urlscan.io logo urlscan.io
SecurityTrails logo

hillreporter.com Open in urlscan Pro
148.251.128.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2...
Effective URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurP...
Submission: On May 04 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 10 countries across 68 domains to perform 281 HTTP transactions. The main IP is 148.251.128.74, located in Eislingen, Germany and belongs to HETZNER-AS, DE. The main domain is hillreporter.com.
TLS certificate: Issued by R3 on March 10th 2021. Valid for: 3 months.
This is the only time hillreporter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.2 209242 (CLOUDFLAR...)
15 148.251.128.74 24940 (HETZNER-AS)
6 192.0.77.37 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2606:4700::68... 13335 (CLOUDFLAR...)
52 199.232.137.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.2 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 52.222.183.91 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 6 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:210... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 5 3.126.56.137 16509 (AMAZON-02)
1 52.24.184.198 16509 (AMAZON-02)
11 142.250.185.226 15169 (GOOGLE)
2 44.238.170.237 16509 (AMAZON-02)
1 216.52.2.48 29791 (VOXEL-DOT...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 18.194.69.169 16509 (AMAZON-02)
3 52.22.66.224 14618 (AMAZON-AES)
3 8 185.33.221.52 29990 (ASN-APPNEX)
3 65.9.86.127 16509 (AMAZON-02)
1 184.30.21.51 16625 (AKAMAI-AS)
6 18.185.167.149 16509 (AMAZON-02)
2 52.58.177.37 16509 (AMAZON-02)
1 213.19.147.43 26120 (RHYTHMONE)
6 15 34.98.64.218 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 17 141.226.228.48 200478 (TABOOLA-AS)
6 13 76.223.111.131 16509 (AMAZON-02)
4 2600:1f18:612... 14618 (AMAZON-AES)
2 6 18.197.47.23 16509 (AMAZON-02)
6 6 185.94.180.125 35220 (SPOTX-AMS)
6 10 52.58.146.86 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 6 18.159.8.206 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
4 69.173.144.138 26667 (RUBICONPR...)
2 3 198.148.27.139 19189 (PULSEPOINT)
14 17 142.250.186.66 15169 (GOOGLE)
1 10 185.64.190.80 62713 (AS-PUBMATIC)
1 2 72.251.249.13 29791 (VOXEL-DOT...)
2 185.86.137.133 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
2 2 178.250.2.151 44788 (ASN-CRITE...)
2 3 54.36.109.48 16276 (OVH)
2 2 54.93.115.47 16509 (AMAZON-02)
1 1 172.105.221.29 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 23.79.143.124 16625 (AKAMAI-AS)
6 104.111.230.142 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.13.108 54113 (FASTLY)
3 9 2.18.234.21 16625 (AKAMAI-AS)
1 104.16.68.69 13335 (CLOUDFLAR...)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 2 185.33.221.88 29990 (ASN-APPNEX)
2 4 54.239.17.112 16509 (AMAZON-02)
3 4 37.157.4.41 198622 (ADFORM)
1 52.45.128.104 14618 (AMAZON-AES)
3 3 185.29.135.227 30419 (MEDIAMATH...)
3 2.18.233.180 16625 (AKAMAI-AS)
1 104.111.242.245 16625 (AKAMAI-AS)
1 1 52.222.183.71 16509 (AMAZON-02)
3 8 18.195.72.17 16509 (AMAZON-02)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 213.155.156.185 1299 (TELIANET ...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 159.253.128.183 36351 (SOFTLAYER)
1 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 2600:9000:214... 16509 (AMAZON-02)
1 3.214.189.234 14618 (AMAZON-AES)
5 23.21.153.230 14618 (AMAZON-AES)
1 1 88.214.206.247 46636 (NATCOWEB)
2 2 3.127.88.255 16509 (AMAZON-02)
5 5 52.209.246.140 16509 (AMAZON-02)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 185.33.221.14 29990 (ASN-APPNEX)
1 1 70.42.32.31 22075 (AS-OUTBRAIN)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
281 85
2    199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
15    148.251.128.74 (Eislingen, Germany)

ASN24940 (HETZNER-AS, DE)
hillreporter.com
cdn.hillreporter.com
6    192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
52    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
wf.taboola.com
match.taboola.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    52.222.183.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-183-91.ham50.r.cloudfront.net
sb.scorecardresearch.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:2104:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.24.184.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
usync.proper.io
11    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
2    44.238.170.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)
bids.proper.io
1    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.194.69.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
hb.emxdgt.com
3    52.22.66.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
8    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
6    18.185.167.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
2    52.58.177.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pre.ads.justpremium.com
1    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
15    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
propermedia-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.pl
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3d0be4e4347b421f73fd5201b84c6325.safeframe.googlesyndication.com
2    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
17    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
am-wf.taboola.com
13    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
4    2600:1f18:612b:4216:9e4c:4287:35ff:53db (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
6    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
6    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
10    52.58.146.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-146-86.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    18.159.8.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
17    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
10    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com
id5-sync.com
2    54.93.115.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
1    172.105.221.29 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-29.members.linode.com
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
1    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
4    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    52.45.128.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
3    185.29.135.227 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    52.222.183.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-183-71.ham50.r.cloudfront.net
ib.3lift.com
8    18.195.72.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-72-17.eu-central-1.compute.amazonaws.com
eb2.3lift.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    213.155.156.185 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2600:9000:214f:c600:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
1    3.214.189.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
5    23.21.153.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usr.undertone.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    3.127.88.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
5    52.209.246.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
69 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
match.taboola.com
am-wf.taboola.com
945 KB
29 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
137 KB
18 pubmatic.com
hbopenbid.pubmatic.com
simage2.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
49 KB
15 openx.net
propermedia-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
4 KB
15 hillreporter.com
hillreporter.com
cdn.hillreporter.com
236 KB
13 adsrvr.org
match.adsrvr.org
5 KB
12 rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
32 KB
12 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
8 KB
10 bidswitch.net
x.bidswitch.net
3 KB
10 googlesyndication.com
3d0be4e4347b421f73fd5201b84c6325.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
25 KB
9 3lift.com
ib.3lift.com
eb2.3lift.com
4 KB
9 wp.com
c0.wp.com
stats.wp.com
i0.wp.com
pixel.wp.com
77 KB
8 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
6 KB
7 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
7 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
38 KB
6 undertone.com
cdn.undertone.com
usr.undertone.com
3 KB
6 mfadsrvr.com
rtb.mfadsrvr.com
4 KB
6 spotxchange.com
sync.search.spotxchange.com
4 KB
6 advertising.com
pixel.advertising.com
1 KB
6 sharethrough.com
btlr.sharethrough.com
679 B
6 quantserve.com
secure.quantserve.com
pixel.quantserve.com
19 KB
6 proper.io
global.proper.io
usync.proper.io
bids.proper.io
eb.proper.io
87 KB
5 bidr.io
match.prod.bidr.io
3 KB
5 googletagservices.com
www.googletagservices.com
168 KB
5 gstatic.com
fonts.gstatic.com
131 KB
4 adform.net
c1.adform.net
2 KB
4 tremorhub.com
taboola-supply-partners.tremorhub.com
729 B
3 mathtag.com
sync.mathtag.com
2 KB
3 id5-sync.com
id5-sync.com
4 KB
3 contextweb.com
bh.contextweb.com
1 KB
3 mantisadnetwork.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
1 KB
3 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 facebook.net
connect.facebook.net
101 KB
2 w55c.net
pm.w55c.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
990 B
2 semasio.net
uipglob.semasio.net
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 360yield.com
ice.360yield.com
1008 B
2 criteo.com
dis.criteo.com
900 B
2 smartadserver.com
rtb-csync.smartadserver.com
860 B
2 justpremium.com
pre.ads.justpremium.com
5 KB
2 teads.tv
a.teads.tv
sync.teads.tv
1 KB
2 emxdgt.com
hb.emxdgt.com
e1.emxdgt.com
218 B
2 google.com
www.google.com
adservice.google.com
284 B
2 quantcount.com
rules.quantcount.com
853 B
2 facebook.com
www.facebook.com
280 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
445 B
1 admanmedia.com
cs.admanmedia.com
413 B
1 bfmio.com
sync.bfmio.com
1 simpli.fi
um.simpli.fi
611 B
1 zeotap.com
mwzeom.zeotap.com
595 B
1 de17a.com
d5p.de17a.com
134 B
1 adentifi.com
rtb.adentifi.com
88 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 districtm.io
cdn.districtm.io
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
361 B
1 adkernel.com
dsp.adkernel.com
233 B
1 google.pl
adservice.google.pl
165 B
1 1rx.io
tag.1rx.io
172 B
1 google.de
www.google.de
107 B
1 onesignal.com
cdn.onesignal.com
3 KB
1 googleapis.com
fonts.googleapis.com
983 B
1 googletagmanager.com
www.googletagmanager.com
35 KB
281 68
Domain Requested by
20 images.taboola.com hillreporter.com
17 cm.g.doubleclick.net 14 redirects hillreporter.com
eu-u.openx.net
eb2.3lift.com
13 match.adsrvr.org 6 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
eu-u.openx.net
eb2.3lift.com
12 cdn.taboola.com hillreporter.com
cdn.taboola.com
11 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
info.silobreaker.com
www.googletagservices.com
11 cdn.hillreporter.com hillreporter.com
cdn.hillreporter.com
10 x.bidswitch.net 6 redirects imprammp.taboola.com
am-match.taboola.com
9 ib.adnxs.com 4 redirects global.proper.io
hillreporter.com
ssum-sec.casalemedia.com
eb2.3lift.com
8 eb2.3lift.com 3 redirects global.proper.io
eb2.3lift.com
8 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
7 eu-u.openx.net 3 redirects global.proper.io
eu-u.openx.net
7 trc.taboola.com cdn.taboola.com
hillreporter.com
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
global.proper.io
cdn.undertone.com
6 rtb.mfadsrvr.com 6 redirects
6 sync.search.spotxchange.com 6 redirects
6 pixel.advertising.com 2 redirects imprammp.taboola.com
am-match.taboola.com
6 btlr.sharethrough.com global.proper.io
6 c0.wp.com hillreporter.com
5 match.prod.bidr.io 5 redirects
5 us-u.openx.net 2 redirects eu-u.openx.net
5 usr.undertone.com cdn.undertone.com
5 image2.pubmatic.com 1 redirects ads.pubmatic.com
5 simage2.pubmatic.com hillreporter.com
ads.pubmatic.com
5 www.googletagservices.com securepubads.g.doubleclick.net
5 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
hillreporter.com
5 ups.analytics.yahoo.com 5 redirects
5 fonts.gstatic.com fonts.googleapis.com
4 am-wf.taboola.com vidstat.taboola.com
4 c1.adform.net 3 redirects ssum-sec.casalemedia.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
eb2.3lift.com
4 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
4 sync.taboola.com 2 redirects hillreporter.com
4 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
4 pixel.quantserve.com 2 redirects hillreporter.com
mantodea.mantisadnetwork.com
4 hillreporter.com info.silobreaker.com
hillreporter.com
cdn.hillreporter.com
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
eu-u.openx.net
3 ads.pubmatic.com global.proper.io
ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 id5-sync.com 2 redirects hillreporter.com
3 bh.contextweb.com 2 redirects hillreporter.com
3 am-match.taboola.com vidstat.taboola.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 c.amazon-adsystem.com global.proper.io
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
hillreporter.com
3 connect.facebook.net hillreporter.com
connect.facebook.net
2 pm.w55c.net 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 secure.adnxs.com 1 redirects hillreporter.com
2 js-sec.indexww.com global.proper.io
ssum-sec.casalemedia.com
2 token.rubiconproject.com eus.rubiconproject.com
2 secure-assets.rubiconproject.com 2 redirects
2 ice.360yield.com 2 redirects
2 dis.criteo.com 2 redirects
2 rtb-csync.smartadserver.com hillreporter.com
eu-u.openx.net
2 ce.lijit.com 1 redirects hillreporter.com
2 pixel.rubiconproject.com hillreporter.com
cdn.undertone.com
2 u.openx.net 1 redirects hillreporter.com
2 wf.taboola.com vidstat.taboola.com
2 pre.ads.justpremium.com global.proper.io
2 mantodea.mantisadnetwork.com global.proper.io
2 bids.proper.io global.proper.io
2 rules.quantcount.com secure.quantserve.com
2 secure.quantserve.com global.proper.io
mantodea.mantisadnetwork.com
2 www.facebook.com hillreporter.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 global.proper.io hillreporter.com
global.proper.io
2 info.silobreaker.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cs.admanmedia.com 1 redirects
1 sync.bfmio.com global.proper.io
1 cdn.undertone.com global.proper.io
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 d5p.de17a.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 ib.3lift.com 1 redirects
1 sync.teads.tv global.proper.io
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 biddr.brealtime.com global.proper.io
1 cdn.districtm.io global.proper.io
1 acdn.adnxs.com global.proper.io
1 bttrack.com hillreporter.com
1 s.c.appier.net 1 redirects
1 e1.emxdgt.com hillreporter.com
1 dsp.adkernel.com hillreporter.com
1 match.taboola.com hillreporter.com
1 am-vid-events.taboola.com hillreporter.com
1 imprammp.taboola.com vidstat.taboola.com
1 3d0be4e4347b421f73fd5201b84c6325.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.pl securepubads.g.doubleclick.net
1 eb.proper.io global.proper.io
1 15.taboola.com cdn.taboola.com
1 propermedia-d.openx.net global.proper.io
1 tag.1rx.io global.proper.io
1 a.teads.tv global.proper.io
1 hb.emxdgt.com global.proper.io
1 hbopenbid.pubmatic.com global.proper.io
1 ap.lijit.com global.proper.io
1 usync.proper.io hillreporter.com
1 www.google.de hillreporter.com
1 www.google.com hillreporter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 pixel.wp.com hillreporter.com
1 i0.wp.com hillreporter.com
1 stats.wp.com hillreporter.com
1 cdn.onesignal.com hillreporter.com
1 fonts.googleapis.com hillreporter.com
1 www.googletagmanager.com hillreporter.com
281 117
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
hillreporter.com
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.undertone.com
Amazon		 2020-12-11 -
2022-01-09		 a year crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh

This page contains 30 frames:

