value: B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjgyY2U1ZmJiLWZhZjMtNDdlYy1hY2I5LTUxYWI0YjczOTY4NSIsImV4cGlyZXMiOjE3MDkwODIwNTF9fX0=
.crwdcntrl.net/ Name: _cc_dc
Value: 0
nypost.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2241e24d93-d54c-44df-8e10-335978a5e3ce%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-29T01%3A00%3A52%22%7D
.nypost.com/ Name: panoramaId_expiry
Value: 1706576452370
.w55c.net/ Name: matchsharethrough
Value: 5
.pubmatic.com/ Name: pi
Value: 156557:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1706447305
.admanmedia.com/ Name: ac_r
Value: undefined|CS168|CS181
.adtelligent.com/ Name: a281178
Value: B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2
.eqads.com/ Name: EQUser
Value: UID=6706e737-2b3b-4ae1-90dc-918a56782337
.adtelligent.com/ Name: vmuid
Value: 6fc9875509c021ac
.adtelligent.com/ Name: a307971
Value: AKPdkJk4iTC0COCr
.creative-serving.com/ Name: tuuid
Value: f4f792d7-5274-4dab-801d-f0fe8546e2ad
.creative-serving.com/ Name: c
Value: 1706490052
.creative-serving.com/ Name: tuuid_lu
Value: 1706490052
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzllY2MyZTctM2Q4Ny00ZGE5LWEyNDYtZjI1N2JhMjNhZTBmIiwiZXhwaXJlcyI6IjIwMjQtMDItMTJUMDE6MDA6NTIuODI1OTAwODM0WiJ9LCJydWJpY29uIjp7InVpZCI6IkxSWTgzV1hTLTEzLURHRTkiLCJleHBpcmVzIjoiMjAyNC0wMi0xMlQwMTowMDo1Mi44MjUzMzMyMTdaIn19fQ==
.tribalfusion.com/ Name: ANON_ID
Value: aknv7ytlix98qyTAZaVq6gjeBTiYtFMyTl8L3rmpcJX5rrLwoEOxq2Bpqdnprv2P2H7BkjVF9ZavMHhnlILMxyZcTaTnoshZbKclgBLDMluHMaUbQGGb39nb
.company-target.com/ Name: tuuid_lu
Value: 1706490052|ix:0|tlx:0
.adnxs.com/ Name: anj
Value: dTM7k!M40*hgVC6ghqdmU(7TYY`BS=#?nGJ-[y]/P)[Q_E[GVQKvQwA4H@GuDliC9%ZQb]4FWp6DmXQGNddHi^D[ry1F>:jpXInj3zqoX.`'JrJ6I*tEB@.JC2qZ/J)]zt9vhC*XU<oJ/C.639rPf4@1i$^/:rV@%q)3R)w[Z1
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyNjQ5NDM4NzY4OTI0NjAyMzM0NDEiLCJleHBpcmVzIjoiMjAyNC0wNC0yOFQwMTowMDo0M1oifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIyNjQ5NDM4NzY4OTI0NjAyMzM0NDEiLCJleHBpcmVzIjoiMjAyNC0wNC0yOFQwMTowMDo0OVoifSwiYW14Ijp7InVpZCI6Ijc5ZWNjMmU3LTNkODctNGRhOS1hMjQ2LWYyNTdiYTIzYWUwZiIsImV4cGlyZXMiOiIyMDI0LTA0LTI4VDAxOjAwOjUyWiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTI5VDAxOjAwOjQzWiJ9
prebid.a-mo.net/ Name: amdgt_lk%40cfs
Value: 1
.adtelligent.com/ Name: a754412
Value: 3494916401524150000V10
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.adkernel.com/ Name: DSP2F_71
Value: 343983
.media.net/ Name: data-o
Value: b7f94b06-a819-495e-9e1c-734587ce42d2~~8
.media.net/ Name: data-so
Value: 13bd9b4f-5b85-475f-ba2c-9e4b4dcd61f2~~8
.w55c.net/ Name: matchtriplelift
Value: 5
.creativecdn.com/ Name: ts
Value: 1706490052
.rqtrk.eu/ Name: browser_id
Value: a5eb5441-de91-4b38-bbc1-cda8bc3b7464
.media.net/ Name: data-r1
Value: RX-4949403a-4567-4413-86a8-64a4c6123dda-005~~8
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzllY2MyZTctM2Q4Ny00ZGE5LWEyNDYtZjI1N2JhMjNhZTBmIiwiZXhwaXJlcyI6IjIwMjQtMDItMTJUMDE6MDA6NTMuMDI4NDMyNDM5WiJ9fX0=
.sharethis.com/ Name: __stid
Value: ZHoAA2W2+MUAAAAJEMarAw==
.sharethis.com/ Name: __stidv
Value: 2
.quantserve.com/ Name: d
Value: EBABHwGCK_ijC_vLEKyb0QupggA
.nypost.com/ Name: cto_bundle
Value: bT2b319aUDVmYmM5aVZreTQlMkIlMkY2a2lVZU1XVVclMkZOTHkxcWM2QzVmTSUyRnElMkZjZUg3NGxjNFM5dktqRVg1VG1KRG1YcFlyYnY5UTdaOVBnMzZ5QWhqMmZOMzc5cXJ6ZE1uQzAyYk9ZZGhIaXlydjA5MWdXcEo4TWhFbFpkTUMlMkZLb1VIYnJiZ24yU2xBVnNQTjZ3WGtpUnVpMTBnMmclM0QlM0Q
.nypost.com/ Name: cto_bidid
Value: 6572El9nU1p1bEhiQXkxVzhtZVBjUDZMRFJXJTJCVmNQYTNsYyUyQmY4NzJnQzZEUUxvOEJnM3FZZmpYTFc5Q2p4S05oWU5SV0NDZmhsaWJ6dW44OGpmVVBkTEtoRmVpM2RJOGh2S245UjQyZldtOFhvcVElM0Q
.fwmrm.net/ Name: _uid
Value: umo2b61_7329319012296256201
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umo2b61_7329319012296256201
.ads.stickyadstv.com/ Name: MRM_UID
Value: umo2b61_7329319012296256201
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzllY2MyZTctM2Q4Ny00ZGE5LWEyNDYtZjI1N2JhMjNhZTBmIiwiZXhwaXJlcyI6IjIwMjQtMDItMTJUMDE6MDA6NTIuMTg1NzU5NzM2WiJ9LCJiZWVzd2F4Ijp7InVpZCI6IkFBR0RnMDdMYmZFQUFCT3Q1aFhnTWciLCJleHBpcmVzIjoiMjAyNC0wMi0xMlQwMTowMDo1MS42MzAyNzk1MzRaIn0sImJpZHN3aXRjaCI6eyJ1aWQiOiI4MmNlNWZiYi1mYWYzLTQ3ZWMtYWNiOS01MWFiNGI3Mzk2ODUiLCJleHBpcmVzIjoiMjAyNC0wMi0xMlQwMTowMDo0NS4wNTgwMDc2ODZaIn0sImNvbnZlcnNhbnQiOnsidWlkIjoiQUFBRnZuNmFXaEd6bGdOM29BbXBBQUFBQUFBIiwiZXhwaXJlcyI6IjIwMjQtMDItMTJUMDE6MDA6NDQuNDg1MTA5MjIzWiJ9LCJmcmVld2hlZWxzc3AiOnsidWlkIjoiNGMzMThlMTNkOThhMjQ3NjU1MjU0ZWE1YWMzZWExYyIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDAxOjAwOjUzLjMxMTQ5OTU3M1oifSwiZ3JpZCI6eyJ1aWQiOiI4MmNlNWZiYi1mYWYzLTQ3ZWMtYWNiOS01MWFiNGI3Mzk2ODUiLCJleHBpcmVzIjoiMjAyNC0wMi0xMlQwMTowMDo1MC43MjA2ODY4MzJaIn0sImlubW9iaSI6eyJ1aWQiOiJJRDUtOTFhZUxwVkNoVW9udTNGYTdEdlN4cC14WExvTk5ndldsRGlTbEdFMzRnIiwiZXhwaXJlcyI6IjIwMjQtMDItMTJUMDE6MDA6NTMuMDM2NzQyMDYzWiJ9LCJrYXJnbyI6eyJ1aWQiOiI5MzYzMDU2ZS1mMzc5LWE0MmYtZTYyNC1hZDJkNjRhZmI0NGQiLCJleHBpcmVzIjoiMjAyNC0wMi0xMlQwMTowMDo1Mi4wNjQ4MjIxODRaIn0sIm1lZGlhbmV0Ijp7InVpZCI6IjM0OTQ5MTY0MDE1MjQxNTAwMDBWMTAiLCJleHBpcmVzIjoiMjAyNC0wMi0xMlQwMTowMDo1MS44MzI1OTE0MTVaIn0sInB1Ym1hdGljIjp7InVpZCI6IkI2QzU0Mjg0LUUxQjQtNEU4OS04RDk1LTlDNkU0RjZBMjRCMiIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDAxOjAwOjQ4Ljg3OTc1Nzg5OFoifSwicmljaGF1ZGllbmNlIjp7InVpZCI6ImQ5ZWI2YThhLWEwYzAtNGEwYy1hNDg5LTF6ejE3MDY0ODk5NDAiLCJleHBpcmVzIjoiMjAyNC0wMi0xMlQwMTowMDo1MS41MDU2NTk2NDNaIn0sInJ1Ymljb24iOnsidWlkIjoiTFJZODNXWFMtMTMtREdFOSIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDAxOjAwOjUyLjMxMzYyOTA2OFoifSwic21hcnQiOnsidWlkIjoiMjQwNTIxMjE1OTEwMTg4NTU5MyIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDAxOjAwOjQ3Ljk0ODY3MDcyMVoifSwic29ub2JpIjp7InVpZCI6IjEzYmQ5YjRmLTViODUtNDc1Zi1iYTJjLTllNGI0ZGNkNjFmMiIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDAxOjAwOjUwLjI2ODM1ODA5NVoifSwidHRkIjp7InVpZCI6IjQxZTI0ZDkzLWQ1NGMtNDRkZi04ZTEwLTMzNTk3OGE1ZTNjZSIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDAxOjAwOjQ3LjQ4NjA3MjczOFoifSwidW5ydWx5Ijp7InVpZCI6Ik9QVE9VVCIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDAxOjAwOjUwLjQ3NDMzNjUzOFoifX0sImJkYXkiOiIyMDI0LTAxLTI5VDAxOjAwOjQ0LjQ4NTEwNDE2N1oifQ==
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-B7s07.5E2oOVuJ_YdNVytq8Enhp8LqCDWRWixocF~A
.aniview.com/ Name: 1_C_133
Value: 70a21ae20dfbf74c5fa4b7af696db04c
sync.aniview.com/ Name: 1_C_133
Value: 70a21ae20dfbf74c5fa4b7af696db04c
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAGDg07LbfEAABOt5hXgMg
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESENE-QsqyUZrIprWHMJY8XSc
.media.net/ Name: data-r
Value: LRY83WXS-13-DGE9~~1
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 41e24d93-d54c-44df-8e10-335978a5e3ce
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: MGfTdgLu1Rug0Y5
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 569908430852131164
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME0zNzI3M7MwNzC1ME6ySLYwSrYwT01MSrG0TDOztDRnAILUbT%2BOgWgoAABQ8gtc"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI3fbjGJCCAgAi%2BALa"
.bfmio.com/ Name: __180_cid
Value: 1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22e3358483bc%22%2C%22f%22%3A1%2C%22ts%22%3A1706490052468%7D%2C%7B%22p%22%3A%22af668bdd51%22%2C%22f%22%3A1%2C%22ts%22%3A1706490054179%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1706490047871%7D%2C%7B%22p%22%3A%22632381c622%22%2C%22f%22%3A1%2C%22ts%22%3A1706490054179%7D%2C%7B%22p%22%3A%22f46c881bee%22%2C%22f%22%3A1%2C%22ts%22%3A1706490054179%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1706490045547%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1706490047871%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1706490045547%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1706490047871%7D%2C%7B%22p%22%3A%22a3ec099f1a%22%2C%22f%22%3A1%2C%22ts%22%3A1706490052468%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1706490045547%7D%2C%7B%22p%22%3A%22b09a7ad68f%22%2C%22f%22%3A1%2C%22ts%22%3A1706490054179%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1706490047871%7D%2C%7B%22p%22%3A%22e4ec132db7%22%2C%22f%22%3A1%2C%22ts%22%3A1706490054179%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1706490047871%7D%2C%7B%22p%22%3A%220f90caf3cf%22%2C%22f%22%3A1%2C%22ts%22%3A1706490052468%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1706490045547%7D%2C%7B%22p%22%3A%2295c591d034%22%2C%22f%22%3A1%2C%22ts%22%3A1706490052468%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1706490045547%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1706490047871%7D%2C%7B%22p%22%3A%225cb91279ed%22%2C%22f%22%3A1%2C%22ts%22%3A1706490054179%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1706490045547%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1706490052468%7D%2C%7B%22p%22%3A%22ee0d9a54e4%22%2C%22f%22%3A1%2C%22ts%22%3A1706490052468%7D%5D