Primary Page: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Frame ID: AD8A9BF18651F8806973F02D445CF2F4
Requests: 138 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=undefined&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1534696EF117392487932212325&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 236EB556A6A0CAEC3EB848C9CC9ECCB8
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 29306A478E68244CB58CA51AA63BC847
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhikQA1T5eotMJR6WT_GkktZu-snSoUlG1-1x7SK6gv1nhdEMzdfqRThKtNdxcj7jedtD1303e_HE6Cn0grZ2AXqiQI6_j4zAU2--uDS3DcziPhKroxkixHHpLHGda5tTWYOTXA_looSezhwY-HDwEcjXaeKkPZzmg60bPfLPuHDUPmuT-QPCCZFOH2yqXRavAkgs58HdS5XmkBrQEDZ12JSem-XWJjpIlj4Qj_VKXIZgdstdCTeNPV6AyRnSO9TSO6_MjMz8Opsh3S596AI-vHNf3KpgXh7g4iwIlrCHlRaFWPpEaDglRfQghlhIb&sai=AMfl-YRnzNvy9fwu_UYV9oZ1-48DHwZRRXcY6pIk39bu6chHg1fiCf2I86BocnGfpn37HOkoal_ekV4_IlOyKCh0yzrWT_d9yVui4DICTbO6c0BnRKpZW8k4xGveKYd5nQk&sig=Cg0ArKJSzPKQT_x5hBtqEAE&urlfix=1&adurl=
Frame ID: 3FC5B4812A41E518366E2D3388F01B3F
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4x4Stx-YvcX8gmoOnLns-YtTk_hrAH-cTH1TTpNjzLc3X28DEVpuSuO67i_JxEYsE_fyDgmCH3X376FOgMR9RGyAogUBRekzRNaJJnqSm__Pq91Fd4G-CAPLWRxMOv5uODeUahS2yNd7R6gCrkjrdBxGfC-8w1Q0KBSB-iUKWbqTVRysDBUExYpesMNX2315iJbKA4Ui9GtAbN7JpoH4p6-VJc1MvKuBEHcXx7Q7G23n-EzK88Db28g-QDtqS-QyyBMEvs7nZpuFb-QMB-5Sev0hqDNUiagIXc_oZPv81hFIHBL6wPm6xm8o0eA&sai=AMfl-YRVoNl9z3hDCjl5gJKP1DD9BZTxFDJncWmMndh0dnKT_H7Jh3mo9yhTbtUaj5lWkt1XrTxFaPHEArTjBWDpwVy6-zOeyXhH7L9inz5x_M4ccY_Nz55UYcacwg9qGJ8&sig=Cg0ArKJSzBEjvmX8Jka-EAE&urlfix=1&adurl=
Frame ID: F58020738775873A8CE36AD63A718AD5
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3Cit5c5UuhI-zjtLkxeBLJGdI-R-W1dWxvrGf6gFF_KvNakwb1fobY_ecy2DJkMzXHFL1TlOcN8H8KxCeqgbqGl4JzZA6zC6y7n-SynB5mbrVx1ic2S0i4o0n0dgyenmHAIIYlVKrHfPOzU5jKe9Va240fqPq3Q_evme2x5ANIjrOSuhsRQQoCReszyNdQC2Gwv180lAGoxKAc8khAsgII_TChfd5AQSnnEWaOSEaw2USFf-jChKRBX8HY052gAtpmqygpVXf4sTz0mK9woDskliJj-Q16BXsU5EHZ_jE_NPjrLWxq3whZG70tw&sai=AMfl-YTqmOuIzydayGzMz4L90wQDz8phrlVBGaxEmJ6XAv3mnokJQD6R3H_RO4UxAit57qvJOhXyxTFLmI4XcD7ZISRQjmbRjbbOIx_fDb5-Um2ta3I4-lrJKYpokZB_XlY&sig=Cg0ArKJSzD3geDjZaxWhEAE&urlfix=1&adurl=
Frame ID: DE2B2482FF31DF73F4A62083231DAD0F
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHzQ14iVwD3A_qvFR1IfFyJ09Hbd0cNMxCTn3ensnA1Ymlp-CCedNrOgydQeNV17PCVR5ujrI1fRBCsYbHCCfegiPaJ4ydwJot3MqOpBCa6X5CRa6bGO441Om3wI36lBnYZYDXtcNlJlVgvbg_FRVfKkY4p-I8Buf14PlRnvJmCtKoYF7pM67LoNYWkmtzJQGZjJm1Ta9Aq2zWA2oYDAH3V4WhYUc8b-Oqm1FP4aSYrY5t6tHB15sFslyI-TlSc2yk1AYMzHEUwEENHXkiGCb5ILaBuxLNqvdfG9-ZD3lRbSk235EEzgNVTA&sai=AMfl-YTkdCUix3Fx_b563Uzh5JNLGRyTURx4ZRlwsIBNn5D8M4slXUW_BN8XsekEqcRTaPla6DvubUc3peKIp-2ptpRUgKI470NJgdhUssYUdEAwtH9A5RNMLyyaIpK0DA0&sig=Cg0ArKJSzLkFc_7yNP4jEAE&urlfix=1&adurl=
Frame ID: 78415D074424AB9C83FCA10B6DCEF212
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: B0957DC65F437892C768DF6D9C79E36B
Requests: 5 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0a8577cb-80f4-45c4-8af7-c0b366843ff1&tbid=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&query=taboola_hm%3D0a8577cb-80f4-45c4-8af7-c0b366843ff1&isDirect=0
Frame ID: 04F30842EBA3BD9DC6572C8E01071F2A
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 2587AAD64F8ED6DE7CA231EA41D2AE92
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8434814B530C78EAE55CED756FE225E7
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EC611CA2303DBC693CD876B1EA41C60F
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620127916160&secure=true&version=9&mobile=false&title=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Frame ID: BCCA3E712012C1DA7A935BA58814D306
Requests: 5 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: D5105776FD4454244BEB596CFDB3A6DA
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 216E19983DC419CE098DD2394211EBEB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A46EC66E819E483F8EB1E81D018EB7FA
Requests: 10 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=az7wbg1620127916243
Frame ID: 65D4FB83AD62AE1D6E1A1C5B7843B3FB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EB6F3B40DC1904ED3F08C8E45C801ABD
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D33E058F10792F93662E2417E46D8AF0
Requests: 2 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Frame ID: A11CD18FCEA7C910783449D9E42D225C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: AB41BD6AFC26931726875687A2689B79
Requests: 11 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 9883AA826E298EDE65DA2ACE57C025CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 2120D2DB29B70CC1737601526F02C8D1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 69804779B344BBA831811AF5D9F63837
Requests: 7 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Frame ID: 1F35990863F0E3B3EA31C878B6A96404
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 199E251078880E46DAF2DE3355FF6917
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: 359DEE434C26EA7655D5BA67314B1E32
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D0F58BB4F45640C297667456B38A37CE
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D1261ACC9A24CD1AC59FEA54E6EE58DD
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A114DE4E8C9657D176AA0056F47870F6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V... HTTP 307
    https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

281
Requests

98 %
HTTPS

28 %
IPv6

68
Domains

117
Subdomains

85
IPs

10
Countries

2143 kB
Transfer

5868 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1?_ud=b7c60ece-0347-4ae0-bc59-cabe6ae43764&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620127916169&ns_c=UTF-8&cv=3.5&c8=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&c7=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620127916169&ns_c=UTF-8&cv=3.5&c8=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&c7=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&c9=
Request Chain 48
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7fbc4939_d0ea5b9d_1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7fbc4939_d0ea5b9d_1&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-9Onl4ahE2uGnOOx5RQhQvpS1cZKBW9PM~A
Request Chain 120
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=55e4d29d-accc-11eb-9944-1a377c5d0306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=55e4d24e-accc-11eb-9944-1a377c5d0306&orig=video&us_privacy=1---
Request Chain 127
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=55edefe9-accc-11eb-8527-1e5bf6c20306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=55edef9e-accc-11eb-8527-1e5bf6c20306&orig=video&us_privacy=1---
Request Chain 154
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0a8577cb-80f4-45c4-8af7-c0b366843ff1 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0a8577cb-80f4-45c4-8af7-c0b366843ff1&tbid=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&query=taboola_hm%3D0a8577cb-80f4-45c4-8af7-c0b366843ff1&isDirect=0
Request Chain 155
  • https://u.openx.net/w/1.0/sd?id=543998486&val=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent=
Request Chain 158
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Uh19DSrH07wb&ev=1&orig=trc&pid=562107
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO-8K-5APf36M4g_mErxK8U&google_cver=1
Request Chain 162
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&google_tc=
Request Chain 163
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bef41988-bc2b-4e6f-8987-ebec0ca8fcd4
Request Chain 164
  • https://ce.lijit.com/merge?pid=42&3pid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 168
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=335be804-efab-4f4c-89cd-6decf1caf976
Request Chain 169
  • https://id5-sync.com/s/464/9.gif?puid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO66VfeqAahuh5Tqryb9TDv8P-uiOvwTHD8DZA7w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO66VfeqAahuh5Tqryb9TDv8P-uiOvwTHD8DZA7w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=72960dc3-4e53-44c7-9623-ae285ac2eab5&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Request Chain 170
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=rUPWSnZ_D8288csPsTCRYA
Request Chain 172
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=68d98451-58c0-4ee1-88b9-a4cc66756637 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=68d98451-58c0-4ee1-88b9-a4cc66756637 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=93473cde-911f-4508-8d08-eab5be7c5213&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=68d98451-58c0-4ee1-88b9-a4cc66756637
Request Chain 179
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 191
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=c0778bfc-aee8-4109-9975-1fc806ef2157
Request Chain 192
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Request Chain 194
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 196
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJEwsYOQIBZA7Yz8Yd8imQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbClltj2XCEfRzgO3AFh_Y&google_cver=1
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEIKsobtN0YGZmytXfkXbvrk&google_cver=1
Request Chain 198
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB&dcc=t
Request Chain 202
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b2f26091-30b5-4b00-a1d8-8967fd26a316&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b2f26091-30b5-4b00-a1d8-8967fd26a316&gdpr=1&gdpr_consent=&C=1
Request Chain 209
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 213
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g2Qi45BwRcKD522EQ1Cy9w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 216
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=836422E3-9070-45C2-83E7-6D844350B2F7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=836422E3-9070-45C2-83E7-6D844350B2F7&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 217
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=836422E3-9070-45C2-83E7-6D844350B2F7&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=836422E3-9070-45C2-83E7-6D844350B2F7&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=836422E3-9070-45C2-83E7-6D844350B2F7&addseg=21
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODM2NDIyRTMtOTA3MC00NUMyLTgzRTctNkQ4NDQzNTBCMkY3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELNZbymmhNHEa3TBWJfwBFU&google_cver=1
Request Chain 221
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c0778bfc-aee8-4109-9975-1fc806ef2157
Request Chain 222
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7527710286074697523
Request Chain 223
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aaf66091-30b5-4400-9456-79b2a4b27d3d&gdpr=0&gdpr_consent=
Request Chain 224
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5632724308050868260&gdpr=0&gdpr_consent=
Request Chain 226
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=836422E3-9070-45C2-83E7-6D844350B2F7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=836422E3-9070-45C2-83E7-6D844350B2F7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oIJoIoBE2uUbOpSm4KqoDbJFPkbqsYI-~A&gdpr=0&gdpr_consent=
Request Chain 227
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HHOAExlz2xMHe4tHHSKUQUwhjkQHIdoaS3VeaP56
Request Chain 233
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Request Chain 234
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 235
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5632724308050868260
Request Chain 236
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=adfe9440-eb88-4a14-b7a7-eb19629aa481
Request Chain 237
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP59bb39e3-accc-11eb-a9d9-0252caee3c48 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-s2XCoX5E2uEpwQ7Gh9GBYcwgjaSZ.Qbz~A~UP59bb39e3-accc-11eb-a9d9-0252caee3c48
Request Chain 238
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=c0778bfc-aee8-4109-9975-1fc806ef2157&ttl=1622719924
Request Chain 240
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
Request Chain 242
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=gi9x2ceb1LDThN5 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=gi9x2ceb1LDThN5
Request Chain 243
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=b6f3b21d-2a94-4a2a-913f-b5d8dc109947 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=b6f3b21d-2a94-4a2a-913f-b5d8dc109947 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8eb34598-3972-43eb-859e-d06d64cac604&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b6f3b21d-2a94-4a2a-913f-b5d8dc109947
Request Chain 244
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERmdVN0JJbUVBQUN4Y1luTTRZUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERmdVN0JJbUVBQUN4Y1luTTRZUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADFgU7BImEAACxcYnM4YQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADFgU7BImEAACxcYnM4YQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADFgU7BImEAACxcYnM4YQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADFgU7BImEAACxcYnM4YQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Request Chain 245
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d8236091-30b5-4000-bad4-520221ba5fc0 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=d8236091-30b5-4000-bad4-520221ba5fc0
Request Chain 246
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oUXE8qRFn_K6Tc-moBTQoPEXyqW6F5779kP7F5mx
Request Chain 247
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7527710286074697523
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBgqZL5uZaGpV8AzYkTUpyg&google_cver=1
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM73hj0lKBN1RlBDF4Uyk7w&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 256
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA3MDUxNzIzNDA2NjI5Njk1Nw%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA3MDUxNzIzNDA2NjI5Njk1Nw%3D%3D&google_tc=
Request Chain 258
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/7070517234066296957?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-mAHZTilE2oRcxLgRpc5iyWXufVXvkyeT_VEKwLJNHQ--~A&dongle=0883
Request Chain 259
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=145506032757471806&dongle=4d58&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=3335&xuid=145506032757471806&dongle=4d58&gdpr=1&cmp_cs=&us_privacy=
Request Chain 260
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7070517234066296957 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7070517234066296957&dcc=t
Request Chain 261
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 270
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=628bc5a2-accc-11eb-a09a-155da6fd0506 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=628bc567-accc-11eb-a09a-155da6fd0506&orig=video&us_privacy=1---

281 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_196...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a30a44fbebdcd5ecd522693531e989aecce231ef21651e068a6e69bfadf178e

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:54 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=dcdccea156800d14f85a8d818efd28f051620127914; expires=Thu, 03-Jun-21 11:31:54 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=4a26c712797a86ff0df83d81fe47166ef9bcc345-1620127914; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
64a167c82e0300cd-AMS
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
09d8bf3119000000cdf58b2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
7cb3b588-e501-42f8-9c39-ba14af1a781a
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y50aUgSIiltatvSfBqY2Du8%2Bzust%2BU9vhxQcAyYou0OxLPLjTtQroq1AL1WeY%2FRz%2FW2tEhlpJTrHz0Ic8M8TVgCt2zKqqpO9zifruVM%2F3Px%2Bc%2F83dw%3D%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
content-encoding
br
Primary Request joe-manchin-says-he-would-have-fought-rioters-99906
hillreporter.com/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N56...
  • https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_...
72 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e297e253e828ecb91ac4b44649ec6bad00ea99a9e20c4632c37e4be6574ca5a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
hillreporter.com
:scheme
https
:path
/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1

Response headers

server
nginx
date
Tue, 04 May 2021 11:31:54 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-edge-cache
cache,platform=wordpress
link
<https://hillreporter.com/wp-json/>; rel="https://api.w.org/" <https://hillreporter.com/wp-json/wp/v2/posts/99906>; rel="alternate"; type="application/json" <https://hillreporter.com/?p=99906>; rel=shortlink
vary
Accept-Encoding, Cookie
last-modified
Tue, 04 May 2021 11:31:04 GMT
x-presslabs-stats
HIT; 0.187s; 22 queries; desktop; ttl 1800s; refresh in 1750s
content-encoding
gzip
x-request-id
4e237abccda76d40dec7fbfbebb012a1
strict-transport-security
max-age=31536000

Redirect headers

date
Tue, 04 May 2021 11:31:54 GMT
location
https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
cf-ray
64a167c90fcd00cd-AMS
link
<https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
09d8bf31aa000000cd5c97d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
74d4f18b-f8ba-420a-838e-6e723cac5d71
x-robots-tag
none
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U6gneAXzRd%2BceJf7Mxp3fbkbpkspW1EFcLYpKmbFrj2Z0YLnoip2HJfJLvKfEu3Q1CTUQdjT%2FncqpnbHhJ%2F8%2Fej4npZFAnIO3nideqn9NksfxJlGWA%3D%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
front.css
cdn.hillreporter.com/wp-content/plugins/mag-builder/css/ 		791 B
524 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/plugins/mag-builder/css/front.css?ver=2.4.23
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
3cde7327c67a2bde4b077ce381cda87e1cdbc5b0e7eab38f7c4ab06078f97ed5

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:54 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 06:17:52 GMT
server
nginx
etag
W/"607d2090-317"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
b0b80f6568b11dbe447e1a7ee82a6c4b
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/ 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 May 2022 11:31:55 GMT
gdm-blocks.css
cdn.hillreporter.com/wp-content/plugins/google-drive-embedder/css/ 		490 B
566 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/plugins/google-drive-embedder/css/gdm-blocks.css?ver=5.7.1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
fd5cb099e20880a844303f3fa924ec36445155c0e874418b092dde6a6b5dcfe9

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:54 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 06:17:51 GMT
server
nginx
etag
W/"607d208f-1ea"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
b0b80f6568b11dbe447e1a7ee82a6c4b
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/ 		70 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618813073
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
9e517641e1c47d965766f6b39e1293ada96d8c04ee1ba730cae2c73344486f22

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:54 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 06:17:53 GMT
server
nginx
etag
W/"607d2091-116f9"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
b0b80f6568b11dbe447e1a7ee82a6c4b
expires
Thu, 31 Dec 2037 23:55:55 GMT
jetpack.css
c0.wp.com/p/jetpack/9.6.1/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.6.1/css/jetpack.css
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b17a1dde76cbfa8f7e19a7121ecde1ad3d2cc9fca6bbd795042d3f484b53d2a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
last-modified
Tue, 30 Mar 2021 16:59:40 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 May 2022 11:31:55 GMT
jquery.min.js
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 May 2022 11:31:55 GMT
jquery-migrate.min.js
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 May 2022 11:31:55 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-100615071-2
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5047db1ed9fce6b794573bfb6aa422698d4e0796b5e85444f316722059b98b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35862
x-xss-protection
0
last-modified
Tue, 04 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 May 2021 11:31:55 GMT
logo3.png
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/images/logo3.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
53da7e4b2b784af81549ddfe3ebc3374f06ef290f620c5f2aa231530da07445b

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 06:17:53 GMT
server
nginx
etag
W/"607d2091-3dff"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/png
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
f9da1861e01a11fa12a19f12138fe500
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
cdn.hillreporter.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-3795"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
f9da1861e01a11fa12a19f12138fe500
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		9 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7.1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc9bc1b8a8d7d7140117999c802b9be2e00337e9ab4bd7c69aff5ae57afa116c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 May 2021 11:27:39 GMT
server
ESF
date
Tue, 04 May 2021 11:31:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 May 2021 11:31:55 GMT
photon.min.js
c0.wp.com/p/jetpack/9.6.1/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.6.1/_inc/build/photon/photon.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 May 2022 11:31:55 GMT
jquery.fitvids.js
cdn.hillreporter.com/wp-content/plugins/fitvids-for-wordpress/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/plugins/fitvids-for-wordpress/jquery.fitvids.js?ver=1.1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
4eeeaa4e345fef8be54d0a26426b4fb41a4fa9110bf30cba2254472189aca82c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 06:17:51 GMT
server
nginx
etag
W/"607d208f-edb"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
78c7860acff059fdd2112138da5e3b16
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
c0.wp.com/c/5.7.1/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.1/wp-includes/js/wp-embed.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 May 2022 11:31:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acc1ad1225689fe2c5479e7f8d822ecba31f2fe25bf5897678f12e640fc2321

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2325
etag
W/"e96732c560b171a3c798575723231e7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
64a167cdeb504a9d-FRA
cf-request-id
09d8bf34b200004a9d8b8ef000000001
expires
Fri, 07 May 2021 11:31:55 GMT
ajax-load-more.min.js
cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/dist/js/ 		205 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/dist/js/ajax-load-more.min.js?ver=5.4.5
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
0e3ea0ec55dca3df2b00d0feba6fa3779939e8fa9f58639bc1bc830e31ff5534

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 17:28:10 GMT
server
nginx
etag
W/"60899b2a-33426"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
b6475b759afe598b770d9719693d7296
expires
Thu, 31 Dec 2037 23:55:55 GMT
drawer.min.js
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/js/drawer.min.js?ver=5.7.1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
6bfc1cffba6bac80d7d839716f8aaac9a11c922685738ce9fe8ac273edcda947

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 06:17:53 GMT
server
nginx
etag
W/"607d2091-9118"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
2ce888040ad2cc2008afa204e6019edc
expires
Thu, 31 Dec 2037 23:55:55 GMT
e-202118.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202118.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 24 Apr 2022 21:30:40 GMT
V3CykjuIU7M2.js
hillreporter.com/ 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hillreporter.com/V3CykjuIU7M2.js?ts=3766
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
3fa473d6b3c64226cfee6729a9c111dcef10b1312b1f5806036e7ea8348b2f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/V3CykjuIU7M2.js?ts=3766
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hillreporter.com
referer
https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 14:50:36 GMT
server
nginx
etag
W/"5ebab7bc-5c4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
strict-transport-security
max-age=31536000
x-presslabs-stats
desktop
x-request-id
c07cc7d27f60762df800afa07404ea4b
expires
Thu, 01 Jan 1970 00:00:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
UBZGc3Qt0XlXgtpMalJt05ZPHNndx1/EvcVbygPBUNUUshaQEeX04Bawddoy6C6pZSC9zJiwHUWU9ivFN4g0yg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Tue, 04 May 2021 11:31:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
hillreporter.min.js
global.proper.io/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/hillreporter.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceab30455e06d08009be949828d5685289dcb5e1cad37b9a077d0956a0c23129

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Apr 2021 20:56:59 GMT
server
cloudflare
age
310818
etag
W/"608c6f1b-3d86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
64a167cddb8ec27c-FRA
cf-request-id
09d8bf34aa0000c27cf414f000000001
expires
Tue, 04 May 2021 11:36:55 GMT
loader.js
cdn.taboola.com/libtrc/hillreporter-network/ 		188 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d20663a99c2434ff6b57d088bcf6a40ea6cd417eb7d32e31b0c9abec265ff6fc

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wYLnV6FDGIHIcHvy28cUVfFhZ6WvDpNc
content-encoding
gzip
etag
"ec9a4714e9e3bcc042c1ecb1770f3b1a"
age
25
x-cache
HIT
content-length
24901
x-amz-id-2
+WNycM5KSbHKjtRftaOasw9GYDUg1x9dQ8OKPgHEQzRBO8bUSemZg35pcZ7gih3nJRJ6CgmV8Io=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 20:24:57 GMT
server
AmazonS3
x-timer
S1620127915.296063,VS0,VE1
date
Tue, 04 May 2021 11:31:55 GMT
vary
Accept-Encoding
x-amz-request-id
NRW37SGARMCT6CHE
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
93
x-cache-hits
1
header.jpg
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/images/header.jpg
Requested by
Host: cdn.hillreporter.com
URL: https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618813073
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
db8be4a0e52d8799ebceedc633dcd7e52e7cb25f48e18f76203c8243a432a700

Request headers

Referer
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618813073
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
last-modified
Mon, 19 Apr 2021 06:17:53 GMT
server
nginx
etag
"607d2091-5960"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
content-length
22880
x-request-id
a957c24e6619b6f353185c6427c193ec
expires
Thu, 31 Dec 2037 23:55:55 GMT
loader-fading-blocks.gif
cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/img/loader-fading-blocks.gif
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
614720662b401ebcc2e88a3b22d87311f4084e22881644ea7940d9841fb3dcf9

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
last-modified
Wed, 28 Apr 2021 17:28:08 GMT
server
nginx
etag
"60899b28-bab"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
content-length
2987
x-request-id
9fe253009ffa50e59f4e487298d2f9a5
expires
Thu, 31 Dec 2037 23:55:55 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:43:44 GMT
server
sffe
age
416868
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:44:07 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 07:01:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:50:31 GMT
server
sffe
age
448238
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
expires
Fri, 29 Apr 2022 07:01:17 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v9/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7.1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 03:59:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:52 GMT
server
sffe
age
199956
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23924
x-xss-protection
0
expires
Mon, 02 May 2022 03:59:19 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v9/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7.1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:13:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:59 GMT
server
sffe
age
397108
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27344
x-xss-protection
0
expires
Fri, 29 Apr 2022 21:13:27 GMT
fontawesome-webfont.woff2
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/fonts/fontawesome-webfont.woff2
Requested by
Host: cdn.hillreporter.com
URL: https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618813073
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://hillreporter.com
Referer
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618813073
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-length
77160
x-request-id
dd2ac1c72f31dc6da2380cc88862c297
last-modified
Mon, 19 Apr 2021 06:17:53 GMT
server
nginx
etag
"607d2091-12d68"
x-presslabs-cache
HIT
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://hillreporter.com
access-control-expose-headers
Content-Length,Content-Range,X-WP-Total,X-WP-TotalPages,Link
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-WP-Nonce
expires
Thu, 31 Dec 2037 23:55:55 GMT
GettyImages-1301485214.jpg
i0.wp.com/hillreporter.com/wp-content/uploads/2021/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/hillreporter.com/wp-content/uploads/2021/05/GettyImages-1301485214.jpg?resize=480%2C327&ssl=1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
dcc4cf9b744de4de85c0329178637d9f28fe5a21fbb023cea9e23a73a20c7d1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 May 2021 11:31:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 17:50:21 GMT
server
nginx
etag
"3448202464b52635"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://hillreporter.com/wp-content/uploads/2021/05/GettyImages-1301485214.jpg>; rel="canonical"
content-length
18140
expires
Thu, 04 May 2023 05:50:21 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.39
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
0WXCFUlCMegd3aUOYBpKeaCbE7KG8qJ7NDzFdEa08amiUDgLH7iiV4pHLPgvzFwmJ+4VKsiMnIlch4vlaKP9AA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 04 May 2021 11:31:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
223621711747335
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/223621711747335?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46af55aacefb6fd164b7aee49cae754af8a2eb481c8e7f2b805c67865c206ffe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
3PICKW2Ud17aDlzRxwAO8errGPF86L366FIWAIdmcM/mq7Bzs1Nz+yW4RqXvjJ/qex4o8eHPzgK2ztsU8BpF3w==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 04 May 2021 11:31:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
admin-ajax.php
hillreporter.com/wp-admin/ 		474 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hillreporter.com/wp-admin/admin-ajax.php?id=99906&initial_id=99906&order=previous&taxonomy=&excluded_terms=&post_type=post&init=true&action=alm_get_single
Requested by
Host: cdn.hillreporter.com
URL: https://cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/dist/js/ajax-load-more.min.js?ver=5.4.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
1498723b9048cd7b11f0660e553ef531cc952be1d488a7d42cf74425aa8fffd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
paddos_PfVNe=1
:path
/wp-admin/admin-ajax.php?id=99906&initial_id=99906&order=previous&taxonomy=&excluded_terms=&post_type=post&init=true&action=alm_get_single
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
hillreporter.com
referer
https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Tue, 04 May 2021 11:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-presslabs-stats
BYPASS; desktop
vary
Accept-Encoding
x-request-id
1804b561d66becbc5d1ab1c8964c54a9
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0, no-store
set-cookie
PHPSESSID=6fe7d90f550f0e238551defc94908a45; path=/ wordpress_google_apps_login=99d61de6e2ace401aa2c0d129f65c8ed; path=/; secure; HttpOnly
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
latest.js
global.proper.io/payloads/ 		319 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/hillreporter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Jan 2021 15:33:24 GMT
server
cloudflare
age
3680974
etag
W/"5fff12c4-4fbd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
64a167d1ca1fc27c-FRA
cf-request-id
09d8bf371c0000c27cde8a2000000001
expires
Tue, 04 May 2021 11:36:55 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100615071-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6680
date
Tue, 04 May 2021 09:40:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 04 May 2021 11:40:35 GMT
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=151552998&post=99906&tz=-4&srv=hillreporter.com&host=hillreporter.com&ref=&fcp=824&rand=0.7043631816094829
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:55 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
impl.20210503-25-RELEASE.js
cdn.taboola.com/libtrc/ 		483 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210503-25-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e2c8a6402dc03698cede65efa462b014507c82bd6751286fc540b7f20926640b

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BZ0KMUKeiqs.N05C0S8eoKFa.AFxnvmd
content-encoding
br
etag
"48a6932b6e7e53651b1e1ef76e38d9f3"
age
3595
x-cache
HIT
content-length
113298
x-amz-id-2
6sHwNT95aw5XjG9iT/aFF03/eOsDf2gEKDvMcBHIeCr2Rv5Ylb8tYBLJVXu1M0W0zYmh0OEiWnw=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 18:10:43 GMT
server
AmazonS3-br
x-timer
S1620127916.970420,VS0,VE0
date
Tue, 04 May 2021 11:31:55 GMT
vary
Accept-Encoding
x-amz-request-id
DT9AG1M9XW9Z5PEB
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
66
x-cache-hits
29116
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.183.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-183-91.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:06:43 GMT
via
1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1512
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
R4PRp45P5mBIfoDCKAEjKUvoMQAn_k8yYDS5ok29yCy8da2aKQuc1g==
/
www.facebook.com/tr/ 		44 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=223621711747335&ev=PageView&dl=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&rl=&if=false&ts=1620127916031&sw=1600&sh=1200&v=2.9.39&r=stable&a=wordpress-5.7.1-3.0.5&ec=0&o=30&fbp=fb.1.1620127916022.29686195&it=1620127915566&coo=false&exp=l0&rqm=GET
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 04 May 2021 11:31:56 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1885034735&t=pageview&_s=1&dl=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&ul=en-us&de=UTF-8&dt=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=61557544&gjid=1345513543&cid=1806948570.1620127916&tid=UA-100615071-2&_gid=1812171294.1620127916&_r=1&gtm=2ou4l3&z=1012278100
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:56 GMT
content-encoding
gzip
etag
"9iaPKZLFg6XYoMRMhilE8g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 11 May 2021 11:31:56 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-100615071-2&cid=1806948570.1620127916&jid=61557544&gjid=1345513543&_gid=1812171294.1620127916&_u=YEBAAUAAAAAAAC~&z=1128600865
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 04 May 2021 11:31:56 GMT
content-type
text/plain
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620127916169&ns_c=UTF-8&cv=3.5&c8=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&c7=https%3A%2F...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620127916169&ns_c=UTF-8&cv=3.5&c8=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&c7=https%3A%2...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620127916169&ns_c=UTF-8&cv=3.5&c8=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&c7=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&c9=
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.183.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-183-91.ham50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:56 GMT
via
1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
4_SeQEfVAfnXbN9Wg3_1S0znv7OJbsStMH2B1tzZzkTpCT8im4w-tw==

Redirect headers

date
Tue, 04 May 2021 11:31:56 GMT
via
1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620127916169&ns_c=UTF-8&cv=3.5&c8=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&c7=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&c9=
content-length
449
x-amz-cf-id
nO36Uq4LFlMyvj3kDY1g0Cnd92qO9UGpgiTQsMbY9HNQEtfglLXpoQ==
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:03:14 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
age
1724
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 02:39:21 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
7-DlJnBO_k_6galO5rFh-0wlqk9ASznA0bu79frl4h7d4HJY-SHitA==
ga-audiences
www.google.com/ads/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-100615071-2&cid=1806948570.1620127916&jid=61557544&_u=YEBAAUAAAAAAAC~&z=1916287170
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-100615071-2&cid=1806948570.1620127916&jid=61557544&_u=YEBAAUAAAAAAAC~&z=1916287170
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/hillreporter-hillreporter/trc/3/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hillreporter-hillreporter/trc/3/json?tim=13%3A31%3A56.233&lti=deflated&data=%7B%22id%22%3A230%2C%22ii%22%3A%22%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1620073490558%2C%22vi%22%3A1620127916231%2C%22cv%22%3A%2220210503-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2337%2C%22qs%22%3A%22%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to%22%2C%22nsid%22%3A%22hillreporter-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dhillreporter-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2038%2C%22mw%22%3A765%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210503-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f66e3bdae7a5d3c12fa075da7cb5f351fad213a44c3dbcbdab14b3369a2008bb

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
521
date
Tue, 04 May 2021 11:31:56 GMT
content-encoding
gzip
server
nginx
x-timer
S1620127916.270619,VS0,VE521
x-served-by
cache-hhn11572-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hillreporter.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7fbc4939_d0ea5b9d_1
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7fbc4939_d0ea5b9d_1&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-9Onl4ahE2uGnOOx5RQhQvpS1cZKBW9PM~A
155 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-9Onl4ahE2uGnOOx5RQhQvpS1cZKBW9PM~A
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.184.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
440fd66ded0c98c9c1710654b4d7f4d865780613e4797f11e136d876c8580aba