.bfmio.com/ Name: __106_cid
Value: 41e24d93-d54c-44df-8e10-335978a5e3ce
.bfmio.com/ Name: __bfio_sync
Value: 486CD4B7C5E44970980D96C3E0FB1569
.dotomi.com/ Name: DotomiTest
Value: 17750400e610108b
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 2686f86f-e79d-485e-ba10-74b2c691a418
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNDdyMWg5Iix0OiJuaSJ9LGJmOnt0czoiNDdyMWhpIix0OiJuaSJ9fQ=="
.bfmio.com/ Name: __141_cid
Value: 59948840237444FFB186652355CB1705
.rlcdn.com/ Name: rlas3
Value: iTbuDcH4bpKG3qK5GWEKOdxWcPEBl2pcuUbZGLKO3l4=
.rlcdn.com/ Name: pxrc
Value: CLfx260GEgUI6AcQABIFCOhHEAASBgi66gEQCRIGCLjrARAHEgYIpLcrEA8SBgiKuisQAQ==
.bfmio.com/ Name: __179_cid
Value: RX-4949403a-4567-4413-86a8-64a4c6123dda-005
.bfmio.com/ Name: __io_cid
Value: 41e24d93-d54c-44df-8e10-335978a5e3ce
.go.sonobi.com/ Name: HAPLB8G
Value: s85110|Zbb4y
.bfmio.com/ Name: __147_cid
Value: d6.e76e07904f87467aa0560fd6be8edb8f
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1706490054!sovrn,1706490051!bidswitch,1706490044!outbrain,1706490039
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240129%22%2C%22113%22%3A%2220240129%22%2C%22140%22%3A%2220240129%22%2C%22141%22%3A%2220240129%22%2C%22149%22%3A%2220240129%22%2C%22142%22%3A%2220240129%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2gg0:175w~2gg0:18z8~2gg0:18vk~2gg0:19dr~2gg0:190u~2gg0:18za~2gg0:196y~2gg0:191q~2gg0"
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBmYmlgYGJmaW70C4lvaGJk-kgQzjc1MTY2fCWOkLcwNTYDAFygKiJAAAAA
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI2qXV3fib0DwQBRIXCghwdWJtYXRpYxILCKDxsIP4m9A8EAUSFAoFdGFwYWQSCwimzraI-JvQPBAFEhYKB3J1Ymljb24SCwiYx9qJ-JvQPBAFEhUKBmdvb2dsZRILCKaC2474m9A8EAUYASABKAIyCwigoaKdj5zQPBAFOAFaBmd1bWd1bWAC
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNjQ5MDA0NjQ2NiwiMjQiOjE3MDY0OTAwNDg3NjcsIjI2IjoxNzA2NDkwMDQ5NTU3LCI0OCI6MTcwNjQ5MDA1MDk0NCwiNTkiOjE3MDY0OTAwNTQzMzYsIjM5IjoxNzA2NDkwMDQ0OTEyLCIxNyI6MTcwNjQ5MDA0ODY5NywiNyI6MTcwNjQ5MDA0NDkxMiwiODEiOjE3MDY0OTAwNDEwMzYsIjcwIjoxNzA2NDkwMDU0MTgwLCI2MSI6MTcwNjQ5MDA0NDkxMiwiNzQiOjE3MDY0OTAwNDg1MTIsIjY0IjoxNzA2NDkwMDQ1OTg5fQ
.bfmio.com/ Name: __167_cid
Value: av-fe0a58fc-35bc-4994-be9c-a4c4ce2035ae
.ads.stickyadstv.com/ Name: uid-bp-25522
Value: 7ebc7f22-06e9-4e7a-9ccd-596dcb14bec0-65b6f8b8-5553
.pxl.iqm.com/ Name: ttacross
Value: MTcwNzY5OTY1NDM2NA==
.criteo.com/ Name: partitioned_bundle
Value: aQDHQ19WemZTR09ZaGU2ME9Sd2xaREt1MFBVeXNjTXYxb0pNdmhCaDFXdVdmY0hQd0R3aW5pWEI0OEh0RFNlTDcwZyUyRkhzQlFXdXpsN1FaR2Rud21nYVA5cDMxQjhoRVd3JTJCa25LZjdTYTNYVUFIc0JrMGI0MVdKZHJHNG15SGxLUGF4eDklMkZneVl6RTI5eUJJQXZIVVptJTJGbERXNDBxZnUyMXl2ZnNjVGI4T0hWQUJGQSUzRA
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRlRXOk+2mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUZUVzpPto90aGlyZFBhcnR5VXNlcklkIfuAOPpC0EMlAUZUVzw3nEQlAUZUVzw3nEUh+/uGdmVyc2lvbsL7
.adkernel.com/ Name: SSPZ
Value: 176971
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1pdw|4is.0.CAESEAS2oUkwXmmHC5Pi8aFgQXg|7Xz.0.1|7TY.0|7dW.0.1|2N.0.AAAHaYfdwKIClQMIjRPkAAAAAAA|3oy.0|7bq.0.1|7br.0.1|8nM.0.1|7dN.0.AAGDg07LbfEAABOt5hXgMg
.mobfox.com/ Name: mf_u_key
Value: b060a4b1-4f5b-46cb-a377-2057d65cc65b
.mobfox.com/ Name: mf_red_key
Value: 1070
.id5-sync.com/ Name: id5
Value: e9722579-49d1-7323-840a-43cc3febd39e#1706490040924#9
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjI2NDk0Mzg3Njg5MjQ2MDIzMzQ0MSIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDAyOjAwOjU0Ljc0NTg3ODQ2OCswMTowMCJ9fSwiYmRheSI6IjIwMjQtMDEtMjlUMDI6MDA6NTQuNzQ1ODc2NDY1KzAxOjAwIn0=
.storygize.net/ Name: U
Value: e31d6ac8-1779-4c98-ab2c-af9179c39dfe
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: f8b04070-229a-521d-b7ea-3719d25ccfdf
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: Zbb4xgALTohu9tOedU0afZ9B6I-VnkxIfidtIA==
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHSx7BdEYzY8KS5Bv7H1ouoxdnNVF8ci151n8s9Vhf95gIzBpmM1yDpjRt/d1QMHKNymPvo8plePx63vS4r7n45c8p30O+KFTfxXSTExHpjkV9byk9TjXUW
.ads.stickyadstv.com/ Name: uid-bp-772
Value: 7329318908464986269
.ads.stickyadstv.com/ Name: uid-bp-45
Value: Zbb4vAAA0m8FLAAg

34 Console Messages

Source Level URL
Text
network error URL: https://zephr-v4.nypost.com/blaize/datalayer
Message:
Failed to load resource: the server responded with a status of 401 ()
security error URL: https://us.tags.newscgp.com/prod/ncg/ncg.js(Line 3)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.ncaudienceexchange.com') does not match the recipient window's origin ('https://nypost.com').
network error URL: https://api.nypdev.com/cdp/zephr/content/flyout?gaClientId=649758697.1706490038
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.geistm.com/m/OB/BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=BQT_fNL90Qr9V1cRx2SLQPG30HXtT1SI6YFvWrRiI7YNDcgGbt28ow024kofYfQC
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://tagan.adlightning.com/nc-nypost/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/nc-nypost/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/nc-nypost/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20B6C54284-E1B4-4E89-8D95-9C6E4F6A24B2&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=3fbfc4ff-725e-459d-8cd2-1da079402854&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEBI0DR37rAljIzmlurGXMKk&google_cver=1&google_push=AXcoOmSv3IieOapP09fo2-iKNrjbTt7sKzCrNdwGpRlPlt5YG8H-zIO9gdkmjMGcQYHk4jZAFgANs5jfxzs8pYH_1IP-7Mw60f2RjIZ62KHQZZrBmCK9V5kOA2iNex3f1rFyfM9UjaytIJVqkolWP2mRfdQ
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id5-sync.com/c/164/796/1/9.gif?puid=2686f86f-e79d-485e-ba10-74b2c691a418&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cs.admanmedia.com/fa9f4b3548d146d8b0584acce84c4fec.gif?gdpr=0&gdpr_consent=&us_privacy=1---&coppa=0&puid=1706490044009-172030175079-000676-010-006630&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D57%26pid%3D59c9148628a0612da3689288%26key%3D%7B%24UID%7D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://tagan.adlightning.com/nc-nypost/op.js
Message:
Mixed Content: The page at 'https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/' was loaded over HTTPS, but requested an insecure script 'http://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3Dfcbe1cca89d74a54a114006b7671810e%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=2405212159101885593&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.
security error URL: https://nypost.com/2022/06/24/the-trillions-in-covid-relief-money-led-to-billions-in-fraud/
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?pid=44&puid=RX-4949403a-4567-4413-86a8-64a4c6123dda-005' because its MIME type ('image/gif') is not executable.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Ded4a94647a2ace32%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ed4a94647a2ace32
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://p.ad.gt/api/v1/p/471
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D726ae5e0bff11241%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://eexsync.com/ztgl358.gif?gdpr=&gdpr_consent=&us_privacy=&coppa=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D38%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzI2YWU1ZTBiZmYxMTI0MSZ1aWQ9dWEtODViOGY0YTEtY2NjMi0zZTk3LWJlZTgtZDg3ZDdkYjJmOGE2MgImEjgB
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=nypost.com&e=27&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nypost.com').
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=nypost.com&e=27&uid=79ecc2e7-3d87-4da9-a246-f257ba23ae0f(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nypost.com').
network error URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%5BAV_GDPR%5D%26gdpr_consent%3D%5BAV_CONSENT%5D%26uid%3D%5BPBS_UID%5D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfcbe1cca89d74a54a114006b7671810e%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D650e9f26e182b7eb%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1706490044009-172030175079-000676-010-006630%26biddername%3D143%26pid%3D5e0e296628a061270b21ccab%26key%3D%24UID
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D756033%26extuid%3D%5BPBS_UID%5D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2433DA9%26sp%3D833229%26pb%3D305583%26c%3D756621%26a%3D756033
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://usersync.gumgum.com/usersync?b=pln&i=H8rkIRuldlvq&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D756033%26extuid%3D%5BPBS_UID%5D%26traffic_source%3Dsnippet%26session%3D85AD5D56E2432FD1%26sp%3D833229%26pb%3D305583%26c%3D756621%26a%3D756033%26domain%3Dhttps%3A%2F%2Fnypost.com%2F2022%2F06%2F24%2Fthe-trillions-in-covid-relief-money-led-to-billions-in-fraud%2F
Message:
Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ac506c83076dbd887da606630563166.safeframe.googlesyndication.com
0cf17917-395b-4f25-91cc-db3bdd6044b0.edge.permutive.app
0cf17917-395b-4f25-91cc-db3bdd6044b0.prmutv.co
191e40e306f6fc5816cb2e4c9fa76d3a.safeframe.googlesyndication.com
33across-match.dotomi.com
a.ad.gt
a.audrte.com
a.c.appier.net
a.clickcertain.com
a.sportradarserving.com
a.tribalfusion.com
a.usbrowserspeed.com
a.vidoomy.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad2.360yield.com
ade.googlesyndication.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yieldmo.com
adx.adform.net
adxbid.info
ak.sail-horizon.com
ampcid.google.com
amplify.outbrain.com
aniview-diag-server.1rx.io
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
api.btloader.com
api.id5-sync.com
api.intentiq.com
api.metricsamsi.com
api.nypdev.com
api.permutive.com
api.rlcdn.com
as.ck-ie.com
assets.a-mo.net
assets.bounceexchange.com
ats-wrapper.privacymanager.io
audex.userreport.com
b-code.liadm.com
b1h-euc1.zemanta.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-iad2.rubiconproject.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bis6.vidazoo.com
bpi.rtactivate.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.aaxads.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c21lg-d.media.net
c2shb.pubgw.yahoo.com
capi.connatix.com
casale-match.dotomi.com
cc.adingo.jp
cd.connatix.com
cdn-ima.33across.com
cdn.cookielaw.org
cdn.doubleverify.com
cdn.flipboard.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.p-n.io
cdn.parsely.com
cdn.permutive.com
cdn.speedcurve.com
cdn2.decide.dev
cds.connatix.com
ce.lijit.com
check.analytics.rlcdn.com
cks.connatix.com
cm-x.mgid.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.mgid.com
cm.rtbsystem.com
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connatix-supply-partners.tremorhub.com
content.homenetiol.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.chocolateplatform.com
cs.krushmedia.com
cs.lkqd.net
cs.media.net
cs.mobfox.com
csi.gstatic.com
csxd.contentsquare.net
csync.loopme.me
d.adroll.com
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
d31otfhas71ais.cloudfront.net
data.adsrvr.org
data.cdnbasket.net
de.tynt.com
de9a11s35xj3d.cloudfront.net
decide.dev
direct-events-collector.spot.im
direct.adsrvr.org
dis.criteo.com
dmp.adblade.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eexsync.com
elb.the-ozone-project.com
eus.rubiconproject.com
event.hgrtb.com
eventlog.outbrain.com
events-ssc.33across.com
events.bouncex.net
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geo.privacymanager.io
geolocation.onetrust.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
go1.aniview.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid-mercury.criteo.com
grid.bidswitch.net
gsght.com
gum.criteo.com
gw-iad-bid.ymmobi.com
hb-api.omnitagjs.com
hb.openwebmedia.org
hb.yahoo.net
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.ctnsnet.com
i.liadm.com
i6.liadm.com
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.crwdcntrl.net
id.geistm.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
ids.ad.gt
ids.cdnwidget.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
images.spot.im
imasdk.googleapis.com
inv-nets.admixer.net
inventory.vidazoo.com
io.narrative.io
ipac.ctnsnet.com
jelly.mdhv.io
js-sec.indexww.com
k.p-n.io
krk2.kargo.com
launcher.spot.im
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lexicon.33across.com
libs.outbrain.com
live.rezync.com
loadus.exelator.com
ls.skimresources.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mcdp-nydc1.outbrain.com
meadowlullaby.com
media.grid.bidswitch.net
medianet-match.dotomi.com
mid.rkdms.com
ml314.com
ms-cookie-sync.presage.io
mug.criteo.com
mv.outbrain.com
nep.advangelists.com
nid.nypost.com
nypost-com.videoplayerhub.com
nypost.com
observe.aniview.com
onetag-sys.com
open-api.spot.im
outbrain-d.openx.net
ow.pubmatic.com
p.ad.gt
p.rfihub.com
p.safeservingcdn.com
p.skimresources.com
p.typekit.net
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
pagesix.com
pb-logs.media.net
pbcs.nypost.com
pbjs.e-planning.net
pbs-cs.yellowblue.io
pdc.bidswitch.net
pippio.com
pix.cdnwidget.com
pix.spot.im
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pixels.ad.gt
player.adtelligent.com
player.aniview.com
player.spotim.market
player.unrulyvideo.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.ad.smaato.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
ps.eyeota.net
publisher-assets.spot.im
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxl.iqm.com
r.bidswitch.net
r.casalemedia.com
r.skimresources.com
r1---sn-q4fl6nsd.c.2mdn.net
reachms.bfmio.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb-use.mfadsrvr.com
rtb.adentifi.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.om-meta.com
rtb.openx.net
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
s2ssc.aniview.com
sac.nypost.com
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
segment-data.zqtk.net
server.cpmstar.com
server3.vidazoo.com
servt.unrulyvideo.com
sghb.adtelligent.com
sghb.spotim.market
sid.storygize.net
simage2.pubmatic.com
simage4.pubmatic.com
sli.nypost.com
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static-cdn.spot.im
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
static.vidazoo.com
stats.g.doubleclick.net
stats.wp.com
sync-dmp.mobtrakk.com
sync-jp.im-apps.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.adtelligent.com
sync.aniview.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.resetdigital.co
sync.richaudience.com
sync.sharethis.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.contentsquare.net
t.nypost.com
t.pswec.com
t.skimresources.com
t.trafmag.com
tag.bounceexchange.com
tagan.adlightning.com
tags.barrons.com
tags.bluekai.com
tags.crwdcntrl.net
tags.decider.com
tags.mansionglobal.com
tags.marketwatch.com
tags.nypost.com
tags.pagesix.com
tags.penews.com
tags.realtor.com
tags.wsj.com
targeting.unrulymedia.com
tg.socdm.com
tg1.unrulyvideo.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tr.outbrain.com
trace.mediago.io
track1.aniview.com
track4.aniview.com
trc.taboola.com
triplelift-match.dotomi.com
u-iad04.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-east-sync.bidswitch.net
us-u.openx.net
us.creativecdn.com
us.tags.newscgp.com
us01.z.antigena.com
use.typekit.net
user-sync.adxpremium.services
usersync.gumgum.com
v2.pixel.newscgp.com
vid.vidoomy.com
video.unrulymedia.com
view.cdnbasket.net
vop.sundaysky.com
vpaid.vidoomy.com
warp.media.net
wave.outbrain.com
web-assets.net
widget-pixels.outbrain.com
widgets.outbrain.com
wt.rqtrk.eu
www.cloudflare.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ncaudienceexchange.com
www.zergnet.com
x.bidswitch.net
x.dlx.addthis.com
xsync.iqzone.com
zephr-v4.nypost.com
ad.mrtnsvr.com
csync.loopme.me
eexsync.com
id.geistm.com
id5-sync.com
jelly.mdhv.io
live.rezync.com
pbs-cs.yellowblue.io
sync-dmp.mobtrakk.com
sync.extend.tv
sync.srv.stackadapt.com
widgets.outbrain.com
xsync.iqzone.com
100.21.192.180
104.18.35.167
104.18.36.155
104.18.38.76
104.18.41.104
104.18.43.178
104.36.113.107
104.36.115.111
104.37.221.83
107.178.254.65
13.224.214.108
13.224.214.15
13.224.214.23
13.224.214.26
13.224.214.30
13.224.214.35
13.224.214.50
13.224.214.58
13.224.214.65
13.224.214.67
13.224.214.7
13.224.214.79
13.224.214.90
13.224.214.91