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 May 2021 11:31:57 GMT
server
nginx/1.18.0
content-length
155
content-type
text/javascript

Redirect headers

Date
Tue, 04 May 2021 11:31:56 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-9Onl4ahE2uGnOOx5RQhQvpS1cZKBW9PM~A
Connection
keep-alive
Content-Length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
087b49a05824378a9dd68b9787bcddce390c8aeab26f1aef1ffd8b4993d337ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"861 / 60 of 1000 / last-modified: 1620126580"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21177
x-xss-protection
0
expires
Tue, 04 May 2021 11:31:56 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 04 May 2021 11:31:57 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
bid
ap.lijit.com/rtb/ 		115 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
16be5f81f03b388f7849f4d95aa1ca4c14b03c8da15009e85b3f6141d3a4f7bd

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 04 May 2021 11:31:56 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hillreporter.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
110
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1620127916276
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1620127916280&secure=true&version=9&mobile=false&title=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&measurable=true&property=5b32cf14d866814de2efe8c2&bids[0][bidId]=hillreporter_sticky_728x90&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
a2eac7ca47a849455bbf85ddcf23e0f9a2f06ad14568afa998bcc11375882b9c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:56 GMT
x-powered-by
Express
etag
W/"38-TH4Nrglow0firIPYA7UmTIpbzyY"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://hillreporter.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		593 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d0bb15b8866d56b330b53070057f0e74d0df60d2347c53a7ecc55d0a6de8314d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 04 May 2021 11:31:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.69:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2a741b56-9f9a-4e71-b568-c7ebf6c8e41d
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://hillreporter.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 04:56:33 GMT
content-encoding
gzip
server
Server
age
23722
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id
vpe9ay1BfhLPcNZAvOzHIEI7ChctplhqqQPnXa6Hn6-jSv7mqcssig==
bid-request
a.teads.tv/hb/ 		16 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hillreporter.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 04 May 2021 11:31:56 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=atyQyvahFzLs1Y697wSjckSR&bidId=atyQyvahFzLs1Y697wSjckSR&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:56 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wmTfpxGdWkszAANgWXjobJ9d&bidId=wmTfpxGdWkszAANgWXjobJ9d&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:56 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Mh54tRrkdVydv6NkzTPh6TsM&bidId=Mh54tRrkdVydv6NkzTPh6TsM&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:56 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=3hnZ2Mxwuf1fgs5oV1uakJFe&bidId=3hnZ2Mxwuf1fgs5oV1uakJFe&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:56 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=USp9gifDfurR5ZVN1mR6fbgV&bidId=USp9gifDfurR5ZVN1mR6fbgV&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:56 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wNHvEiUi5ASgrD66noinKccQ&bidId=wNHvEiUi5ASgrD66noinKccQ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:56 GMT
access-control-allow-credentials
true
vary
Origin
xhr
pre.ads.justpremium.com/v/2.0/t/ 		44 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1620127916298
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.177.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec1770570d1c86aedf5d9dcf1d1ead411b919d96db0562c7462caa8cddd47e93

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hillreporter.com
date
Tue, 04 May 2021 11:31:56 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
mvo
tag.1rx.io/rmp/82079/0/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/82079/0/mvo?z=1r&hbv=3.26,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hillreporter.com
pragma
no-cache
date
Tue, 04 May 2021 11:31:56 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
arj
propermedia-d.openx.net/w/1.0/ 		173 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=728x90%2C300x250%7C728x90%2C300x250%7C728x90%2C300x250%7C728x90%2C300x250%7C728x90&auid=540752001%2C540752002%2C540752003%2C540752004%2C540752005&aumfs=100%2C100%2C100%2C100%2C100&dddid=be08ccbd-762f-48f3-8dc1-8ef0e281c32b%2Ccd4f294d-f55f-48aa-bab4-178bd5b429d9%2C720020e2-ecda-47b7-8be4-70c662b1c6a9%2Cbc26e0eb-962e-49dc-a0e3-d02bae829ea7%2Cda855b60-3bf6-4940-9144-9ff112440764&divIds=openx-71f6fa89-21f4-49f0-a55c-f5eb39089173%2Copenx-a1ec226a-0a03-499f-b2d0-d683d8dc05f2%2Copenx-2d890d66-7b90-4041-ab6a-cda284676d9c%2Copenx-e10a0752-2b42-4eaf-a0d6-2fa3c7835152%2Copenx-b5f8eff6-afca-43e7-b70d-1b892373317c&be=1&bc=hb_pb_3.0.1&nocache=1620127916307&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
2b1b2cf02f686e53880822d7f48d060e9ab7c454d9e949c3186889f03545863c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:56 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hillreporter.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel;r=1677494765;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1677494765;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to;uht=2;fpan=1;fpa=P0-1421201194-1620127916323;pbcn=1;pbc=c7ecf752-4b03-47fe-bda5-53a6857191e9;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=hillreporter.com;je=0;sr=1600x1200x24;dst=1;et=1620127916322;tzo=-120;ogl=locale.en_US%2Ctype.article%2Ctitle.Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%2Cdescription.West%20Virginia%20Democrat%20Joe%20Manchin%252C%20who%20has%20been%20getting%20a%20lot%20of%20press%20recently%2Curl.https%3A%2F%2Fhillreporter%252Ecom%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%2Csite_name.HillReporter%252Ecom%2Cupdated_time.2021-05-03T16%3A25%3A46-04%3A00%2Cimage.https%3A%2F%2Fi2%252Ewp%252Ecom%2Fhillreporter%252Ecom%2Fwp-content%2Fuploads%2F2021%2F05%2FGettyImages-123134%2Cimage%3Asecure_url.https%3A%2F%2Fi2%252Ewp%252Ecom%2Fhillreporter%252Ecom%2Fwp-content%2Fuploads%2F2021%2F05%2FGettyImages-123134%2Cimage%3Awidth.1024%2Cimage%3Aheight.681
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ 		300 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Tue, 04 May 2021 11:31:56 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryivZQhdyncz0LhAwr

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 04 May 2021 11:31:56 GMT
content-type
text/plain
access-control-allow-origin
https://hillreporter.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 23:43:32 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
42505
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
9s_X3pLJ2j9sL5nJsAmA5ecj91hkxiGRfXQ5gB-vd6wTfu_O7YhchQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&pid=wvYE4ESbaJrSD&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=0&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:56 GMT
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hillreporter.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BbWDzymgJxQi7VftCfWDq9hlCQPZYA8Ox3_0genycAiNWTNeCLVaoA==
ads-beacon.js
hillreporter.com/ 		80 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hillreporter.com/ads-beacon.js?ts=38140
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/V3CykjuIU7M2.js?ts=3766
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 Eislingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
647c226cf491168b04b3ae87a1dcf648640b8affe7ee736e96ccf754276caf69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/ads-beacon.js?ts=38140
pragma
no-cache
cookie
paddos_PfVNe=1; _fbp=fb.1.1620127916022.29686195; _ga=GA1.2.1806948570.1620127916; _gid=GA1.2.1812171294.1620127916; _gat_gtag_UA_100615071_2=1; _pubcid=c7ecf752-4b03-47fe-bda5-53a6857191e9; properSessionData=eyJ1dWlkIjoiOWI2NTA5MzctN2U2Ny00YTdkLThhZmYtNjhiMjJmZWUxYTkyIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MH0=; PHPSESSID=6fe7d90f550f0e238551defc94908a45; wordpress_google_apps_login=99d61de6e2ace401aa2c0d129f65c8ed; __qca=P0-1421201194-1620127916323
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hillreporter.com
referer
https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
strict-transport-security
max-age=31536000
x-presslabs-stats
desktop
x-request-id
009e7c38b4340f8c5b0802d6ce5f1dbf
expires
Thu, 01 Jan 1970 00:00:01 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210503-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
scc9i0WjBcezJETEcKeKlmIHFeg5X8y4
content-encoding
gzip
etag
"559c107d74fc83d8062b2553a1818b07"
age
24490
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5911
x-amz-id-2
PcZdxd4MAAFykcoOHYcgyv+TEhcU7OKI7t0br8QAKbOSr4qga/V09bIEDue+m1dl1lmqkJ1sz9E=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 12:43:43 GMT
server
AmazonS3
x-timer
S1620127917.904486,VS0,VE0
date
Tue, 04 May 2021 11:31:56 GMT
vary
Accept-Encoding
x-amz-request-id
7QPCNXQEEQ4QGPWX
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
66
x-cache-hits
381949
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210503-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
16980
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11572-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1620127917.904497,VS0,VE0
date
Tue, 04 May 2021 11:31:56 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
66
x-cache-hits
195525
tfa-eid.20210503-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210503-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa875d492861f46495b4c8cd49051f6862104712fd8fe34ce63dcc351166468d

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TWesVkl3fdfm9Gmzntd9IxmdqpEhM2BZ
content-encoding
gzip
etag
"620400f4f1a04b9ffb55ea6211ba10fc"
age
24
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4867
x-amz-id-2
6VXS14UjFWX3spXlPqjbEjA10l67yb/lJ4MKA91KHZRJ/6/ZiJPrh3vlqi3UN+4jI/XmFUB/AQk=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 20:17:02 GMT
server
AmazonS3
x-timer
S1620127917.926756,VS0,VE0
date
Tue, 04 May 2021 11:31:56 GMT
vary
Accept-Encoding
x-amz-request-id
KRSCGJXKA1TKQC5E
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
205
sha256.20210503-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210503-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dae6ed92f35681ce39f4940dcf187bc969653acc8322306cddb3a884742a640e

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gcvnkT.IUvM_OQ73X7mKrDYLpFT.7s4O
content-encoding
gzip
etag
"4fed414875fe7efdf752b6cefce27471"
age
15
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
rFKEZuarumOe2+Ol+1LaEJj8MvZlEy3nNeEHBP/V+mcwnZ5+WHK0WqicaupK4I8kQCvAkrUz8C4=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 20:17:11 GMT
server
AmazonS3
x-timer
S1620127917.926885,VS0,VE0
date
Tue, 04 May 2021 11:31:56 GMT
vary
Accept-Encoding
x-amz-request-id
QP5ZHZ9AS063JYQN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
107
floating-unit.20210503-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20210503-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
899bb1382001afc08739e2fee94e9749d920a948171fcd7ef317628e34d53344

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
c180ll_FgKMZ8vMe5Jq28dW0TR6gUBBq
content-encoding
gzip
etag
"629b15d0c1b841412433ad0ddfd41740"
age
110
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2294
x-amz-id-2
m80DFYZ1mp2rxWerZvTV0WEo7lEC5uO8foN24cRQrjOPtCVQwSxi0l3Zu+Qfc6yBzdJirdEfls8=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 20:17:21 GMT
server
AmazonS3
x-timer
S1620127917.936065,VS0,VE0
date
Tue, 04 May 2021 11:31:56 GMT
vary
Accept-Encoding
x-amz-request-id
2MSEY33QW20VNXZ9
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
37
explore-more.20210503-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20210503-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
916a84b69b025d8aa42573eec1eb283354ce2cb96b6dfd743e2c6b9765807f34

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YywslGd82iofaLecp1SbFbDtxBRUZ9LM
content-encoding
gzip
etag
"4897f7988042bd841ce635c2ccee425f"
age
111
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6620
x-amz-id-2
ljd/VlnE13haV6hH4zboNjpLUvTNZVKVWVvm//FKbDSEUCkBo3YMvGPru+fKcfO8kYzoYRxCkPc=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 20:17:31 GMT
server
AmazonS3
x-timer
S1620127917.941203,VS0,VE0
date
Tue, 04 May 2021 11:31:56 GMT
vary
Accept-Encoding
x-amz-request-id
D5WKN4HMDR5N9102
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
189
feed-card-placeholder.20210503-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210503-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48991c9e2effcf30d3bbf1e91f1c3ab17919b4bfda16140fcf9af6adac2ff4ba

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IT60rf7UexA5TMi8hXXwdokA_fZMVYak
content-encoding
gzip
etag
"4b9e23b628c8c36c169d48689612fed8"
age
115
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1269
x-amz-id-2
Nrycn73TMVc6s8FW48rXMuYoIJq0SVo00dJM3VTRqnzpvtgKqSp2DNEJ1iA3KNm4cXACF8RfqN8=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 20:17:29 GMT
server
AmazonS3
x-timer
S1620127917.946416,VS0,VE0
date
Tue, 04 May 2021 11:31:56 GMT
vary
Accept-Encoding
x-amz-request-id
XAAD68NDHWFV22AC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
630
userx.20210503-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210503-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a68a99fa5e2f7dbaa1240e322bf9a26b0c907209de1d31183c81940803855c1c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yhlhYur0OS3ud63PPLx5n93jOZxaoB6y
content-encoding
gzip
etag
"d5c3897c8be11208f4494fe8ee3dc427"
age
25
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7956
x-amz-id-2
+2Q+rK2tdBky9EQI/laKUCYamGUlf1s9napreDpxcQA3qyVStlq49tOHW1GvwqtB0CmDQ5ap3Jo=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 20:16:57 GMT
server
AmazonS3
x-timer
S1620127917.987692,VS0,VE0
date
Tue, 04 May 2021 11:31:56 GMT
vary
Accept-Encoding
x-amz-request-id
B15G7H7R29NRZ931
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
49
supply-feature
trc.taboola.com/hillreporter-hillreporter/log/3/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/hillreporter-hillreporter/log/3/supply-feature?route=IL:IL:V&lti=deflated&ri=058c3d6c2da22bde2b09094c5fd62118&sd=v2_53e46f67d90f79aa7ef726c6bfefd7a0_b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c_1620127916_1620127916_CNawjgYQ3-1IGMfBmLmTLyABKAEwrgE47qgMQOnxK0iApNoDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&pi=/joe-manchin-says-he-would-have-fought-rioters-99906&wi=2054227544023747034&pt=text&vi=1620127916231&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=13%3A31%3A56.908&id=4949&llvl=1&cv=20210503-25-RELEASE&
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
pragma
no-cache
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1620127917.038975,VS0,VE58
x-served-by
cache-hhn11572-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
ga6Law1J5X9T9RW6j9bNdOwzfRmecf1I.woff2
fonts.gstatic.com/s/notoserif/v9/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfRmecf1I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7.1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5e10186cfb4ad342d76573ebc90f6c149ca65689fb31865329d1c9b291f1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 23:16:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:16 GMT
server
sffe
age
389709
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50124
x-xss-protection
0
expires
Fri, 29 Apr 2022 23:16:48 GMT
tb
15.taboola.com/ 		31 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=hillreporter-hillreporter&unitType=226&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906&encoded=1&uid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1620127917092&tagid=&cntry=PL&platform=1&sesid=53e46f67d90f79aa7ef726c6bfefd7a0&itemid=/joe-manchin-says-he-would-have-fought-rioters-99906&viewid=1620127916231&geolat=&geoing=&deviceifa=&appid=&sd=v2_53e46f67d90f79aa7ef726c6bfefd7a0_b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c_1620127916_1620127916_CNawjgYQ3-1IGMfBmLmTLyABKAEwrgE47qgMQOnxK0iApNoDUP___________wFYAGAAaLGv6bXK_ffOrQE&ri=058c3d6c2da22bde2b09094c5fd62118&appname=&cdb=&gdprApplies=true&rid=&sii=2054227544023747034&oee=true&tpubid=1193695&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=04&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1193692&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210503-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ac6ce8a1bfe22c035125ef44040be3ea2d044ff158c9a52918a07d45052ad5bd