13.226.52.66
130.211.23.194
134.122.57.34
138.197.58.184
138.199.41.120
141.226.124.48
141.226.224.48
141.95.98.65
142.251.16.148
142.251.16.157
142.251.163.155
143.244.208.184
146.59.148.16
146.75.30.132
147.28.129.37
151.101.194.217
151.101.194.49
151.139.128.10
159.203.145.121
159.203.147.11
162.19.138.119
162.248.18.34
162.55.120.196
168.119.72.236
169.197.150.7
172.105.220.23
172.105.221.240
172.240.155.68
172.64.146.152
172.98.26.242
172.98.26.245
172.98.26.246
173.0.146.6
173.0.146.7
173.231.184.20
173.255.196.113
174.137.133.32
174.138.64.21
18.160.18.50
18.209.74.157
18.233.54.235
18.235.119.139
18.238.11.142
18.238.12.225
18.238.3.58
18.238.4.104
18.238.4.127
18.238.4.26
18.238.4.4
18.238.4.53
18.238.4.6
18.238.4.65
18.238.4.8
18.238.4.83
18.238.4.84
18.238.4.87
18.238.8.227
18.239.168.123
18.245.124.125
184.72.185.131
184.86.146.172
185.106.140.18
185.167.164.49
185.184.10.30
185.184.8.90
188.42.191.196
192.0.66.32
192.0.76.3
192.132.33.67
193.200.65.5
195.244.31.11
195.5.165.20
198.148.27.131
198.24.162.123
199.250.161.129
199.38.167.131
20.127.253.7
2001:4860:4802:38::178
207.198.113.204
207.246.93.86
209.192.201.180
211.120.53.203
212.36.83.246
213.227.153.221
216.200.232.253
216.219.92.22
216.22.16.72
23.105.12.131
23.105.12.142
23.105.14.101
23.14.152.251
23.197.109.53
23.197.184.175
23.197.184.187
23.197.185.54
23.20.47.211
23.227.146.18
23.32.172.185
23.39.185.111
23.45.13.146
23.48.8.28
23.48.9.103
23.56.220.66
23.56.221.240
2404:6800:4009:826::2003
2600:1402:6800::172d:da2
2600:1402:8800::1728:cd92
2600:1402:8800::1728:cdca
2600:1408:5400:23::b819:7f4b
2600:1418:a000:13::17c8:8524
2600:1418:a000:13::17c8:852f
2600:1901:0:56e0::
2600:1901:0:636d::1
2600:1f18:4e9:5a01:2756:bc66:a0ce:665f
2600:1f18:612b:4280:3cdb:db4:84db:d654
2600:1f18:61c0:2204:7278:7d7c:f993:dad2
2600:1f18:730:b140:9170:c9d:673c:3ea9
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:1f18:ed:550e:6c65:3c0a:bacf:2e64
2600:9000:2031:d800:4:b37b:9440:93a1
2600:9000:20ed:4c00:9:41bd:8d00:93a1
2600:9000:20ed:9a00:13:af59:7380:93a1
2600:9000:20ed:a000:d:c38f:29c0:93a1
2600:9000:20ed:b200:3:7df3:55c0:93a1
2600:9000:20ed:c600:1b:6b7d:2300:93a1
2600:9000:20ed:ce00:17:b93b:fa40:21
2600:9000:20ed:dc00:8:8845:1500:93a1
2600:9000:20ed:f400:1b:ed91:4680:93a1
2600:9000:2269:da00:1f:4c18:bd40:93a1
2600:9000:25c8:2200:8:48e:53c0:93a1
2600:9000:25c8:3200:1b:5138:8a40:93a1
2600:9000:25c8:3a00:6:1e88:a100:21
2600:9000:25c8:5400:e:5a70:ca40:93a1
2602:803:c002:200::32
2602:803:c002:200::44
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:35ad
2606:4700:10::6816:37e8
2606:4700:10::6816:445
2606:4700:10::6816:4bd8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:1::6813:824c
2606:4700:20::681a:246
2606:4700:20::681a:832
2606:4700:20::ac43:4acf
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:8a0d
2606:4700:3037::6815:444a
2606:4700:4400::6812:2089
2606:4700:4400::6812:2412
2606:4700:4400::6812:29aa
2606:4700:4400::6812:2aa1
2606:4700:4400::ac40:9765
2606:4700::6810:3965
2606:4700::6810:7c60
2606:4700::6811:7711
2606:4700::6812:18ad
2606:4700::6812:751
2606:4700::6812:83ec
2606:4700::6813:9f13
2606:ae80:1451:21::440
2606:ae80:1471:12::500
2607:4f00:932::2
2607:4f00:944:0:3eec:efff:fed0:86a2
2607:f350:3:2569:0:10:0:d
2607:f8b0:4000:b::6
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::61
2607:f8b0:4004:c06::84
2607:f8b0:4004:c06::95
2607:f8b0:4004:c07::68
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::54
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::84
2607:f8b0:4004:c09::8a
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::71
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1f::5f
2620:100:a001::18
2620:100:a001::1d
2620:100:a001::2
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800e:21:36b5:1576:d999:6e52
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:e200::2
2a04:4e42:400::300
2a04:4e42:400::485
3.20.160.213
3.210.107.42
3.210.165.134
3.211.143.64
3.211.60.35
3.218.153.110
3.229.234.137
3.229.71.61
3.232.64.79
3.33.220.150
34.102.180.215
34.107.165.188
34.107.215.30
34.107.254.252
34.110.220.19
34.111.113.62
34.111.8.32
34.117.228.201
34.117.239.71
34.117.77.79
34.120.117.212
34.120.253.250
34.120.63.153
34.149.101.235
34.149.117.55
34.149.139.129
34.149.254.212
34.149.80.61
34.160.19.107
34.193.95.126
34.197.57.64
34.198.125.227
34.199.67.71
34.199.73.116
34.200.65.202
34.201.194.207
34.202.222.101
34.224.184.64
34.227.234.237
34.235.77.155
34.236.83.94
34.237.83.209
34.36.206.170
34.96.71.22
34.98.64.218
34.98.72.95
35.172.99.217
35.174.94.173
35.186.193.173
35.190.59.101
35.190.91.160
35.201.67.47
35.207.24.140
35.208.249.213
35.211.118.13
35.211.178.172
35.211.206.254
35.211.233.246
35.211.242.24
35.211.85.235
35.214.167.88
35.227.252.103
35.236.220.17
35.241.9.51
35.244.154.8
35.244.159.8
35.244.193.51
37.157.2.228
37.157.2.229
38.68.201.140
40.76.134.238
44.193.151.172
44.196.200.15
44.199.33.177
44.206.90.231
44.213.144.39
44.227.222.152
44.235.243.161
45.133.44.3
45.133.44.4
45.137.176.88
45.79.167.63
47.253.61.56
50.17.243.245
50.57.31.206
51.222.239.230
51.222.241.106
51.83.220.94
52.200.178.187
52.202.242.121
52.205.167.202
52.209.41.250
52.22.68.202
52.223.22.214
52.23.48.223
52.44.150.160
52.44.212.230
52.46.130.91
52.71.57.44
52.95.125.22
54.146.101.75
54.147.37.155
54.157.86.148
54.160.145.206
54.161.249.158
54.197.121.110
54.210.110.53
54.210.6.32
54.85.156.25
54.85.76.249
54.90.24.244
63.251.28.134
64.202.112.95
67.202.105.24
67.202.105.34
68.67.179.155
69.173.151.100
69.173.151.96
69.194.240.11
69.194.240.13
69.194.241.38
69.20.43.192
69.90.254.78
70.42.32.223
74.119.119.139
74.119.119.150
8.2.110.113
8.2.110.134
8.2.110.161
8.2.110.17
8.2.110.206
8.28.7.105
8.28.7.81
8.28.7.82
8.28.7.84
8.43.72.97
80.77.87.166
82.145.213.8
85.114.159.118
96.46.186.176
96.46.186.182
96.46.186.186
99.84.191.41
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
013aa65f0c71b0a730071abbcb42fd659b25cd2a13464308d81624e8ae3db667
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
025fc84acf798cc6ddfaf8094fa8b274592a18226009912c77b678e2c6293742
0329dbea00fd27f10cda7d73d0011447a1053996f10d5cbd36a076701ddf2476
0362c8fa422b8fc2901b19881b4a3d999f1fc1668abd9c3c7474a9353369e23b
0427136e102e34438ee16c6fa85c90cc0e1498b55e8be0918762c3c5bb35c865
04f55d644236f3d7f72e5a3c53855a9ae2566c1eb8ff0ff9e88b4e8d1a480440
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05fdc9f7ca49801b81fb9d865efc20d9988a89713020446863865bb38fc3b6b0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08385e38890091b203af2a10a5c92553ede6f7400bc23e8e8acf5d7c0cc656f5
08494d5ab9bc08b4496bb9b67de57c86d6d03b6a3f701d9669bc6aede3621642
08703c56353936e7ce2d36052e5b9c2d1517710872ab627ddabee1c46dfb74d6
08a75491cdf8fb89f75d650a06ebfb606e5971860bc67cdd2cf52c560233c01a
09bba9c244cbc0f1c1f93f3c4033b7e71d34a8dbeee3c754a36ddcba0e329ab8
09dabe6a722eb848d94724f7f97c4393652605471c787bba24647035dfe91bca
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b1dab31c1e2adf708296f1bcee7b57fa1b07313defbcfd319d4b2e88e942a23
0b249325e3db2bd22697e85ec3e907a311f61c962ad9b1c9aabaca8cefc1e200
0b6e98cfd3fdb7b66ea67a1df33b1c3c8041ab9d0bb453627dde4a84afb897f5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c66fcbd005b49322f31177cd407cb74dbcca28d8dd197efc3aa2e754e724450
0c6abae3d6db2dce0143024d6597445462cdeb780f3469d4e27789602b5f22c4
0ca54808e1ce31c61d95c6b3af3d26f46d33731630500e271d411c0798e6994c
0d28275873fb6306d7c674b0fa597cda0f39313f44e8e5949ca03a65a69e14a0
0d7b767281ef9365b52316d0b86c56d8add6165d18ac6e0a531e4487aa3cf505
0e339cb53bca94d1f802620e334f39ea600b1331f28a44034f33c00075d43743
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
100dde3f3f821dfaed5eae27ff214dce1c8081d7061c2312a36473f3a92821ea
10315920cbfa99ae792d75c86c132a018e54f17102df25cab0ccaad9dee8a6fe
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741
10ac56b8fd80725629c80492c1299c30ea99aa2f0cb9235be4baf0dea38511bc
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
12dc4503c019818c0ba0c3fd57c1396173f772e88182f875b0b22144b1d769ef
130bae96be45149b114f9eff50d18451c3e7bc18e725185a6dc1cc2d431fd5e7
138b622cf91f0118f60a772ccdf5bdaafa971e208c964898a17c76757c324735
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
13bf29a6c0d922b08b38998323cf01dfe04ba03528cf56f45ada24862b622c19
145d0ca36c0883ebcaed25e0f265b19f6b28ff9ff4a7b28c42528fa8a8470faf
14f1c1fe3d0d6b57c990dfa0ee0992386598ecede7671cf28f9068798a1c3dec
1516d0d87ad045d3a2d64e8213cbc4e1c1cb211250ddea60767cdcd283d9c1cd
15189757b26d57e460c393801d0fff24ab48676e40a925037a5fbd24c7d9450e
1771fb9faa52eee780bcfbb6218fa4bd2e61cd3a1b00547a0bc546afac340094