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
content-encoding
gzip
access-control-allow-origin
https://hillreporter.com
machineid
1417
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11572-HHN
pragma
no-cache
server
nginx
x-timer
S1620127917.126976,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
GettyImages-610603372.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/GettyImages-610603372.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66cb8293061d2e2adbf2a0ba280aa184e50b4a225caa7562215e5c6ab60c133c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1088774
edge-cache-tag
300218840463463941001533324119321448307,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/GettyImages-610603372.jpg
content-length
32486
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Tue, 06 Apr 2021 04:27:12 GMT
server
nginx
x-timer
S1620127917.133410,VS0,VE2
etag
"7d833a7c53942f59b8a61debe529c7d3"
x-served-by
cache-wdc5526-WDC, cache-dca17726-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
matt-gaetz-surprise-son.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/matt-gaetz-surprise-son.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
964552efbc0c6ea6109780c56ef60f3b1f750da3d37ceedd6be243225baffb25

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
2675866
edge-cache-tag
546724955207182487732076372196325662873,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/matt-gaetz-surprise-son.png
content-length
45350
x-request-id
b6434f1ced5214cffc9d08556a991e08
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 02 Apr 2021 18:08:43 GMT
server
nginx
x-timer
S1620127917.133390,VS0,VE1
etag
"5ba3f37be1cc582e4c5c320ae19baea6"
x-served-by
cache-wdc5551-WDC, cache-dca17727-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
donald-trump-son-arrest.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2021/04/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2021/04/donald-trump-son-arrest.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ef5f080e8b7370737ef13358799e8c511950eb7552a674a03abb04ae9571f21

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
2437423
edge-cache-tag
462411192520420915402460869594436784909,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Mon, 03 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2021/04/donald-trump-son-arrest.jpg
content-length
54308
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Fri, 02 Apr 2021 17:05:03 GMT
server
nginx
x-timer
S1620127917.133379,VS0,VE1
etag
"a8e898135ab2ea94ef020202d6dd7efd"
x-served-by
cache-wdc5535-WDC, cache-dca17754-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
donald-trump-miss-moscow-kompromat.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/08/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/08/donald-trump-miss-moscow-kompromat.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16c4f109b12e909b1789636cfb11f8603d443ff6945e589e676de1e5f929d274

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1582638
edge-cache-tag
581119067824749595703660208873932690934,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sat, 17 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/08/donald-trump-miss-moscow-kompromat.jpg
content-length
16528
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Wed, 17 Mar 2021 21:27:51 GMT
server
nginx
x-timer
S1620127917.133378,VS0,VE1
etag
"135432698c7af6c452d6989466d82fa8"
x-served-by
cache-wdc5546-WDC, cache-dca17763-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
pelosi-gaetz-final.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2021/04/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2021/04/pelosi-gaetz-final.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c0d64c79308424a9f9a6e94e6aaedfe24b0bde7ea4c3744763e1f4ba7d6f6343

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1435858
edge-cache-tag
562150545858351189393740545407345650157,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Mon, 03 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2021/04/pelosi-gaetz-final.jpg
content-length
20098
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Fri, 02 Apr 2021 18:42:58 GMT
server
nginx
x-timer
S1620127917.135365,VS0,VE1
etag
"0c714a9d8e090ebb4d603bd23652b59c"
x-served-by
cache-wdc5548-WDC, cache-dca17735-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
conway.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/01/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/01/conway.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
562313bd23f06ebb62ff1a0be90112e0034e8cc35cca4bfd101e141b854297e4

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1614103
edge-cache-tag
459364329051071396208901290682828250873,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/01/conway.jpg
content-length
19262
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Tue, 06 Apr 2021 06:29:58 GMT
server
nginx
x-timer
S1620127917.143705,VS0,VE1
etag
"08e7172c224d9075fc54ec0137a0b958"
x-served-by
cache-wdc5547-WDC, cache-dca17749-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
EZmAh37XgAA-r0u.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/EZmAh37XgAA-r0u.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08494183cde4255b3766982490c25fa92b544875dec629c686664520d488a0b8

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
4463073
edge-cache-tag
394222813551010388299887913481265835926,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/EZmAh37XgAA-r0u.jpg
content-length
10642
x-request-id
66412783eeec05c58d045318a96dd49e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 10 Mar 2021 21:28:58 GMT
server
nginx
x-timer
S1620127917.200109,VS0,VE1
etag
"f5be771de8b28b44876d8cf4eea58803"
x-served-by
cache-wdc5528-WDC, cache-dca17781-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
46f8571daa508bf1cf3a450acf4eff01.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46f8571daa508bf1cf3a450acf4eff01.jpeg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
974a61a8bbc6e03fb74dc57a557a1646e9b511a43c15514b208c81e1f31c6149

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
2228873
edge-cache-tag
396335996184074034478984432475439000805,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46f8571daa508bf1cf3a450acf4eff01.jpeg
content-length
39344
x-request-id
99cfa1f102626b8374d965d6e3cd18cb
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Thu, 08 Apr 2021 15:35:58 GMT
server
nginx
x-timer
S1620127917.200092,VS0,VE1
etag
"982fa586d002eac0d7306ec277310ae5"
x-served-by
cache-wdc5555-WDC, cache-dca17733-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
PL_PP_1_1000x600_e510b417bc816e678d23c464533db1b2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/PL_PP_1_1000x600_e510b417bc816e678d23c464533db1b2.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98c538199766971a7f71b23b178c2c9ac3c050b798109699bb5047ae5c891cee

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
91
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
193503
edge-cache-tag
456033779630617706830070678856998668100,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/PL_PP_1_1000x600_e510b417bc816e678d23c464533db1b2.png
content-length
57806
x-request-id
c2f1e59891ce12bd0e239c0c8d88f5ec
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 30 Apr 2021 15:48:30 GMT
server
nginx
x-timer
S1620127917.215757,VS0,VE91
etag
"25a4dcad8239cb6da7c4c7c4491730a5"
x-served-by
cache-wdc5567-WDC, cache-dca17772-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
kaczynski.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d.wpimg.pl/2023621944-875726917/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d.wpimg.pl/2023621944-875726917/kaczynski.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
82baa6f9c3450e87452871feddf4d823652f5c07ade0d83937bde1f42c23022a

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
995
date
Tue, 04 May 2021 11:31:58 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
554269228394796527096018426619781121666,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d.wpimg.pl/2023621944-875726917/kaczynski.jpg
content-length
57750
x-request-id
3d461c5a26ae402ba6dcfb03f4bb5c4e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 04 May 2021 07:10:06 GMT
server
nginx
x-timer
S1620127917.216092,VS0,VE995
etag
"9b94e50e30a306a9829e90a7730246dc"
x-served-by
cache-wdc5573-WDC, cache-dca17777-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
abtests
trc.taboola.com/hillreporter-hillreporter/log/3/ 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/hillreporter-hillreporter/log/3/abtests?route=IL:IL:V&lti=deflated&ri=058c3d6c2da22bde2b09094c5fd62118&sd=v2_53e46f67d90f79aa7ef726c6bfefd7a0_b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c_1620127916_1620127916_CNawjgYQ3-1IGMfBmLmTLyABKAEwrgE47qgMQOnxK0iApNoDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&pi=/joe-manchin-says-he-would-have-fought-rioters-99906&wi=2054227544023747034&pt=text&vi=1620127916231&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1620127917146%7D&tim=13%3A31%3A57.146&id=4052&llvl=1&cv=20210503-25-RELEASE&
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
59
pragma
no-cache
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1620127917.186508,VS0,VE59
x-served-by
cache-hhn11572-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
EY-Qjj7U4AAPo6p.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/EY-Qjj7U4AAPo6p.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b2f7a084d598df3d0b165507e0d4fb6fb88de8cb7d6aaad00f66b5d81ac0c5e

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
746562
edge-cache-tag
527884993452665455194045710703620496070,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/EY-Qjj7U4AAPo6p.png
content-length
9112
x-request-id
2cb2a4b72a1f501cc615e45a262e5672
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Wed, 31 Mar 2021 15:37:10 GMT
server
nginx
x-timer
S1620127917.216081,VS0,VE1
etag
"00c18ec2aebdaf12ac2337b2d67adea8"
x-served-by
cache-wdc5535-WDC, cache-dca12928-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
donald-trump-mothers-days-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/donald-trump-mothers-days-1.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
58f18a82a75b50707afc2e2d1454d2748c20a825744b726a2dcf64bd90f53e4f

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1608405
edge-cache-tag
362558794399583594437214051714513806199,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/donald-trump-mothers-days-1.jpg
content-length
12822
x-request-id
92d44c859575cbb005b76eb8480f59b7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 08 Apr 2021 23:40:07 GMT
server
nginx
x-timer
S1620127917.230311,VS0,VE1
etag
"c2500d1f1aaf3aac10f967ce5f951745"
x-served-by
cache-wdc5576-WDC, cache-dca17761-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
GettyImages-1198669365.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/GettyImages-1198669365.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17d2789d83fb8541d191051353c97ee8a010e9d05cf7e96df06a468357a28ea3

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
934309
edge-cache-tag
453287221774143098417877808373634737079,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/GettyImages-1198669365.jpg
content-length
9564
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Mon, 12 Apr 2021 11:09:39 GMT
server
nginx
x-timer
S1620127917.264736,VS0,VE89
etag
"483f88fb747d91e00efee40880e093bc"
x-served-by
cache-wdc5564-WDC, cache-dca17743-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
giuliani-3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2019/10/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2019/10/giuliani-3.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ad98284a3cdd51585af0a9757abf80aff017c041f0ecdc93b87f27dbef0a012

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
4197537
edge-cache-tag
359464570858249242830633486088434832166,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
96
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2019/10/giuliani-3.jpg
content-length
13598
x-request-id
90f6dc040eedb9ee94f7afda1527f042
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Sat, 27 Feb 2021 07:31:21 GMT
server
nginx
x-timer
S1620127917.264718,VS0,VE1
etag
"caa2e936c980dda3011aa8366f6162e8"
x-served-by
cache-wdc5521-WDC, cache-dca17727-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
661f794b46e33a2088928ab9c88496dc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/661f794b46e33a2088928ab9c88496dc.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99f7867855ef8e70658ce3c108fe3ba8d393c19d9410251fb5afb71933277d35

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1054644
edge-cache-tag
428597152208307253378142853507337236301,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sun, 25 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/661f794b46e33a2088928ab9c88496dc.jpg
content-length
12300
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Thu, 25 Mar 2021 06:21:41 GMT
server
nginx
x-timer
S1620127917.274920,VS0,VE1
etag
"26f950c159205524fbf7f0e295fe7a1b"
x-served-by
cache-wdc5532-WDC, cache-dca17743-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
e7adac636a28d0a6db3d6192d1fdcf65.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e7adac636a28d0a6db3d6192d1fdcf65.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
74c0340218d6ace062201cca2c0f9f8ef0b7158ffaca8b15cc24f2a36618537a

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1733615
edge-cache-tag
361339940017412844283770757292493937932,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Tue, 04 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e7adac636a28d0a6db3d6192d1fdcf65.jpg
content-length
7126
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sat, 03 Apr 2021 23:44:35 GMT
server
nginx
x-timer
S1620127917.283626,VS0,VE0
etag
"e5b4282b2265d4c0947843791efa2487"
x-served-by
cache-wdc5561-WDC, cache-dca17748-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
f9b50dc9bd5fd78e1c04f22ae0f3561f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f9b50dc9bd5fd78e1c04f22ae0f3561f.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
786c50680f94d461218f83ea49d81227302ffb33c8237ad2e27c1b1cfedba6ff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1572204
edge-cache-tag
626131516390796093587853275875116421286,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 16 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f9b50dc9bd5fd78e1c04f22ae0f3561f.jpg
content-length
14652
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Tue, 16 Mar 2021 02:39:45 GMT
server
nginx
x-timer
S1620127917.325215,VS0,VE1
etag
"ab4b815ccc11e70b41832cbbfe4102d7"
x-served-by
cache-wdc5572-WDC, cache-dca17724-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
next-up-widget.20210503-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20210503-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea5dc8c55ab8a911b110132a82849471a063473124106d5378f6420e1564f7bf

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UWcWmFCucWcvik2Ljpv8qcTwHYq.Syvb
content-encoding
gzip
etag
"6aaa584fa134ffa749156501c8930897"
age
115
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4366
x-amz-id-2
asLmhlTSfzgIW1q6xsEr+6CLUAJj+M6Tuw0mdDSu+OFoFs2auiCHQMT8uUp0D9suau5WNH9PRAA=
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 03 May 2021 20:17:19 GMT
server
AmazonS3
x-timer
S1620127917.246235,VS0,VE0
date
Tue, 04 May 2021 11:31:57 GMT
vary
Accept-Encoding
x-amz-request-id
QXWS9Z5N51HHM3ZB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
36
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.2/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.4.2/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210503-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85e27c676e226850a78ff98a02e0afdbcb9dca1055f09b9d9820505f391b8c30

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront), 1.1 varnish
age
268069
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
27685
x-served-by
cache-hhn11572-HHN
last-modified
Sat, 01 May 2021 09:03:06 GMT
server
AmazonS3
x-timer
S1620127917.283549,VS0,VE0
etag
"8e00027fd600596c172478b7b28dd6b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
2_wGxfUhN6VVU3M_SZTRjDYoDoeToiM_iauheRKlE7F6Q66uWDHiug==
x-cache-hits
45378
s2s
eb.proper.io/ 		326 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s?proper_uid=c7ecf752-4b03-47fe-bda5-53a6857191e9
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d04fe1d061c081383d0b62b6861156429a8295ee1ffc214b2432462bca4e039

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:57 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hillreporter.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
64a167db3be5c27c-FRA
cf-request-id
09d8bf3d040000c27cbda7f000000001
expires
-1
ab6d42d5dfd8cf5c2e8e9763bdee2b48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab6d42d5dfd8cf5c2e8e9763bdee2b48.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0c6c41ef327012f2ee578c7d48e9102d9a8b3041b0dfd09a1a1dd83ac7c0369

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
979803
edge-cache-tag
329682066827957133956314277136973186639,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab6d42d5dfd8cf5c2e8e9763bdee2b48.jpg
content-length
5212
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Tue, 13 Apr 2021 05:59:53 GMT
server
nginx
x-timer
S1620127917.465155,VS0,VE1
etag
"5c90ef10ad2a279e87e7a4c2e4210a8a"
x-served-by
cache-wdc5522-WDC, cache-dca12922-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
d4efa1ec-04db-4d32-aa0e-026da3ecd846.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//iqrwa.com/content/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//iqrwa.com/content/d4efa1ec-04db-4d32-aa0e-026da3ecd846.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b42d2a2e706a9ca28d4af7fe09a3e3314447d76b7db85c62386ce529bb6f97c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
1609404
edge-cache-tag
599301248954976280347146541709223550511,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sat, 17 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//iqrwa.com/content/d4efa1ec-04db-4d32-aa0e-026da3ecd846.jpg
content-length
6272
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 17 Mar 2021 03:39:40 GMT
server
nginx
x-timer
S1620127917.465385,VS0,VE1
etag
"22a79a7ecc8fb8dc5d7a32d6d77cd029"
x-served-by
cache-wdc5551-WDC, cache-dca17779-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
e365c8230ce9f10d2685dd030fb6a646.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e365c8230ce9f10d2685dd030fb6a646.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
312730480b85341db68e149f2f19806d8dee31be4119ef59c62a4c1e5271ac50

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish, 1.1 varnish
age
64097
edge-cache-tag
443934776865197609139215185408494851649,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e365c8230ce9f10d2685dd030fb6a646.jpg
content-length
4250
x-request-id
8b4b1a00f7a746c7bce5839d2c2e827b
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Thu, 29 Apr 2021 16:50:23 GMT
server
nginx
x-timer
S1620127917.465525,VS0,VE1
etag
"a148a93cef5d160e77a9d7625800c508"
x-served-by
cache-wdc5550-WDC, cache-dca17763-DCA, cache-hhn11572-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
integrator.js
adservice.google.pl/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=hillreporter.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hillreporter.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3322899586406933&correlator=4477855122601018&output=ldjh&impl=fifs&eid=31060735%2C31060795&vrg=2021042801&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210504&iu_parts=5376056%2Chillreporter_leaderboard%2Chillreporter_content_1%2Chillreporter_content_2%2Chillreporter_sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%7C300x250%7C728x90%2C320x50%7C1x1%7C300x250%7C336x280%7C728x90%2C320x50%7C1x1%7C300x250%7C336x280%7C728x90%2C1x1%7C728x90&fluid=0%2Cheight%2Cheight%2C0&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D4592%26proper_site%3Dhillreporter%26proper_slot%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D4592%26proper_site%3Dhillreporter%26proper_slot%3D2%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D4592%26proper_site%3Dhillreporter%26proper_slot%3D3%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D4592%26proper_site%3Dhillreporter%26proper_slot%3D5%26proper_sticky%3Dtrue%26proper_floor_320x50%3D0.75%26proper_floor_728x90%3D1.00%26proper_floor_160x600%3D1.00%26proper_floor_320x100%3D0.75%26proper_floor_sticky_horizontal%3D1.75%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620127864&dt=1620127917563&dlt=1620127914871&idt=1692&frm=20&biw=1600&bih=1200&oid=3&adxs=340%2C418%2C418%2C800&adys=226%2C391%2C888%2C4&adks=2004394596%2C3596030282%2C3707461873%2C4241150287&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to&vis=1&dmc=8&scr_x=0&scr_y=0&psz=920x21%7C765x21%7C765x21%7C1600x-1&msz=920x1%7C765x1%7C765x1%7C1x-1&ga_vid=1806948570.1620127916&ga_sid=1620127918&ga_hid=1885034735&ga_fc=false&fws=0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
03df0c2786bb5987c9ffb05114ed3b9fbeadfe828a1865b0b4a6492319ff2054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7804
x-xss-protection
0
google-lineitem-id
2151234376,2151234376,2151234376,2151234376
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138203123584,138203123426,138203123761,138203123254
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d0be4e4347b421f73fd5201b84c6325.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3d0be4e4347b421f73fd5201b84c6325.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
st
imprammp.taboola.com/ Frame 236E 		973 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=undefined&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1534696EF117392487932212325&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=undefined&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1534696EF117392487932212325&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish
x-served-by
cache-hhn11572-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1620127918.705441,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 2930 		973 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

server
nginx
date
Tue, 04 May 2021 11:31:57 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3403
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1620127917688&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1223&pt=893439347&tz=120&viewable=true&ddast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3815bab549477501679f095b62dcd07095e5c60936c37bb58e834a83c6602394

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
content-encoding
gzip
access-control-allow-origin
https://hillreporter.com
machineid
1464
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11572-HHN
pragma
no-cache
server
nginx
x-timer
S1620127918.723460,VS0,VE118
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=31589837&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1620127914378.8762!ts:1620127917667&mntl=1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 236E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=undefined&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1534696EF117392487932212325&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 236E 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=undefined&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1534696EF117392487932212325&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:9e4c:4287:35ff:53db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame 236E 		0
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=undefined&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1534696EF117392487932212325&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 236E
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=55e4d24e-accc-11eb-9944-1a377c5d0306&orig=video&us_privacy=1---
0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=55e4d24e-accc-11eb-9944-1a377c5d0306&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=undefined&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1534696EF117392487932212325&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Tue, 04 May 2021 11:31:58 GMT
server
nginx
x-fastly-to-nlb-rtt
21337

Redirect headers

Date
Tue, 04 May 2021 11:31:58 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=55e4d24e-accc-11eb-9944-1a377c5d0306&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
122
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 236E 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&cmcv=&pix=undefined&cb=1620127917667&uv=2963&tms=1620127917667&abt=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1534696EF117392487932212325&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.146.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-146-86.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/29_6_3/infra/ 		624 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_6_3/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
34d956fbe769d5f28df24429d0e8ff6278b9abf435fd6537d8be621280309bb2

Request headers

Origin
https://hillreporter.com
Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
via
1.1 varnish
age
90432
x-amz-meta-mtime
1620037365
x-cache
HIT
x-amz-meta-ctime
1620037366
x-amz-meta-mode
33188
content-encoding
br
content-length
108251
x-amz-id-2
cyudl+0BnrHaQ/k+y2dd6Koa6DqLgM7ZGjKDkeDYoaBBi39QZQ26uAfEk72SKz0mEAwBBsB8NP4=
x-served-by
cache-hhn11520-HHN
accept-ranges
bytes
last-modified
Mon, 03 May 2021 10:22:47 GMT
server
AmazonS3-br
x-timer
S1620127918.023353,VS0,VE0
etag
"746fc31d4c33a484aaa333e923657c4c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
3SV4CQXKN5G683XS
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
17932
cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_6_3/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_6_3/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
949df1ccf23d571822752903501ed230b592bc352ba1dd90cee047ba37273d76

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
via
1.1 varnish
age
90432
x-amz-meta-mtime
1620037414
x-cache
HIT
x-amz-meta-ctime
1620037415
x-amz-meta-mode
33188
content-encoding
br
content-length
7950
x-amz-id-2
KpINPskim0DPAMZ6/vy30YD04DqZyz0xCbIbxnBA/l/2UnpPTqqIycOyIrh+854MWGkJ2TMTcbY=
x-served-by
cache-hhn11572-HHN
accept-ranges
bytes
last-modified
Mon, 03 May 2021 10:23:36 GMT
server
AmazonS3-br
x-timer
S1620127918.921749,VS0,VE0
etag
"76a50a41a99b62149876849065851fe4"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
3SV0VCBRDA22AM77
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
78040
generic
match.adsrvr.org/track/cmf/ Frame 2930 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 2930 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:9e4c:4287:35ff:53db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame 2930 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 2930
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=55edef9e-accc-11eb-8527-1e5bf6c20306&orig=video&us_privacy=1---
0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=55edef9e-accc-11eb-8527-1e5bf6c20306&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Tue, 04 May 2021 11:31:58 GMT
server
nginx
x-fastly-to-nlb-rtt
21337

Redirect headers

Date
Tue, 04 May 2021 11:31:58 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=55edef9e-accc-11eb-8527-1e5bf6c20306&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
82
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 2930 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.146.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-146-86.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 3FC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhikQA1T5eotMJR6WT_GkktZu-snSoUlG1-1x7SK6gv1nhdEMzdfqRThKtNdxcj7jedtD1303e_HE6Cn0grZ2AXqiQI6_j4zAU2--uDS3DcziPhKroxkixHHpLHGda5tTWYOTXA_looSezhwY-HDwEcjXaeKkPZzmg60bPfLPuHDUPmuT-QPCCZFOH2yqXRavAkgs58HdS5XmkBrQEDZ12JSem-XWJjpIlj4Qj_VKXIZgdstdCTeNPV6AyRnSO9TSO6_MjMz8Opsh3S596AI-vHNf3KpgXh7g4iwIlrCHlRaFWPpEaDglRfQghlhIb&sai=AMfl-YRnzNvy9fwu_UYV9oZ1-48DHwZRRXcY6pIk39bu6chHg1fiCf2I86BocnGfpn37HOkoal_ekV4_IlOyKCh0yzrWT_d9yVui4DICTbO6c0BnRKpZW8k4xGveKYd5nQk&sig=Cg0ArKJSzPKQT_x5hBtqEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 04 May 2021 11:31:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3FC5 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Tue, 04 May 2021 11:31:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F580 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4x4Stx-YvcX8gmoOnLns-YtTk_hrAH-cTH1TTpNjzLc3X28DEVpuSuO67i_JxEYsE_fyDgmCH3X376FOgMR9RGyAogUBRekzRNaJJnqSm__Pq91Fd4G-CAPLWRxMOv5uODeUahS2yNd7R6gCrkjrdBxGfC-8w1Q0KBSB-iUKWbqTVRysDBUExYpesMNX2315iJbKA4Ui9GtAbN7JpoH4p6-VJc1MvKuBEHcXx7Q7G23n-EzK88Db28g-QDtqS-QyyBMEvs7nZpuFb-QMB-5Sev0hqDNUiagIXc_oZPv81hFIHBL6wPm6xm8o0eA&sai=AMfl-YRVoNl9z3hDCjl5gJKP1DD9BZTxFDJncWmMndh0dnKT_H7Jh3mo9yhTbtUaj5lWkt1XrTxFaPHEArTjBWDpwVy6-zOeyXhH7L9inz5x_M4ccY_Nz55UYcacwg9qGJ8&sig=Cg0ArKJSzBEjvmX8Jka-EAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 04 May 2021 11:31:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F580 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Tue, 04 May 2021 11:31:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3Cit5c5UuhI-zjtLkxeBLJGdI-R-W1dWxvrGf6gFF_KvNakwb1fobY_ecy2DJkMzXHFL1TlOcN8H8KxCeqgbqGl4JzZA6zC6y7n-SynB5mbrVx1ic2S0i4o0n0dgyenmHAIIYlVKrHfPOzU5jKe9Va240fqPq3Q_evme2x5ANIjrOSuhsRQQoCReszyNdQC2Gwv180lAGoxKAc8khAsgII_TChfd5AQSnnEWaOSEaw2USFf-jChKRBX8HY052gAtpmqygpVXf4sTz0mK9woDskliJj-Q16BXsU5EHZ_jE_NPjrLWxq3whZG70tw&sai=AMfl-YTqmOuIzydayGzMz4L90wQDz8phrlVBGaxEmJ6XAv3mnokJQD6R3H_RO4UxAit57qvJOhXyxTFLmI4XcD7ZISRQjmbRjbbOIx_fDb5-Um2ta3I4-lrJKYpokZB_XlY&sig=Cg0ArKJSzD3geDjZaxWhEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 04 May 2021 11:31:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE2B 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Tue, 04 May 2021 11:31:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7841 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHzQ14iVwD3A_qvFR1IfFyJ09Hbd0cNMxCTn3ensnA1Ymlp-CCedNrOgydQeNV17PCVR5ujrI1fRBCsYbHCCfegiPaJ4ydwJot3MqOpBCa6X5CRa6bGO441Om3wI36lBnYZYDXtcNlJlVgvbg_FRVfKkY4p-I8Buf14PlRnvJmCtKoYF7pM67LoNYWkmtzJQGZjJm1Ta9Aq2zWA2oYDAH3V4WhYUc8b-Oqm1FP4aSYrY5t6tHB15sFslyI-TlSc2yk1AYMzHEUwEENHXkiGCb5ILaBuxLNqvdfG9-ZD3lRbSk235EEzgNVTA&sai=AMfl-YTkdCUix3Fx_b563Uzh5JNLGRyTURx4ZRlwsIBNn5D8M4slXUW_BN8XsekEqcRTaPla6DvubUc3peKIp-2ptpRUgKI470NJgdhUssYUdEAwtH9A5RNMLyyaIpK0DA0&sig=Cg0ArKJSzLkFc_7yNP4jEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 04 May 2021 11:31:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7841 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Tue, 04 May 2021 11:31:58 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056503243602"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Tue, 04 May 2021 11:31:58 GMT
bulk
trc.taboola.com/hillreporter-hillreporter/log/3/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hillreporter-hillreporter/log/3/bulk?route=IL%3AIL%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210503-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
65
pragma
no-cache
date
Tue, 04 May 2021 11:31:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1620127918.420125,VS0,VE65
x-served-by
cache-hhn11572-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
14198
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1620127918.420407,VS0,VE0
date
Tue, 04 May 2021 11:31:58 GMT
x-amz-request-id
BZA2MM8GAVQZA74K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
88
x-cache-hits
23839
PMS.js
vidstat.taboola.com/PMS/3.2.2/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_6_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront), 1.1 varnish
age
4983253
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-hhn11572-HHN
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1620127919.527740,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
RuZTYf9ZWA96SQeo8HHRHLcCv200QVgjNg5SQ7cxYBxr9Ka4rjgQ-w==
x-cache-hits
11604199
truncated
/ Frame 3FC5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de5d9185ebb22baaabf8b2e1b4f83cd96e4508439edaf99d90305c5575f6f1e4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3FC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrK6xrsF4_yvdxbex9qT9ojhK4AIvCZJbOpo6MncJqBoOic93AouMstmUNAtYmGuzD-SB-rA4X4w7D8WkAX-yLrkA9AkBYMbzduPTEmb5EAB1xgIx7IX3hUpc0jjBDDBclSmGo_DcMrVS_IrexaXQAgP3wYbCvrEg08wYQ4sl-RGnWktWtShjd4l2oLrySZdU-NTz2iyY_oLPro-nibAT6QaKWAQbBE2kwe7rG1V5fPCz4KVKgTb2VGydBvYTojIY7C3hLm0fnrRGmNeAF9lu4jhESCQEe4cjnnA0S_E1GrlV0sGSCEqUQLYIyY5nzl0A&sai=AMfl-YTewED8CtU59gIBPWENNQVCOCg9An0jWlodzWm31yPZzrOq7bM56dwra8Sy-qU5hJbWG1rcxhamkMCLWxHOGhom02J7HhdAEdWJko9KtNrXRwmv9KwM3rxjbvzae3Y&sig=Cg0ArKJSzCVS-swGMOKsEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 04 May 2021 11:31:58 GMT
truncated
/ Frame F580 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b503eb7fa98490d29b88c957cba6a16b214703c5f3d344fd6dcf064790b7d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F580 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdB1e5Qf7H4BRO7BRFlwZqghnSP5W2XkRXQcdXJfn_0aikCc4FzN0kSUH5sxAQlC_mjQrQ6NEfEX1sRcfqSxZi8H7c85bD_yEIktz5p9qHSSE2rUmNAfpmtvD-CzZCAw4g5SqintwH81orErVbMKBo20-Q-So0foCDyd420mlZmoLA6CSCJVZWvlWk5awhJg3hGttBgStBA_0jPcebBVgwHUJVpggWDjVVHaU5drwwgsxjxyWcfVJpsUHmv1IaCKY4avqOMHoEcQg4T8TB_XUkHCSikSRELNO15IW6lgKO8zk9bnT663cQfY1mnWHo&sai=AMfl-YTimBoUWcjbMdVgEch9avxJ9WgtUL5v2bVXOiQsiJQvl0bPofDWhg3bdmp9Q4I2SXqA7TmN6ScGDiwfgob8pBIw42Z5dt4eAQ8SYdyqJN-l8rpZSlGMmtjGepDScXw&sig=Cg0ArKJSzK4Ir3NyFFB0EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 04 May 2021 11:31:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7841 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6T6GyL12Yys8tflQRWtLth4GcR7j0VYsPDk0QXMsKg1hO5pzUs2L_2bmfpD8V6V7S9p0zwPytJ-7iLscHFLpbXXBRgNRDpasPOOxxhsowi9Rnu9Y21UN8IkyGFyxjxpI7JKllsXTpwmzFBsgiv9KX5mBjoO4-886gGyJAXpHU29wPmUmE-IoSWnf8bm2pFLhR1SD16aNdThb04yDU-aXzpaLrpx8V2fLrt9VDcWX-DMC2XrAOe5TKwpHdZduG5i9n3rH-6f5D4lWqwSbNOCCSjwWAtJaeoLUVENh4twhnWP3Y8GEuqfRWDu7j&sai=AMfl-YSr6y4ch8SY21BUnwf_mCGYk1KVe3L9kA4_yrz6WkDqBaw700nBvXagBX9xHM7d4CYGdFfdePrGl_QkBAdPkdM4TUtLZsRlxBvRNcIi1jXf8xyhVsAYG0QzmGJ4qfQ&sig=Cg0ArKJSzI8agyOkVUf0EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 04 May 2021 11:31:58 GMT
truncated
/ Frame DE2B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04a79056d51076ba7b2183599b71cd5fd6f40b84ca218de2d5121979c7edb1a0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame DE2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteRhXelqGMf8xYY8ZE-9RcfNjMzM_Aj7RC7JgIH85EYUCtPC4s9oP20R6J22N8tNS8GAksiMyWlA9ArNcty6piQYeZ9R85IzYjmm7Fmme48Gvqqp-0D8C_JQBOYu84jTey9w4Et0DaSxL5I4j_Vx1FYN7xOWOYmDBRv8ArOvm0Kg_fQh-gKjimZVaXnacPrsKmJLfTBEiepfAhfppDrxEujjXhqMYXfBqfl9LvMctyTeFqTSDHQGbswn33FZ7LypsI8qA0ZajQNoZ3OBi_u7q9YxlewyhcdK7vccxWYT5jc4khWK4_rtGvygKjxr5k&sai=AMfl-YRzO17UhQW6EjdBxz9hdUeUUFbN_UIDBSTB5TUfbZDOPMc9z8YFf07mUGU_tGCWV3guPAm-pOKZVO4LJOif7Bf0seIcxC0KUF7kI1E3hXJUiPOqWTZD7w27Hv0B4qA&sig=Cg0ArKJSzLbdp-9lE9nIEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 04 May 2021 11:31:58 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 04 May 2021 11:31:58 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_6_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age
2219562
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-hhn11572-HHN
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1620127919.938064,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits
941387
oppsula.js
vidstat.taboola.com/oppsula/1.3.8/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_6_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront), 1.1 varnish
age
4392013
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
5164
x-served-by
cache-hhn11572-HHN
last-modified
Tue, 14 Apr 2020 06:07:12 GMT
server
AmazonS3
x-timer
S1620127919.941380,VS0,VE0
etag
"328b70146f77a19d2bc0172c656d921e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
mX0WwlTmUO4x6xuR8DDLZg909FJ4TvyaVteRGEevDZZ-WfTsdjHQoQ==
x-cache-hits
12774237
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_6_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:58 GMT
via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront), 1.1 varnish
age
3714182
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn11572-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1620127919.942619,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
duXZV0i4ZSVC1-tAr6cZHFunN-GB24YQyZTOQIqiUhVHBP_fxBkvMQ==
x-cache-hits
9336653
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.2.3/ 		547 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_6_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
076685d37633a9eb76c08c31be51329a3731fe62afc957155a79054fedeb96e5