1787a5dfdba5a51fbef09d57aaadebb83af016d1b4f087236fa1ce27c06a99c5
17c49423ca83bd645f43eabbd3369af92b0616779c63008c769041608e58d138
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1bdd89c67019b334afbefd6a16df2b40aa4dc5851bf2b7ba7b627f60cf18f03a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d1408715964c503484ca8b774679d353591c6e19d93c20961a1dfd9bbe14742
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d5efa1877ba09128cd3c07a1c9e9e0b2f7579817311cfd00b01a835d32634a4
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e3cc10ac384305708aef2c738472cfcca9a75d002610ab49c46cea39bed552f
1ed368de2caede3bfda709b07b4c12802a899ca5ac0a15939c8c364f0b9d0d61
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
205a1a801e49c6b02403a75eb3af9ff15a88a273b93fe3c70545aae6d750cd6c
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20b7efe8486155db01ea1304479465917360eb8fec4092f7592b5eabc9b24d53
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
247a79e74acf03cb025c078ea53ec637cb2482b627fa123aa9e52d35a409731c
2481652cf8e27c6df54124ca8b2992688a4e36f91afdadb5a2d3c5de49f63677
24cc446819c63f67b0e42cb62f581447d60af76d17f304dfddd31bde8108d137
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27638e738af9deb7e04702084dcb1e9be671cac2871501d49fa8f1edf0012d07
27cd1d8d7fdbdbe767a21dbec8aa968cede6dbf7309a63e19790e085fe12160c
27d6e04117f3668e5a9c9f509f39de6857b0aab7004732a1febb0b30b8d79449
28f228ea72de686bcdcb9fb4dd40221e991c08a389fd811b646921d14cca15a1
294345f6cbf8422f60da3169d8a3dea603bbd2998adc9be79412e0099262798b
297440fd945f5cddbc4d7d908b1d94e95e4f097764af7e2006b9d997252364ec
2a5572234ecd9398c856d9be0b8f178e1c7b8e1d726063c0a16d21ec42be3862
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2be5774e2f5fb14a259ab459c07991401f90442c38e86734d9f167540c6c1a56
2c985a27afd23841c9f626469575d28b78862fd333620293aadac4646651013e
2ca1ba3868967c05a722f0fbfab76e8fa8ba769f37fb5ffa251b4cb7907a0b57
2cd548412f3556b2804461c3379bd14d07ad0e6d39fc347cd954ff164e84f481
2d46924ab67fad2533df7b786bccc7a69f3936c2c06cf1705f623e760e6a8364
2dccdd26bcba69a611b2c82493a7ec52efb25a1156d9b1a3e4b0ab68ba98405b
2ddfdbe820acf73e9b01c2a6f912ecd7de131d9e9e82efd748d61b2b84beab42
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eb3a672e138de9101186e81e84cbf5f451f19b97a66c9eca878bd7150cf6ba2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
2fde26fdc1941ce3826031c1e40f68e250fb70452e689b42052cb1a66568c725
306ecaa955d928a28e9392798238b396db21cfa1f58daf69648bf7a4209e0d68
3080da5055d7afa95568d0aac138214a68ca0181b5c4d058eac1938ff2d0a2ba
30adf825110c7832a9d987dcda1f1adc50f4b65123053b09c98ad964f789e631
30b995ac57877f6c065e75d16585d0f2479a730503f93ca27a28c3f6123ff77c
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
3178d47e0f5adc4eb7bb9de66ce913ca939b968b41c416579576005beb3e71db
317d02f9e41448739ff01860ad45238957bc436bdbabac0b51195a98bae98303
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31cda660d9d18cc58217708baeb664f9cac895f6c14c265eb56e209b46f7cfad
31d195bf17bcbcf6c9bf05af14c3dad6ab165a9d8de359ffab1454b2f5607c1c
32329c8f96118306f3c057574c0842cae4fcff8a148f7474143cbef89736effb
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
3283011899714a2c28a0be79d4044705ae94fc3c01ad3c4d656e533ae9c531d3
32ad2ce0b3c149e8e9e90671f4dda953c5cb04a744e4bb83c35e3e8c10fc3173
32e0e87cc2ddb0885425092ffbf9511c88eeee4335a2825dfd1c4dd10553276b
33cb30238aeb21d1861a6329cd4c516d3f0174933a76060a967e4bb45e6e3909
3498a549e9db58df0c121255281cc67223aa7339ea39c31510234a0a7e511f40
34ad52a87908ca3342c274201e537a08d03e3825ac5616a809a2da4d2050bcc8
366743023675ba6e41f03432df01a1dbef6b1667ac77ed5697699e7e9345b57c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ac23ec7d2ccdde8a3d19a7471fca945313df26be2690dadf1761c4c68e1879
36bab294570db4ed4576a8c270f2e4c4ae9f8396323e37c39b3c818969832ad5
3749d74ec9d118677d95fd408290769dd8fc17e37f8669824a5433834e9ba931
3775aaf637f98b3458e5c6693e618184d99dbbf17d21013593b3cf2868aaacd4
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37daea9e7b6162f298cabd21a4c4a838090264fbf6bfed5b30c5ce3e2a18e708
38565ce71b9ad1a675d2fea54602a11b0e1c8456b1d01623bde5510a0a9f892d
38a7a226e465691813ad8c28b53a079d4ae9ed31385ddf6ac271fb61a205c9ec
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
398d9307892369e5e3d5c483235429688b89cde5628ca0329588c903d3f14b9a
39b8eb6f627d2b3b6087c9b80548a1822bfd63f5dcea868f996a4c5e0932863e
39bd8f88cc913df8e8d35757173c7b642b2db1e10ff08de81181d43648838766
3ae1924b00b6a485b8e521284d953eb6e6dec7731bc8adc722a4abcd0cda74a3
3b0ecd0b7c8e4db72578c8d28429bff3a47a2d8f306e3c9ecce4f34403b9ed83
3b557a09265fc978c7cb5e74eba6122e09c6e4570a1fd6bb58c6d35dcbe928f1
3c1179965bbbc155a93a33852b756160ec48f09d26d41f96273d14f732fa74c8
3c1d8de13034d11be4115df3e2609321a9e84eb3705e0a78ea91dd4ef5a634e2
3c22d0387bdd46730c40b2f88db75192a7713159f2d68b40b62605d7783be0b5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d799b8d6ab02987525e8b6762b44750c198a6f6a3f9e7753473ddef8094c83e
3df6a5878edb912c914ce747817097f92b7f8a6fe6c98387f81a663d2d9cc5a3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eeb480f0a0a62b58023cdc4db49dc1203084cc63144adf05a607b10c24788ab
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4066516ea98cbc1a706596497f521fc6985849f788d8e7429a575c140d428c9d
411c8ac2a8c4eb17f5f1d0d9419a21235a8dbb20b4fcd49d8dde46ed9178298d
41cd61830404c48730b5e7b2f9f33a73a977cbe64341f08a7c719be1e8be3ba4
420a9b409f488329becad2b9b6db2ce0503163e7143835aef508039f276c4caf
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
4284971e26c973b066be642e7d5e2aece7ddba45e5701db63f0fc0a025aa6cc7
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4331fae7f7fe695f19d91958e32b1f7cbe79052f50fea54aa6e4f174334826d0
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44529f30aa6017da84c45718df1a0a4b0fb44cbb187c1fd80e33bbd6077067cc
446d693891ef200376ad1c89b5b09995af2ebf71182ad90f3e7b43f0317f1d70
451ce2bcc056a9985c7d83a91689076e08450f9f5375b3f35ee6a6ff454eb6a7
4538c4a3f0cd3b22b6b45285abc0bdd88be05af93c2092911b03927c5e78bbb1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
4603b5b5ea6fe474da6dd85404c1d429c635b5022292fbc9a47bd34add7635d4
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47242098432885ff6449fd864249bf66f83d665577c76d97d98873087d9f0168
4808c8e8e2350265366b6e9b590043f18be423649ffdfaaa4a87c4edc2961d5b
480c54248fc71cf51ac9ff0e53ac1561d09e2c06a33586144467c17d729fb799
484e63c4e8ae4df9a742aa0ce1bd0de5d0be604407c3c1b56bf6d84527dc326b
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49dbdeea90a3e68958149b76bca5e572ecb0a0796fbc3157a2f367dac166ed34
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4c06ffbb083ebc228db5369d6667b5681fa3360ff129347774fa64f7e1ac789a
4c1242655366ec0f630dc122526413c4bf0a35c6a76f9c898ca72cb6b8500e19
4c12f829603fc86965337ad88709b9386cf108a4f0f1bc520bcefb40a298e54f
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d098860773d68c5d80ac5f428b3c1d0ed991cb1f89964c20d059cb645aa4494
4d29bce7de2fe22f08b13f543ff39a93867e8db99449cd1b707e4689d0d9e33c
4d84b6071546678f7d643c1aa0c4b083ba2e5a2080358c66b4bf840c07ef4133
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e48827c244db80e58ccbe3a62ad5ea5e6eea15fd468aabf833e3f2fe4edf556
4ed2a5e9d5f5efed7f8193be68c01be4abf31c695683abb3c363cb2057ce2689
4f11fff395615749f7d73545799ed746cab0761185e45db32432454cdbf7cfa7
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f7da4bef35b59db185156ef5afb9d2cb350f67125d1cd3190b64f018893225b
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
4ff2dd7a2c7f17f495e10bb28e333f11ea4eea46b113b1a75d2f315d248b5c45
50560f09f11f322ffa523d6184f704dd4b3de330722d87d2283e622b4f29004a
50d8937079cb1a33563bbe3c7607c080f92f9a3928a4f4ac710baa9e510a093b
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
513eadc5033797f8560136999e9aeba1e85dc60d127e63c25f09bebee4da3f7b
51704bd533ca1f892815e534f93b5cf91c3ddd998b7b097250d078b470c48a48
526f38c6eb5b004c739cd504f8cec80c2f54955da708da15a5d057a35d0a744c
52854169a035ac9dbf54ed7981a66e7d3e7b13fe2a0bda03deb3d440c1a2da8c
52a6c0dc3a72a1f3b7202d7f33fdb147db367ce8b44f86e791814a9f079a5735
535feb1335a0a42ed2cd06f68cb63002dbda9d385ecd00fbbc0697ae98c6b32f
538be4d0f583d206b41eaf40ba202b642d3b7bca07ad734c834ef7ad8d13a700
53d30c06c258faf56a268cd716a5efdc74d5098789c93788993e661738b45970
53fa82bd2f08c22a774a32a3a433987d3f7c00f7cd7775e927f4056bb1cf1382
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558eb4d6de8f263a292d618186ac5d1270fdf3718f2b52277cb2ccf6cdfe6158
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aa19193d7afb65e2d0269b09594b1a00088e3b41abaed22e1e0f6a731b901f
561f49e7560b02f72da6625f7acdbc628765225984bbed60c93209020471620b
56570d2693e3ef40cf0f3f52567d199d922e052a499bca55510e13a3fd80cf61
565b3636034d3dc74fec7246fbab75c148763afdd54e02366ce4da53affac504
5662149034f5fd127ca3fac155c369590a333672567f6d75983f58984d0b7d7b
569570d532fa6c2737ee3dccac947e9f02fbb9dde932e4f704d7ba37ca0fc7f1
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
56ca4f4ce6bd0aca06c71ca0202571897e0456a97a587e80827afb33fed418c4
571b06d1913de139d860b755ded1b677f7bae6a45ddd2c30393fadc8e8720279
5731ccf8c6718438c520cc39e4d2b38033f1f5a1832ea1db4d171a71135968c5
58cb25578b54052101704cded1082cec36d3e7c750e25b319e8cf5005dcf67ff
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5b416f96c91253d71afcb702ef67e0082fe461f1afe9468209ebde926e36eeeb
5bc959455d9fc50a72ee7d5cd5cfad7fb1d1a3c58cca222ba7667ebb0108eaab
5be38698097ebc72fe65d62fe004e5c1f30942912ede576b70ab6bf498e48152
5c4e00d13067bee384b18ce3841fe890d5a8e93e1f32fc35e60ba5d0ef063e8e
5cdffb25f7209dd25d349e20737bcecc19995b5ad7f3b460a3ce5da7d09ba234
5d9efae6b1c2d8721203ec071cd4e17d5e32e8367e1e87484a93cd07aa16d2d8
5ddd053bebc78d78c03e6cdfd711ffda44f3ab0a39fca7ba857fa5dbee21637f
5e02690835310ac94e691785e98877789b1bfe59dfb8d91da73fa4b4f9ecb4db
5f41958eb4fd0cf7be185d086ffc1b35ea72edb39ec83a2299426691ec3bf805
5f66e180a1821e2befe2b4cd5ab7477d5ddc4b7061154facbb1f89cb9a4019ad
5f750004918e4b5d09644d61380d8feb4b8ee51e035ff8e5f42dbbb676c0b110
5f858bc87166818d46622add3ad84c098957a9913134255d991922be8f08d7af
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
604576513449e219e31b72725101a3f2da5d0c59e371a686642d5aae0a65b1df
6051bf48dfa43b2e77c5fb958ef160377674be4e35dc2f5def5adc1a408e84c6
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60874b330fa9ccfdbc228fb4a348a5890f0e812cb47d39c10fe5a67a933cd2ce
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7
60ec707f0fe7ad4f3da29c272f000e77941f56ea051808aa88a8092e5dc9df73
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
617bf1c27e03853ae5fa288ae5361889fc49736672164dbfd2007a2dcb8be86b
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61db1239fcfeca84556d6ab5a43123fac064538f61d9774b98459def7b0e6600
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63d06182aa189f102b1790b003051b3ad7783a99c5a528b3c55ba14bd84a3af5
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64c281c98425ccc703cb9f2808f3b37c943966fdb3234a70b4dfa8e8a9210cbb
65ad11676484334621ffe4b268158ac58a8ac12c41bf51280cbd25eb42b7fa33
65c3c8024901cde71f3e967ecec0b885eab89b88633cba8347fe952302bfd847
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6779cc904eecb5800327de0db33adda9ce6d334e28aacb954c96d35027196255
67b7943bf8068c3c2f8b509b6725d332935f6ff70d45b745fcb270336563999f
680bdf2896d0df4dae70825d3dc03daf8e35d13cccbb8e628577cba912e217e9
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
695678ba42518f11062a455ccdbc9cb8e3154b58e11230f676f9a6b1900571b5
6ad8f8c68fcd3042d30a385f8476c8ea8b6d53c8e3812e35b567f9bbb6bed177
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afffe2cc10dac0c40aa6826dba4ad633aae7e77e558ae982b85cf91de8faafa
6ce035c21b14712d80470e24c80645b747ee67eea6cca79ef0c3b36fcab2d1d6
6ce168519ba463793752d8f886fb108fd6f7909f486de20126699ac190441ec2
6ea242d3e3d55794c3d01b8063af1be2b1c034008458c508909e9434b98db2dd
70ba859e35df75f1d200db16ddc5b2bff3705286026b033a257454f6cc050375
7190953c5cd7decdd52734f3545f51b5cf589ba34e068d0e29daac178becad07
71c1573ac13fc303a024fb236f1c0b3af8877b50fd7dc671649545b19f2c6641
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
73d3b0665c9ba0323fbadb5cd70a07ec2fdd1a7b2e550709a93c2a51027cfa15
73e71a74544516aea4c17afb195ddc4465ffb90ebd7b90663c004a94dee65c06
7406a8f6d259e49ee9bc7b197413e121fa51a6f57f2f53d70568c0b9bd999de7
74bbc862d89f17efa160db98a390c66e03813b3b229d85df6664a4d0c8969f22
74d23d616fa633eda7c0704909543f369520ce0152dc158ffdf9a4639843c85c
74d619af143ed85705afb31ceeb27a011a20b5ef88266a5bfc8070486468ca2e
7508406b13ba0d55cdb2a2275cb9fe8aad9ad3da18355acb46d547f4fb6d675e
75302bc644ec0e51a52a8c6a1819aeec4fba2b4097cc4c1aa2db8cb36165d9e6
755daaf915dcdfcfdf2d35da49a47e023db898936d55dfd32346c2367d67d175
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
75c6adbeca69d9f78c4363ba982318b344531e49962b2fda139de5a8e8909547
75dcf9ccd3cfab3ebd27c9b1709617c630eff12a1929c0f255081341ac192803
76bd6cdc8726b256d0867fba211f7a0bbbf05f64a65e1ebf060583857f260b19
76c2b4849202df6cfd0f798cd586991febb7d7d98d9dda670d46a076596590a9
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77cddf33af1c6275f0d8092c331d085fbe0258a68230a773840f79c6801ad4bc
77edf8739c49358967586acda34e0cd5e7c07a13e3bc2de78f1cc44e97cbeba2
795634e350bc3d8ee14f4fc30ee1e1781b49b3327eeb04d0d0ef34febf7b9111
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7985043efef66ad58774b40d56458709f7ccaf754a993e06d09d1a705ec94628
79d74b22a3dfca4c829d3cc89d5385381230fe603e1518419220f68a8fb0f306
7a0e4ecd3f80ce3a3b4d1c05dd1909e84fc20ca807d8eddfc4bf68faa999fadb
7a920ba92d4bc93dac1c94ad51fa4e24cf835da866c8b3141902a52629846fed
7ae1265f417d287f18712769b7d025e10ad640f95611b6899ed3844ab3c55df1
7b240dfc3d08e8501daf14d2a0977dcbe3b4713df63d0db4a693673ea41dd6c6
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bcce32f4ef85233e030a2e0f1a2a81aefab5d602d45c655b1ff5f068ac8abb8
7c210690221ba26e927a608038e89875d2a3752d3d8ca668224ec699bff42167
7c415e0eb17ead2fb65fed0185e557cc902c67b7b8430678b8a78d86ee9e0b54
7c8b927cff2845bc161bda51afe15a19f054eb691863eed8a94b1748282762a3
7cc35b37ec5bbc372cbdad090ff68003fe60a89dfd5a61d67233f116579de6fe
7dad84719d9329ddde57fc3e27f735d2fdcb510e1fee9bcff6e3810545c2f402
7e5e2f05c7b8c6536202abd651c2dc1426e9d27bde27186ae060cf8b8a4ce68e
7ef54121dff97a0fd3fe864beeafa253d1db3128d4a39fabf5eb61a1d3465561
7f083104b048718bc1d67594495d8001c49975ab9af465fedb1a1d74b1ec7365
7f34c8e47b276629a716cea9d7e2555f948db14bd4d250c5b0af3b1092697a65
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
8163e7149db361ed14b7555bca382bdd8f5d1c6ee6d33f9434a83c2f0420cff2
81b4e9df43839ca77c0239b588e91bb195b695b6157e927ae5404bff0686fea1
81b7e9b546df154ccda17bda3012c887c72272e469d3c3048130e9480eb90dc6
81c1b0d999627f24cc9836f5c4477d232751f66c29dfd4706d98ab29f93798b8
8276f192f3ab98c8360ef2aa4b9c13dabfff38e27dd6b90c8f7cdb04d2cc5413
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835853ab9516d2ca9d1e42f7abec712eaee3540fdd7a4c77552d67952f298176
8365b122b9687e93abba4b7c0e296b244a803044a5c02c3618be1cbb489b3d31
837bf494ff8a6bd2a0e4982137744325c941dfad2fca20f2bff245513ddb838a
838312d6e09a84017197251351fe0da3e6a15289b96efefb6f200e2dbeb8829c
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
846f3b976e15628051cfd5c55af90bcddfe6ada44c93089b949bb1057741e5eb
84a1f0707f9579a043ec2090b2e6211b53c13ac984f4a99971a89b85ea82c8c4
84dae894d5903c3b1dc4c1ee95b131ff011b1e066af93f226fc344c4cfde6855
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8564cd81e40c9659b81194f6c622350bea671cb0c237d79edb3734e8c50e7e6e
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
8603215f5bcb99af8c11bc910420dd8b9a744c283180dba8904dafc128b0fe8f
864e560f07813a71ffa8c22474d235a9dd4e2c2ea85fe8e27b6c5fd1441d4c96
867ca574099cf443224cd0f111ec605234d362a42d99b378220a49e8bddbeee6
87171d091d307d077266964e43251dbffd6d69c3fa0775e26481e08d31c949d6
88a3cc1129efba74ef0734c1a455eab6807983115ae2aae02b4895d9cabc95cd
88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006
892241609ce6fd74a529030bc20901f41171ac1bf1b022db457d0afbed28e62d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0fe063e3d3849b171e5b7108b7e7145b302bfac3c091ef886a34f26333631e
8a3a21f3ed31652354a2a93d4fbe06d9849698a825dab43599364c49ca2d422b
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8abe785b4022f4de20d901f25f4c9e4e4989b7b659357bd10958a141e98c51fb
8b46f59bb653bc3390370cef5228b6d09c8a7e7cd92361683f7dcd16ee3574ee
8bbab34be9a5d608624d1441cb577863c0b0caa1e9a7f52a0957f84e1dfc7df1
8c034bd83aa1d0fcb23fb9eb72946352de0fed9c13a876c24b826b1a0372836b
8ce5142122ef0c4f0e6bcba0d78deccb30df17ec09d11616934a0870c3f552fc
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
8f56c8bb18852cef3379f647bafab5204903ca6b8890d363e353c9c134093f54
909cf997e8bcbf07d45930d4cb858b9326d645f3a862f9a653d59c09b9c2e5f3
90e8980f87d7c68b5db1996d4c2f297b13cdf48dd8d566c40f1c71298958675a
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
918b31e2a4456e33205974bd14d0dd794c610f963c545587ba979c28c0967f13
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
92710e15b74c2987eabadba5e960bdf740b16be78e0179cd0cbbb8bf3377a784
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
933b7e76ce87d2b7c582a3b6ba2a865a182ab639bcd54cecf3c15b439d965e15
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94472b67a72a6e77e8421965e7cc558f19aed093e270e4609fcb37026e77ed13
94fe2c4f033452d3e5f0f0e336b5825510b00d9c1663211efe7cf49eea9c0e1c
9503a0da54eef175e9e0573d6955ef677372d91a8d9332cfc5ea27e9de2e7a43