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:59 GMT
via
1.1 varnish
age
95248
x-amz-meta-mtime
1620032594
x-cache
HIT
x-amz-meta-ctime
1620032608
x-amz-meta-mode
33188
content-encoding
br
content-length
114331
x-amz-id-2
c2nOPdRwVFCduA3vyOLuv98BK6nPorV7I+hrOanU+yW41F+6iwBG0CWnuS83l9WvkIhcIV0OIdQ=
x-served-by
cache-hhn11572-HHN
accept-ranges
bytes
last-modified
Mon, 03 May 2021 09:03:29 GMT
server
AmazonS3-br
x-timer
S1620127919.023259,VS0,VE0
etag
"ec7d5f98c32e5a34fe3c9005921f72ba"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
SZY8DQN927FMPW5Y
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
95002
sync
am-match.taboola.com/ Frame B095 		980 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_6_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
248ccb60ff73ec7c27ca22bbfe068770600c60bfc1cf44155fd2b77859d4e9de

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

server
nginx
date
Tue, 04 May 2021 11:31:59 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3403
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 04F3
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0a8577cb-80f4-45c4-8af7-c0b366843ff1
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0a8577cb-80f4-45c4-8af7-c0b366843ff1&tbid=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&query=taboola_hm%3D0a8577cb-80f4-...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0a8577cb-80f4-45c4-8af7-c0b366843ff1&tbid=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&query=taboola_hm%3D0a8577cb-80f4-45c4-8af7-c0b366843ff1&isDirect=0
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1620127920.820114,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11572-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0a8577cb-80f4-45c4-8af7-c0b366843ff1&tbid=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&query=taboola_hm%3D0a8577cb-80f4-45c4-8af7-c0b366843ff1&isDirect=0
tbl-x-upstream
10.41.22.84:10213
date
Tue, 04 May 2021 11:31:59 GMT
server
nginx
x-fastly-to-nlb-rtt
21343
sd
u.openx.net/w/1.0/ Frame 04F3
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent=
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent=
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent=
date
Tue, 04 May 2021 11:31:59 GMT
via
1.1 google
server
OXGW/16.206.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync
dsp.adkernel.com/ Frame 04F3 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=281&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:15 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
sync.php
pixel.rubiconproject.com/exchange/ Frame 04F3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 04F3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Uh19DSrH07wb&ev=1&orig=trc&pid=562107
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Uh19DSrH07wb&ev=1&orig=trc&pid=562107
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Tue, 04 May 2021 11:32:07 GMT
server
nginx
x-fastly-to-nlb-rtt
25716

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Uh19DSrH07wb&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
getuidnb
ib.adnxs.com/ Frame 04F3 		43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:31:59 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid
86015c32-6a6d-41c9-95ea-9970838f9eae
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 04F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO-8K-5APf36M4g_mErxK8U&google_cver=1
0
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO-8K-5APf36M4g_mErxK8U&google_cver=1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Tue, 04 May 2021 11:31:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1620127919.489736,VS0,VE58
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11572-HHN

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO-8K-5APf36M4g_mErxK8U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 04F3 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c:$UID
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:03 GMT
X-lat
lhrpug008:0:517
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 04F3
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&google_tc=
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=b4473e7a-a2f8-4e10-8ab1-93598b3eb70c-tuct78ab62e&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 04F3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bef41988-bc2b-4e6f-8987-ebec0ca8fcd4
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bef41988-bc2b-4e6f-8987-ebec0ca8fcd4
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Tue, 04 May 2021 11:31:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1620127920.555848,VS0,VE58
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11572-HHN

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bef41988-bc2b-4e6f-8987-ebec0ca8fcd4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 04F3
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:00 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:00 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 04F3 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-bdsjx
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 04F3 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent=
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 04F3 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:03 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 04F3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=335be804-efab-4f4c-89cd-6decf1caf976
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=335be804-efab-4f4c-89cd-6decf1caf976
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Tue, 04 May 2021 11:32:02 GMT
server
nginx
x-fastly-to-nlb-rtt
26340

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=335be804-efab-4f4c-89cd-6decf1caf976
cache-control
no-cache
date
Tue, 04 May 2021 11:32:02 GMT
server-processing-duration-in-ticks
3101
content-type
text/html; charset=utf-8
content-length
222
expires
Tue, 04 May 2021 00:00:00 GMT
2.gif
id5-sync.com/cq/464/124/6/ Frame 04F3
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO66VfeqAahuh5Tqryb9TDv8P-uiOvwTHD8DZA7w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO66VfeqAahuh5Tqryb9TDv8P-uiOvwTHD8DZA7w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=72960dc3-4e53-44c7-9623-ae285ac2eab5&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/cq/464/124/6/2.gif?puid=72960dc3-4e53-44c7-9623-ae285ac2eab5&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:31:58 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/cq/464/124/6/2.gif?puid=72960dc3-4e53-44c7-9623-ae285ac2eab5&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
date
Tue, 04 May 2021 11:32:01 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 04F3
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=rUPWSnZ_D8288csPsTCRYA
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=rUPWSnZ_D8288csPsTCRYA
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Tue, 04 May 2021 11:32:01 GMT
server
nginx
x-fastly-to-nlb-rtt
27048

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=rUPWSnZ_D8288csPsTCRYA
date
Tue, 04 May 2021 11:32:01 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 04F3 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Tue, 04 May 2021 11:31:38 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 04F3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=68d98451-58c0-4ee1-88b9-a4cc66756637
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=68d98451-58c0-4ee1-88b9-a4cc66756637
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=93473cde-911f-4508-8d08-eab5be7c5213&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=68d98451-58c0-4ee1-88b9-a4cc66756637
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=68d98451-58c0-4ee1-88b9-a4cc66756637
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Tue, 04 May 2021 11:31:59 GMT
server
nginx
x-fastly-to-nlb-rtt
21342

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=68d98451-58c0-4ee1-88b9-a4cc66756637
date
Tue, 04 May 2021 11:31:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
577f1ef4-6a1e-421a-825a-f70584044826
https://hillreporter.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://hillreporter.com/577f1ef4-6a1e-421a-825a-f70584044826
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
fb455bc5-c34d-42e6-84cc-becb65a4e27d
https://hillreporter.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://hillreporter.com/fb455bc5-c34d-42e6-84cc-becb65a4e27d
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
sync
taboola-supply-partners.tremorhub.com/ Frame B095 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:9e4c:4287:35ff:53db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:59 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame B095 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame B095 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:59 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame B095 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.146.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-146-86.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:31:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 2587
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 May 2021 11:32:00 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Tue, 04 May 2021 11:31:59 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
activeview
pagead2.googlesyndication.com/pcs/ Frame 3FC5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstryCyDAaPETAQrWhhrHysLBZgRLZh9JlcMJL8wA4YFjdKPwBr6W3aUZiQ6amYRzzpUxNFMhss5uKmtEM2ny3c2mocR8U0DsMqgQ4MK5ug&sig=Cg0ArKJSzLeLBXy3XDFXEAE&id=lidar2&mcvt=1006&p=226,800,227,801&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2004394596&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1620127918336&dlt=0&rpt=477&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F580 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMFWAyL52vPu1Y67Pbf25XxwSMstQIinAoe2xlFfjhlZkjzieoaZL-kniHhLirR3nQVjuCIwsG9hSHFUjvEe-lQodiziMw2LGks88m--I&sig=Cg0ArKJSzP0t0_srLl9rEAE&id=lidar2&mcvt=1002&p=391,800,392,801&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3596030282&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1620127918339&dlt=0&rpt=465&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DE2B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5N0rbcWilmY615L5lyrj7RLCWxonPwCqt9BqtVRqSWH4TGJQZUyu8Gz3uEERT21te1z_kDfa0vklTR1fz5LxsldCthTjR-kas1OtPIcU&sig=Cg0ArKJSzGoczIPFyWbPEAE&id=lidar2&mcvt=1005&p=888,800,889,801&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3707461873&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1620127918339&dlt=0&rpt=470&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:31:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2587 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9977
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Tue, 04 May 2021 14:18:17 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2587 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8434 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 04 May 2021 11:32:01 GMT
Age
31385259
X-Served-By
cache-lga21949-LGA, cache-fra19166-FRA
X-Cache
HIT, HIT
X-Cache-Hits
652004, 742386
X-Timer
S1620127921.405366,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame EC61 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 04 May 2021 11:32:01 GMT
Connection
keep-alive
iframe
mantodea.mantisadnetwork.com/prebid/ Frame BCCA 		332 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620127916160&secure=true&version=9&mobile=false&title=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
98df0c08f0bcc86bd3397315ef1b9a24ea5593c6e753dc4afcc2d476b671432e

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-120&buster=1620127916160&secure=true&version=9&mobile=false&title=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

date
Tue, 04 May 2021 11:32:01 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"14c-5/YnmpJZOJCTzWRJvyoFAmZHKIs"
index.html
cdn.districtm.io/ids/ Frame D510 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

date
Tue, 04 May 2021 11:32:01 GMT
set-cookie
__cfduid=d48feade8cc491e1ee6e8e718e17fa8071620127921; expires=Thu, 03-Jun-21 11:32:01 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
09d8bf4d2a0000011d07aa9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64a167f50bd1011d-AMS
Cookie set check.html
biddr.brealtime.com/ Frame 216E 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Date
Tue, 04 May 2021 11:32:01 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d048bc28143632e58e70a0a9ddd809f571620127921; expires=Thu, 03-Jun-21 11:32:01 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
TbU7+yzfDH91yM7VEhnmJ9E9h3lSNIMTdpc6Bvd6SS2kV+U2BANWAwb92QDmUbs8n2XpkbFT7eo=
x-amz-request-id
6ABKPVGKJW10GS23
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2379
Expires
Tue, 04 May 2021 11:33:01 GMT
Cache-Control
public, max-age=60
cf-request-id
09d8bf4d220000fa6cf707a000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
64a167f50df4fa6c-AMS
Content-Encoding
gzip
quant.js
secure.quantserve.com/ Frame BCCA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620127916160&secure=true&version=9&mobile=false&title=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:01 GMT
content-encoding
gzip
etag
"9iaPKZLFg6XYoMRMhilE8g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 11 May 2021 11:32:01 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame BCCA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=c0778bfc-aee8-4109-9975-1fc806ef2157
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=c0778bfc-aee8-4109-9975-1fc806ef2157
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620127916160&secure=true&version=9&mobile=false&title=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:01 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=c0778bfc-aee8-4109-9975-1fc806ef2157
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
bounce
secure.adnxs.com/ Frame 8434
Redirect Chain
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
0
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/joe-manchin-says-he-would-have-fought-rioters-99906?_hsmi=96965274&_hsenc=p2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:01 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid
68aa0e14-aa75-47d6-9fef-8d86999762fb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:01 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid
95093b2f-ed87-44d8-b65c-80513e0ec8b6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rules-p-8p-p7hkcWNjJm.js
rules.quantcount.com/ Frame BCCA 		3 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8p-p7hkcWNjJm.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 12:22:49 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
age
83353
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:14:17 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
T24TqNYz9exU87Kfj6J8SH5TAPIRoofvt0xL72JP3a2g5woUCz0Qjg==
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame A46E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9dab71b5d30badc235f953ffc2a0abeab3b561c81640541f86d06dc019825ead

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YJEwsYOQIBZA7Yz8Yd8imQAA; CMPS=1155
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|111|188|3|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1734
Expires
Tue, 04 May 2021 11:32:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 04 May 2021 11:32:02 GMT
Connection
keep-alive
Set-Cookie
CMID=YJEwsYOQIBZA7Yz8Yd8imQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 11:32:02 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 11:32:02 GMT CMPRO=1162;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 11:32:02 GMT CMST=YJEwsmCRMLIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 05 May 2021 11:32:02 GMT CMRUM3=e6609130b227600&bc609130b205a00&f1609130b205a0&6f609130b205a0&be609130b205a0&27609130b20b40&03609130b205a0&2d609130b205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 11:32:02 GMT