9564d665e9e17b9f98f772f1fb118732bc8990b70946ae2d0117b079723d05de
95bfd076761285456d5ab47ba57f588be5b1e5346e4c59465d16ac2eb301d4ca
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
96e1e4462f01c24fc55039c30f197d4e9e1b86c77ee2163903963144b87b04aa
97198fb319028a7262e6de01f498e40e4bf7d677ced53f3f77cd15afa12a6e36
9723e2c4b7945ed3992f02bb873dac577bced6fed60c937eb8d12c01101e4654
973e91e76821975d84c8d9d7dd972a46fc5fad10a0d64f42a0757d67a66e9cfd
9749b6a9fa0b4ed76f4bff19fc67201cfebfa6c9704ed126d04f4be30cb6b97d
9763f7cdb5419d708e7cf074d6fc19d95b652322b4ecd6dbb26aa82bc7b3be70
982107dfff802accbd1450cec314c664118cc41fb5853b08989c1a4258a32f17
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98bf41be47b3a97de02598dfadcbddaedbddf560e1314367e99b1e32a11cbc23
98ccc1af76d20172bc5c49b52f4737320d26faedb6714a74309b594ca40b7985
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7cda7b4974f7ca8c488b2ea37bd5736e0ebe3081d6878b3f9d4e4880277798
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a
9ce80147e751fe5045274e0e38c21f0eb1d5282265ae86969437feee144de8db
9dca2854a6a840fd41137b18c73642fc6b7dabcb5a1d3e12db80a72b1f419a96
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9e52b371d86a4d2b8a46268cca892458efbc72af77ef69025971205433e5fcce
9e71155121fa314c4d12ead222f0a118e3fdc4f74856702a2141f84d0590cb2e
9e724533992b3c0cf17c8ec16eb7e6edad2dafb80b1a563b84b663b11841c1f3
9ede59f2964d72bce291d986a08adade4e1c9bca657ddebe3b564eeb2342f6d1
9f9d7dde003b6888b21e9d93a9819c861ccc4af505e06e1d9b58118f6b473e26
9fa030bd8c5330c2e8e981e3449f052b5bdf950bf9bd955d93e0c02518805ca8
a048d08cad291fcf123100afeb7500fdb32342cdc14e67e6edc47fe3543ef57c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ff8d6de9c5e5d18857aa8fedc276d58456aa3718af4619b84a613a71df0fe6
a14854a5e198f939ca07cf5fea4418466f196a1dfa72e829dfe0157850d39392
a18121438486c4e027610b6e4da91b1e824a1fdaf37306b04734f6976e933078
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2557d9fdd74362e6ad2a62c7955807f77dcae19f5b071c55a9263e3897dbf18
a2875201b4ed38c8168a79e1a5397b0aedf149d121c86e35fe2795ae6c4726c9
a32520664ec3babc59c3ca9cce31e4454dbf11d7dba8cc93b248f04aa68a8dbb
a35cc1c7c21d0e0fc8806bf73abda1e3ab4a862b8b3dda54b6417b7db3e7e2f9
a3982ebaff8a57748e4f5d30e4267c33ba21d8b861c12c03329f11d74e83bf51
a39e56dce5c0ab7d9f3cfa7fbda1d19e855a8fd7ace51e1071e01e30ac1ae9c9
a423c9e71a22acfaddca44764b5ebde4d2db3094dc985080344649741f9926f3
a46de45c0bcfe62f75da1a1145649b8bcaf01481a4427db207724bb92eb95ff9
a4d229cc850db553b784b31777a9b9848abb1d4d7ef0b10783f108d8d756b90d
a557c4f6928435565b4db3f77e684198add367728a004daef196a0391dc018ed
a562d61d72e8f41ad4087236f457edb6f052efab8304c1d60a6d304429ebb079
a621ba231fe68f47705d441606c92faf0edf12d4a0c593b82c8330a44e31147b
a695c8264b883d3311dee0fce1e86e494a350c8c222b349c316f67970f319362
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6ec9c92a2f4800232833a760cde924c59f27ce50606850bea83f3dd39f569c0
a70bc1126f01d9372c2a260a3f9a74fba3c38f316bf0caae8f19ac63857dfd9b
a76e6dae7e49c16e8e27646b0a5ebebdead5debf61f7f92c2b244f60538676a2
a79e82fb537b0621dd3cad7ccff489e28d71450ae91ee4e27b85c5e0f0fd26d9
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
a8b6e3130ca80c67c490981b56a9272493c1d0df3882ce72563b6c9e51ec9c59
a8fdc99d128e2ef2323bda791924d5cf44cd54fc8185e59fcf5fc76ab3b07be9
a8fe40a37e611cd36b51b816056891187c8eef60070522162f1b03bc78d81f5e
a9195ef3edf5b18820aa1e4d428d928be77c65eb50e1cff657325c77e74b10dc
a93593c107ed44f2df4b016b920274e004155af9e2bf77e58091d5b194d43551
a964e8934c53b07937e59ceea38d808af63b9cfd445d58bcaba61930870e171d
a96d2f83a20077680ad901db70dec6ff52e0789be6114461c863930b91651617
a9eba50f5f23cfee2437c8e4069b05004f0b7fced6722d1417badabfb095912f
aa0e44abdd6c4ecb90561d9e7cceaa7472354ff279247b46aee299e191ce6ce5
aa5acd72f66749117fe93f0b7a4b126abc77b8afddcb929c54b9c52513e3e75b
aa6339a12942856aa82b081878ad89ad8aeee249deedc87a606ddc9008e6e795
aa85e5ae448426aa70e267de6e91a470659f9af5deea3d40505bc5a34f60e6ea
ab04d079aad07418204d4ac538ac56785cf978392bf78e9876b39ddbc169fc5e
ac0720477f5db0eafb7fc10f2e44668813279239e79c5e93c4ea1e77316229bd
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ace22790c1eaf7d264922a5e60e4a9e806e86b80436e43d63049a5102b122d1f
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039
ad5f11dd00d48d6058bb7ab44edeb643ccb1c0ad2fc53703f3e898ef0229b681
ad833c164a2d741ced7db4f324f3beb752f324f4fe025b9a8d416b650a729e97
ae940071bb48dbbf4995f6b52dfd378c2635dd8520c8e6ae146e435bbb70186d
aea29bc32772a1fc80f3081649b02f1ff5a73411f53d34f08d34c204272ea9a6
af1fb7d3711bb1df62e5e7378a6900ad98e4d5a29ebe9591bfc0c0935d60998d
af41a65c63859678ca5f4267a537ffe01b7e66c361a1f7ed684f20f7bd16808f
afc1daffbc2cbc869643cbf1c15494362d123871b192547b65fbf04b973e81aa
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b015c6e172552731594356d4c15e127c2b2ec63cf884c6384e053467f4d3d024
b01e847c2d14d80b3a99a2eeea3cc4333e6dcae78c4f82c88962b477fa24cba7
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b06288da08bedbe97b78c467e92dd42e438ac3cadd505a372498d6ff6c1079ff
b09bc066f9ce6ee3f79d91470b1041b3f93b30d060d6d2b4e26706b85da1a6df
b0c53482a3850682b696c662af94f122f60d1637ea11b2f31bfec662d57b160a
b0f18490e8ca5cf07455848744629e033f9def2c256de6a710619a5b66d38567
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b19e827414388e94fcc2815c445a4932d8eccfa009466979f46d51663a270dfa
b27079c406725aa7cc4ad4d67b3654ca1e47e5de5afb39af29d622e5d02f6d9b
b358be939b8fb706ae9890c2a981d8f7ef4b8e7c0a89c6a304421827b847966a
b35c7c14124f5a83800b2d1c2f5aecf2373ddba258d7c29a02127250b9ea9b5e
b385bf8bbcbf59c8a18883252dac3f2891ac2965055e05be4be5cfa33aa4776a
b394759b977e45cf537c473e4ecb71c21e5d1567e4284daf9eba1e65b8e2ad7f
b3ce2af75fbd880330008a53a85304a0cd0a89bba3ce28efa6af3e6f3dd70c23
b42ceaa3cdaf410182576ab90163161869e5f665f914ecfa74b1793f93e85963
b45206e8e7e8dec017b553842055d6e754f028828db106f46d479608d0c72137
b468f5a6caa7488f8cc76974e1caee7118fd6200fb2fc4bd0ea47b8b191b6eea
b48089fb455c51b736328ecf08e573be53fa76d151041f33583ba3390f20c8a8
b49d715e0baa40567b3aaa9079fa1476eebd5f40c754f57a1f047254b827eb54
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b536fccc232804e058d4102b022fcb7829ce7711e91a84822fd317c5c16c6273
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
b61cf204d43d05399165723881b38c9790838146e6e86ecc298e2d270952c88c
b61ed7bd04ba83acdddf4c23dc77a8fb30fd935618281e07ffc6bb0c27b36cb9
b66c3a34582e1ab4c7e43dd1ed5f3821f757396101905109114ff9487528aa34
b66db4a9b996d1f1deac389993724c48955eb104509e82d165d44d07571c35fd
b67036251407e20a3440141e084be1cf600862c9543788acf7b71e5366c9af4f
b70c7bcff3be5296da9ac709642d2874ed7332e829f36dfbeb41125ad33395f2
b76cae459125c98aebfcdfe1f308b9c7cf6bd8fcbbaca48e6c49a70fa189a18a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8546dca198c2eed45f01ae6f108d32cc575b32fc8e0bd498d1db0d6a1e2078e
b91cefd88b175bab94b90237eb32c44263712fd1c309296676468e2ddef60824
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
b96decaf989b1ce9a25aebb1a03216b75329cdcaa398e90a1501a9df808b34a8
b99411f14968db7930119c4e7f81efdc135c80757f22c9809d40a45e01942515
b9c3b964443437025fd23526c4bd322bdd844c4c2fbc2609e6f35704305faf2d
b9ee377928d62199bcea8b77b5ad42bfdb7398ec2dea704147c1e0aa7b9fe3fb
ba0e4777ade6e76d319d95ffe9cf484ea240834e319431ff6b0a2a09bd2e3107
ba3db223b91f52132816eecde99c20378fe4c077cd5fb0c76204d6b1b7d83c36
ba8451f39b0887dfff955335e5bf9007d350bf5c2d9f5ef697e07275ecbc331a
badbcf045249cc5d9eab597c09eac8e1e4cac6d32f71d0b73213411bec24040e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf903684c94e204498e6645da2359da42517d09a3d9c330f43e9c66fa58b5b7
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9
bc7410d01c3d2355b32859c34ce916210715914cebdbd1cfc5feaf46200a4ee4
bcab70859f379c2f95bbc51ab0ddc72ed86f0374185fc2c9e1e3a9783744b47c
bcae7b218e3de5ac19cf69afee3a6020bc6a44a492ee67b945e71a6c9360b28b
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e
bcdcf8313cc8c169736aea2fd3e3b3c6be562a6396679d9433668cbce2c13cbb
bd1eeab01ddc90adab4171265ea26531a6809f200f42b5d0e00912851dc8c370
bd53009baa81953a7b82428a4bd466c15dfadca2609b1915fa1a52afd4c03d30
bdb6868c9a2f0853efbb919dad7a68ad4048c721e5f94984a0aac2510d9e7c31
bde213d3f6228f976665ab405d3459d23d5aa999dee75967c5455995e066199a
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4
be543384ac84f55838d6c3c20a3bbf77be206554989c7d906604e23d6797cf1e
be5abbd1b57a3367c168934f83509e575efffe12bd5193fdefbb385ad30d1da0
be71ec66bdbe661a0e934321caf64b177a1d0aaf10b6f56fbcf45a86a1ff90e5
bfc769283a91e969cf3323c75c52ec249f568de7228836929a3b4ac73027a40c
bfd73655552ce0e5e0587417bf9d08a6b1df69a425a569862454e7f883273628
c16592e0adbebb5ad432ce3adfc011aa1e994ea52dfecf61fc28885254d356f9
c1e06659befe17feff8f2d2f80055fed6a8176a63e9cdddf19ed53f5e27c45ac
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c2c02b1531be94cbf6f2a077b9d2bd90bdab82ea0872b3daae8d5091e57d0e22
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3639fb54f429b51233e7fb921bb90fbdfa504e5f47defca07be1c3cd8eb8a79
c3eae49ad0522c97e9afbe216ee51e5fbca40ac93a32e20ac60d352fa52750c2
c4113ebc97841fdd4d6079742098c029077897bc029ae5e724a293fc1053a88c
c4e8ec8c897799d36fad7f231915adc3d14da8008eaed724a363c1da78b0de24
c5effedc7290293314f709c194d0c6f942abf969da8afed4ef31270337ec3071
c65b7a186b7aeca04f1984c13b7d86917ab4c29031ef90bd49dc4cd9f3eeb4d9
c687836125be36431dfd234ca15a41d038bbfb3d9e68ea70e1bc11b0c4140f6e
c6c6dbe5d6502e567354c47cdb3d1741d29f88d9de156b712d164eedfdee1cb9
c745e232868c0c75ac8eea929d13426bf123ca2139ee22dbf69932f2dc1d03b7
c771f7a5ebc14ea9dece3a02207611906b4f54ee120b8c9fb842aadd3a0e9f6f
c812b0afd4f9e163aaa909f657bf3bb0fff3c080eddd4e2318f003374f659327
c8303d94c22f8d08a2bbf554557afbb554161aa594d248b2c77286b1d3c98252
c8554344093a05b794192c16dc5a907857f3f08e37a42aeb62435f2e5af3b493
c86554a8933a7bdf79a3d3ec72511c6091be0487cfef52a044214d68697dcff5
c87940548d92bc97c2094bc22d28faff48f59fb41967ff6ed11812a03119116c
c8ea1c9c15788cbe7883ac745144db2639c5469e7dd33ca34a16da17742f8f74
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21
c9658821b2d9d149eb6d868c6ce8811406c6e8fb1f74104eb480264f94836428
ca1e1705cd424e7f3d201f3b07cf643348996d602999ae3dc7afa01c0ad9da11
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae751500b944f9a7a407f21634a7e8d8f484683de169acd9667cbe8cb27a94e
ccd4b7b0f1ec42c1de66868b52d5f571c70211ade3dd1ac1dc2487777bba880b
cd3034c76f5ffbb9045fc7f68d6b1ce2749e66417f17c7142e1f3c30e4d6f0ef
cde9163fb274c9b71d38e5df8083372056603dca9d4791420cdc3f458be57fcd
ce4dab5b138ccbbb9742103a1dd9dc52cf3b13789027e4ea0e1821cd27c69a5b
cea0be3835ca4a23d85bf3e1f56794854223f0ab37eaabeadcd4ebc1edd169d2
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf91df65a01f10adfab853295ada34fb1ef0be348e4fed16951bfbfd7d5502d5
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06bda9e7df477691c5e171bd25ddd05b8c5afb6389836b6916900998ec4b1ba
d2620b0edce0ac18b31955465060df671f24d9bfe73aca56671bc7d15327e800
d2b522e4658b4889e7717367573b36bc1a8614766778bba9f79a7dda3e4882b1
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4131b5cd22710d962f74fcd767581800edec31c6bc471c2e349ce8e563ecfc6
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5b616694f1262a8d042679be7f51e1b2a401bdd34329f6b72b164dd49cc4961
d62aa01c2584be70b451ec8777681d64c04c6bfe52b6b76c639b9c99ecf47876
d6e8ddac02d7565e3ade9b471babb6272b43e1dda65d8e2cfa1bee83f77688ab
d78063ea383cd02feabdc01754606691b4f7f5cb39dfbb246a55207c3105248f
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a1419027bc6deaaf880812f9b1d10753d24184419b99514d7888961c3fab04
da0ecbb79af1f68e411da2611e71b27e55d666a3898ec6d3c319f6392f79406f
da87649655b95af7fa183c4c265799991d798c6808970be8c41a3213dbcf01ce
daa18e45dfe189f6debb6661de7a0af4519f719d07f334c9a6bc378ba0439100
dab67af45245b444a66717dcbe90d8d91367c61d8846c00f768fc622a294c4e6
dad26ccfc07d153fbc9b37da3cefdbfa2e77015ce44229aae3342a0ffe5b9afd
dadb81deecbca8e8c84d01e3b2a9bda2f907c79e2e8c5c76adf231528c665fd7
dce25a083454abeda970aae797a0da02fca1893b6cf028d6ec3f64d1802efcd3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a
ddd7bb68f20f8cddb31f4d25b7532b72fbf6ecf9409685e28dc6d5c72a86f13b
ddfd4c90be6f10374580f8a9a9955ca52668e5cf65ab3916ef39a738e4e5b1d4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de67ae51bc8d62963652060c12aa77245a10d5393eabd1642ae620dcb6884da7
de8b9d5d01a2aaf22f6ee9e7934105602fbf38605f4ec8f127bafb93fda21d40
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
defdfd63bf627386e6f84822e553884e0a478f8d23bfe315c906624b34405b50
e128ffb93c7e233fb60f7edd820b2aac067d255166cd749cabdf1bed1d9824a0
e139ae5fa453f363743046f7cef1ebb6348fe373f2c85964e96391e97503e1b9
e15b90c339ab3bba5621ba316045c96bcfdf17cf8fcc73240ad9b50d371bd074
e164f5e72707a8b1ea337c25e74dfacec8765610ab3f8af01a64b38259328ba2
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974
e2980aed9f1bb7626df8f2460799dc3017e48f4d989113a0d0a03d4d70e36ec6
e29be4bb675b8ca322dd32a31f0e7e73a6dd62ebc9441d606431957b8ab5a65a
e2b2495180a082636c425b324d43040ec93d4511358d003187b93f071c465867
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84
e3a0c34c83d818bd9856a1db1c56e4e125d8b185dec5b3b00bbdf37bf2b8e063
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45cff4bee80ec959543e36de9c2071beba5c8f562288eefe1e53e5a38f67f19
e484d999ed5e4e6483e73bd60efcdc276f8925428803e51d69714c306b00c97c
e48825fd281a445ae6cb84b6c78fde2f1a839c6ecc313e7c0441dcc0b3359c00
e4a813685d9fba0d4c9f75f5bdedbd428cf733282d9ad223bdab9f6a54088f7f
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e55b83e55faa42ee2a4644ec2219fca03734d82db3b7e584ec34c259175bb333
e5660f8ba5583f4758504b208cb48649ece2e7c02d802f2ce9ae0acceb5d5762
e66a68b3981921066be641298688cbd8c9fe45ae59bab0fc3f6ce54b77c8f589
e7c2337eded668daa218800e9d2697c5bcb38ee5109ac9c36b9da4b0a8cd4a33
e7da1a29f7a8bfc1ca3aa2f2ed3fbf15e0f15dff3b4e8dfdc1702b18f026f250
e88c160059fc55e84a997db69473cf4f136bd809e880a6b4a5a9fe5bebeba51f
e8de68951f8c69c5881f1d44949a82a6a4576266077a793cdf7965f3308147b8
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
e9826aee1d647cb345ef53bee7a8f0c0667bba32732b19c11220802f32f99b08
e99c5e449f17c9203058ba818d4e388061d156fad22b9355b3b02c5c2bbb4531
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec073870edc9ab414dd4af71dd1e0479278446b8d695af3e2526548da56a0045
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e
ecd857064d5de22054c6e59c126e039c2c298109be3c62adb5e2af11e18c6665
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed3cf4836e8ea5a73cca57f69bcfd8f5047e579128d44c81c9a124d1c6783e8e
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
eda851d7c156b81f901d4721023c72be5127e8e023342852e3c761250e51a13c
ee230f8cfa9dfe5ab02da94732abbfeaaff89283d8f32e577845a2371b11f7a6
eec6956d2d7c0267248ac42ab63591c5ffc8dc814534a5ad9ad6bcb2e84ab868
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f006eeccca0790bc125a562e7e2f88da8b2a05c881be2236b7bdb5b9c793a965
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba
f0621ae039a0ef5d84dc0bc0a25ce54dd08257ef65e344116551c1db37b1d40d
f07981ada418160b7e534282cfaaf6abcbae6af062b9981842881e9114496a18
f0b8f706f811b0675dafbc18d6c77c8d9d20604b004ea8f4de5c1b1ff2b5aaee
f0ca16dbfd4a65af5bd1575622e56fbe092d93be6ec646033c05521be2e7843e
f0cba26b5ca9ae3f3ad580fbb1af6d5f46a3cf92cae527ec9b7db9ca8e4bde0e
f13441c9ca4c37ab88e1812acc62ab57252afe1875241baf257664a78c148e18
f1d4cc21b90862eb5e90d2dcb8cf34d7bb42905b4dfc568b2c2749aeb7e2e6e0
f26fa8ac1047495641561b42052b197c7ccf5949cfa300971e1c79e598aa4c1b
f27039d1eb533c6cb80bc06c0c401a4cc55882874beb161f45afd1128343ca7b
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f2996983b38c9595b2e32e49d77938c25758a70b755c0ca7ff1f0345ef584e8a
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f471505a54743d89e160b0e9c30e3ac84916c10281db46b7299a448724e9a289
f4bab2c497229cea30bfad39f6cdf690c738ca7b33d90dd9704500f74b204c01
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f52a25986db575f3b50734266b36cfe7d8e6889805d089e9963ae3b064aa7dc3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5ce53691565beaca8f499184134469a61f8df3519e8bb97dfe8407d577ca403
f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67e16ca32aca0d911ccbde238dd4487d0199b1d29fb48d35cbf08fa9e664480
f690b8302d1e1a726771950b8e27b96c80f7567fb076cb3baaa6613f0a3f522b
f6dbd4a0a179080759970b227cc716ec1c1e721cf1c665576d590620a4742abe
f702e12e31ed24c90737717db4b4bd10ab860fa69b965f1f377a0e02c4507177
f7bc5927ca658577bb40ec1252e6eb8086cdd57b778c385910131b9be297a6ba
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f80388db3c66a366d0639235c9538f48bd799a0ac917805b202bcd9f138bdbd4
f879c7de85cbf0c1b1a78735a6d382b8780e378ac836088a88bb0fa50e945f85
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9
f9cfc7bbf8be5970c78532521e9e130501ba32693976136b73fb4d7ae4580d1f
fa7791fec913342ea73faacc4e2b72f72e264b8d305946ddd559384bf4d124a1
fad296905b8eb51a3aea33ca7b218700fd085931b0bc1b54dd74cbdf7a7a803a
fc1516686e643fb986a8d54f3524a124ae95ad5abda49254d670eb0ed6d01ec7
fc1cb3c1abed6cf3e265facd1e539be166a255907e6d21cfedaa9b901d1d1d20
fc7aeee94b779381d3366ea724184de3837a5b865e2debf79abd918494f68126
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd57eb3f5ea23eaef7791a9513f757eb699e04abbffff59ff88e92aea05efce5
fdbb1dee237ace90489fde5009306fcf2269bdfeaf5540e0402c74cf8e56cfa9
fe442a044ff3943b427495a5971519f2084c1ed638a42b6295c6502db716dff5
fe85befc4a3aaf20ed6c75a929f8a21b7faf9e8aa2d4b3f40bdc1458a41ffe8e
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1