Redirect headers

Server
Apache
Content-Length
339
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 04 May 2021 11:32:01 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 04 May 2021 11:32:01 GMT
Connection
keep-alive
Set-Cookie
CMID=YJEwsYOQIBZA7Yz8Yd8imQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 11:32:01 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 11:32:01 GMT
pixel;r=452843690;labels=property.5cd4a43e83eac200087e1fc0;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1620127916160%26secure%3Dtr...
pixel.quantserve.com/ Frame BCCA 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=452843690;labels=property.5cd4a43e83eac200087e1fc0;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1620127916160%26secure%3Dtrue%26version%3D9%26mobile%3Dfalse%26title%3DJoe%2520Manchin%2520Says%2520He%2520Would%2520Have%2520Fought%2520Rioters%2520%257C%2520HillReporter.com%26url%3Dhttps%253A%252F%252Fhillreporter.com%252Fjoe-manchin-says-he-would-have-fought-rioters-99906%253F_hsmi%253D96965274%2526_hsenc%253Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to;ref=https%3A%2F%2Fhillreporter.com%2F;uht=2;fpan=1;fpa=P0-145546426-1620127921512;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=mantodea.mantisadnetwork.com;je=0;sr=1600x1200x24;dst=1;et=1620127921511;tzo=-120;ogl=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620127916160&secure=true&version=9&mobile=false&title=Joe%20Manchin%20Says%20He%20Would%20Have%20Fought%20Rioters%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fjoe-manchin-says-he-would-have-fought-rioters-99906%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_pQUNkdWBImurPETts0D0gt392z0vlZOl-JeJFTpidw4UniZHIcF3PsTEQ4ICAjhQecNU5S1o5Ol6I0LRlEyir5xW_bWW7oYnzUZkZHHWQLt1I3to
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A46E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJEwsYOQIBZA7Yz8Yd8imQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbClltj2XCEfRzgO3AFh_Y&google_cver=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbClltj2XCEfRzgO3AFh_Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 May 2021 11:32:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbClltj2XCEfRzgO3AFh_Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A46E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEIKsobtN0YGZmytXfkXbvrk&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEIKsobtN0YGZmytXfkXbvrk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 04 May 2021 11:32:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEIKsobtN0YGZmytXfkXbvrk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A46E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:05 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:05 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJEwsYOQIBZA7Yz8Yd8imQAABIoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A46E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJEwsYOQIBZA7Yz8Yd8imQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
match
c1.adform.net/serving/cookie/ Frame A46E 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:03 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
CookieIndex
rtb.adentifi.com/ Frame A46E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame A46E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b2f26091-30b5-4b00-a1d8-8967fd26a316&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b2f26091-30b5-4b00-a1d8-8967fd26a316&gdpr=1&gdpr_consent=&C=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b2f26091-30b5-4b00-a1d8-8967fd26a316&gdpr=1&gdpr_consent=&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 May 2021 11:32:05 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b2f26091-30b5-4b00-a1d8-8967fd26a316&gdpr=1&gdpr_consent=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
328
Expires
Tue, 04 May 2021 11:32:05 GMT
getuid
ib.adnxs.com/ Frame A46E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A46E 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YJEwsYOQIBZA7Yz8Yd8imQAA%261162
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hillreporter.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3269
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 May 2021 12:26:31 GMT
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 65D4 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=az7wbg1620127916243
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.177.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9573a8f6e1414b1fd532c59aaddaf536b39463c7e223b3884e7acd9b80f50923

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?_c=az7wbg1620127916243
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

date
Tue, 04 May 2021 11:32:02 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
showad.js
ads.pubmatic.com/AdServer/js/ Frame EB6F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131666
Expires
Thu, 06 May 2021 00:06:28 GMT
Date
Tue, 04 May 2021 11:32:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D33E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 May 2021 11:32:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
sync.teads.tv/ Frame A11C 		153 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?gdprIab=%7B%22status%22%3A12%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

content-type
text/html; charset=UTF-8
server
akka-http/10.2.3
content-length
153
expires
Tue, 04 May 2021 11:32:03 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 04 May 2021 11:32:03 GMT
set-cookie
tt_bluekai=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Wed, 05 May 2021 11:32:03 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None
sync
eb2.3lift.com/ Frame AB41
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.72.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-72-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
99855dce793df375b8faf849aa3959e8e21c3769ef6cdf03fe233b0297907437

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=7070517234066296957
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

date
Tue, 04 May 2021 11:32:10 GMT
content-type
text/html; charset=utf-8
content-length
478
set-cookie
sync=CgoIgQIQ_bGZuZMvCgoIkQIQ_bGZuZMvCgoI4gEQ_bGZuZMvCgoIkgIQ_bGZuZMvCgoI5gEQ_bGZuZMvCgoIhwIQ_bGZuZMvCgkIOhD9sZm5ky8KCQgLEP2xmbmTLwoJCF8Q_bGZuZMvCgkIHxD9sZm5ky8=; Max-Age=7776000; Expires=Mon, 02 Aug 2021 11:32:10 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=7070517234066296957; Max-Age=7776000; Expires=Mon, 02 Aug 2021 11:32:10 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 04 May 2021 11:32:10 GMT
content-length
0
set-cookie
tluid=7070517234066296957; Max-Age=7776000; Expires=Mon, 02 Aug 2021 11:32:10 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame D33E 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9975
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Tue, 04 May 2021 14:18:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EB6F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=52467671&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
91a0e1fb89fad7309de2d61e37fd9ed3d61c6ad3ef3ec53563b34d0d5696372d

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:01 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
pubmatic
d5p.de17a.com/getuid/ Frame 9883 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.185 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 2120
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=836422E3-9070-45C2-83E7-6D844350B2F7; chkChromeAb67Sec=1; DPSync3=1621296000%3A226_221_201_227; SyncRTB3=1621296000%3A56_220_54_161_7_3_71_21_13_8%7C1621382400%3A35%7C1620691200%3A223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Tue, 04 May 2021 11:32:03 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 02-Aug-2021 11:32:03 GMT; path=/
X-lat
lhrpug004:0:718
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Tue, 04 May 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
4088
x-powered-by
ASP.NET
date
Tue, 04 May 2021 11:32:02 GMT
content-length
205
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g2Qi45BwRcKD522EQ1Cy9w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=95887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Wed, 05 May 2021 14:10:10 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame EB6F 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=836422E3-9070-45C2-83E7-6D844350B2F7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64a16800e8ab4ea9-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09d8bf549600004ea9bb30a000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame EB6F
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=836422E3-9070-45C2-83E7-6D844350B2F7&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=836422E3-9070-45C2-83E7-6D844350B2F7&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=836422E3-9070-45C2-83E7-6D844350B2F7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:06 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:06 GMT
frontend-id
9
location
/pubmatic/1/info2?sType=sync&sExtCookieId=836422E3-9070-45C2-83E7-6D844350B2F7&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=836422E3-9070-45C2-83E7-6D844350B2F7&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=836422E3-9070-45C2-83E7-6D844350B2F7&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=836422E3-9070-45C2-83E7-6D844350B2F7&addseg=21
7 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=836422E3-9070-45C2-83E7-6D844350B2F7&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:09 GMT
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Tue, 04 May 2021 11:32:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=836422E3-9070-45C2-83E7-6D844350B2F7&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODM2NDIyRTMtOTA3MC00NUMyLTgzRTctNkQ4NDQzNTBCMkY3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:04 GMT
X-lat
lhrpug020:0:542
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELNZbymmhNHEa3TBWJfwBFU&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELNZbymmhNHEa3TBWJfwBFU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:04 GMT
X-lat
lhrpug020:0:387
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELNZbymmhNHEa3TBWJfwBFU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame EB6F 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 03 May 2021 11:32:06 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c0778bfc-aee8-4109-9975-1fc806ef2157
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c0778bfc-aee8-4109-9975-1fc806ef2157
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:03 GMT
X-lat
lhrpug009:0:594
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c0778bfc-aee8-4109-9975-1fc806ef2157
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7527710286074697523
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7527710286074697523
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:03 GMT
X-lat
lhrpug004:0:564
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:03 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7527710286074697523
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aaf66091-30b5-4400-9456-79b2a4b27d3d&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aaf66091-30b5-4400-9456-79b2a4b27d3d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:05 GMT
X-lat
lhrpug020:0:517
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Tue, 04 May 2021 11:33:19 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aaf66091-30b5-4400-9456-79b2a4b27d3d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 04 May 2021 11:33:18 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5632724308050868260&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5632724308050868260&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:04 GMT
X-lat
lhrpug001:0:544
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:03 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid
caec898e-ce6e-495d-9012-6100f70dbb11
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5632724308050868260&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
836422E3-9070-45C2-83E7-6D844350B2F7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EB6F 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/836422E3-9070-45C2-83E7-6D844350B2F7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=836422E3-9070-45C2-83E7-6D844350B2F7&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=836422E3-9070-45C2-83E7-6D844350B2F7&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oIJoIoBE2uUbOpSm4KqoDbJFPkbqsYI-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oIJoIoBE2uUbOpSm4KqoDbJFPkbqsYI-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 10:42:09 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 04 May 2021 11:32:04 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oIJoIoBE2uUbOpSm4KqoDbJFPkbqsYI-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame EB6F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HHOAExlz2xMHe4tHHSKUQUwhjkQHIdoaS3VeaP56
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HHOAExlz2xMHe4tHHSKUQUwhjkQHIdoaS3VeaP56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:04 GMT
X-lat
lhrpug019:0:387
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HHOAExlz2xMHe4tHHSKUQUwhjkQHIdoaS3VeaP56
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1620127923663&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1223&pt=-1105190586&tz=120&viewable=true&ddast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3922f5dbd6bafea3328cab750615d25b77f1c14bb0a182da60fd29f415550053

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 04 May 2021 11:32:03 GMT
content-encoding
gzip
access-control-allow-origin
https://hillreporter.com
machineid
1459
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11572-HHN
pragma
no-cache
server
nginx
x-timer
S1620127924.690515,VS0,VE144
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
visible
trc.taboola.com/hillreporter-hillreporter/log/3/ 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hillreporter-hillreporter/log/3/visible?route=IL%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210503-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
64
pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
via
1.1 varnish
server
nginx
x-timer
S1620127924.062180,VS0,VE64
x-served-by
cache-hhn11572-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
usersync.html
cdn.undertone.com/js/ Frame 6980 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:c600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

content-type
text/html
date
Mon, 03 May 2021 18:21:51 GMT
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
O2yrebsrJZJ1cO45m9mL9jxOv-DftZA8Kee2F2dQywjWw7g51NsAPA==
age
61814
sync_iframe
sync.bfmio.com/ Frame 1F35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.189.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Date
Tue, 04 May 2021 11:32:03 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 199E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=836422E3-9070-45C2-83E7-6D844350B2F7; chkChromeAb67Sec=1; DPSync3=1621296000%3A226_221_201_227; SyncRTB3=1621296000%3A56_220_54_161_7_3_71_21_13_8%7C1621382400%3A35%7C1620691200%3A223; PUBMDCID=3; KRTBCOOKIE_1235=23226-b862c56f-263a-4402-8858-8bbb1227ba4b-tuct78ab62c:$UID; PugT=1620127923; KRTBCOOKIE_377=6810-c0778bfc-aee8-4109-9975-1fc806ef2157&KRTB&22918-c0778bfc-aee8-4109-9975-1fc806ef2157&KRTB&23031-c0778bfc-aee8-4109-9975-1fc806ef2157; KRTBCOOKIE_391=22924-7527710286074697523&KRTB&23263-7527710286074697523
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131664
Expires
Thu, 06 May 2021 00:06:28 GMT
Date
Tue, 04 May 2021 11:32:04 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 359D
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
1007 B
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
5cbdf0b59ecd440b342dae6e7710d444b8b962f1c92a3f48cfa483c382e92cf8

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=372e906c-ac57-06c7-1fa4-5640bfb6a5d0|1620127924
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=372e906c-ac57-06c7-1fa4-5640bfb6a5d0|1620127924; Version=1; Expires=Wed, 04-May-2022 11:32:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620127924|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 19-May-2021 11:32:04 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 04 May 2021 11:32:04 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=372e906c-ac57-06c7-1fa4-5640bfb6a5d0|1620127924; Version=1; Expires=Wed, 04-May-2022 11:32:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
date
Tue, 04 May 2021 11:32:04 GMT
content-length
0
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame D0F5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 May 2021 11:32:04 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Tue, 04 May 2021 11:32:04 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
usr.undertone.com/userPixel/ Frame 6980
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5632724308050868260
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5632724308050868260
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.153.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:05 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:04 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid
3bc11c84-9267-4632-aea9-5dca34ca628d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5632724308050868260
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 6980
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=adfe9440-eb88-4a14-b7a7-eb19629aa481
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=adfe9440-eb88-4a14-b7a7-eb19629aa481
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.153.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:05 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Tue, 04 May 2021 11:32:04 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=adfe9440-eb88-4a14-b7a7-eb19629aa481
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 6980
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP59bb39e3-accc-11eb-a9d9-0252caee3c48
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-s2XCoX5E2uEpwQ7Gh9GBYcwgjaSZ.Qbz~A~UP59bb39e3-accc-11eb-a9d9-0252caee3c48
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-s2XCoX5E2uEpwQ7Gh9GBYcwgjaSZ.Qbz~A~UP59bb39e3-accc-11eb-a9d9-0252caee3c48
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.153.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:06 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Tue, 04 May 2021 11:32:04 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-s2XCoX5E2uEpwQ7Gh9GBYcwgjaSZ.Qbz~A~UP59bb39e3-accc-11eb-a9d9-0252caee3c48
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 6980
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=c0778bfc-aee8-4109-9975-1fc806ef2157&ttl=1622719924
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=c0778bfc-aee8-4109-9975-1fc806ef2157&ttl=1622719924
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.153.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:05 GMT
x-envoy-upstream-service-time
7
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=c0778bfc-aee8-4109-9975-1fc806ef2157&ttl=1622719924
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame 6980 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame 6980
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.153.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:07 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
Date
Tue, 04 May 2021 11:32:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
7045c971-957c-ab79-74a5-885d24c65b64
pr-bh.ybp.yahoo.com/sync/openx/ Frame 359D 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/7045c971-957c-ab79-74a5-885d24c65b64?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 359D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=gi9x2ceb1LDThN5
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=gi9x2ceb1LDThN5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=gi9x2ceb1LDThN5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:20 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=gi9x2ceb1LDThN5
date
Tue, 04 May 2021 11:32:20 GMT
via
1.1 google
server
OXGW/16.206.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 359D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=b6f3b21d-2a94-4a2a-913f-b5d8dc109947
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=b6f3b21d-2a94-4a2a-913f-b5d8dc109947
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8eb34598-3972-43eb-859e-d06d64cac604&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b6f3b21d-2a94-4a2a-913f-b5d8dc109947
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=b6f3b21d-2a94-4a2a-913f-b5d8dc109947
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=b6f3b21d-2a94-4a2a-913f-b5d8dc109947
date
Tue, 04 May 2021 11:32:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
redir
rtb-csync.smartadserver.com/ Frame 359D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERmdVN0JJbUVBQUN4Y1luTTRZUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERmdVN0JJbUVBQUN4Y1luTTRZUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADFgU7BImEAACxcYnM4YQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADFgU7BImEAACxcYnM4YQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADFgU7BImEAACxcYnM4YQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADFgU7BImEAACxcYnM4YQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADFgU7BImEAACxcYnM4YQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:06 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADFgU7BImEAACxcYnM4YQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date
Tue, 04 May 2021 11:32:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 359D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d8236091-30b5-4000-bad4-520221ba5fc0
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=d8236091-30b5-4000-bad4-520221ba5fc0
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=d8236091-30b5-4000-bad4-520221ba5fc0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:05 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=d8236091-30b5-4000-bad4-520221ba5fc0
date
Tue, 04 May 2021 11:32:05 GMT
via
1.1 google
server
OXGW/16.206.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 359D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oUXE8qRFn_K6Tc-moBTQoPEXyqW6F5779kP7F5mx
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oUXE8qRFn_K6Tc-moBTQoPEXyqW6F5779kP7F5mx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oUXE8qRFn_K6Tc-moBTQoPEXyqW6F5779kP7F5mx
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 359D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7527710286074697523
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7527710286074697523
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7527710286074697523
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 359D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=e482af35-05d0-3930-4572-9ea8db91962d&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 359D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzhlZDdjZmYtY2NhNy02Nzk0LTUwOTItYzQxMTExNzM1ODRk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 359D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBgqZL5uZaGpV8AzYkTUpyg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBgqZL5uZaGpV8AzYkTUpyg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBgqZL5uZaGpV8AzYkTUpyg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D0F5 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9958
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Tue, 04 May 2021 14:18:17 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame EB6F 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 11:32:03 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1620127928672&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1223&pt=-1105190586&tz=120&viewable=true&ddast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
3815bab549477501679f095b62dcd07095e5c60936c37bb58e834a83c6602394

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:08 GMT
content-encoding
gzip
server
nginx
machineid
1464
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame AB41 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame AB41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM73hj0lKBN1RlBDF4Uyk7w&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM73hj0lKBN1RlBDF4Uyk7w&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.72.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-72-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM73hj0lKBN1RlBDF4Uyk7w&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB41
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA3MDUxNzIzNDA2NjI5Njk1Nw%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA3MDUxNzIzNDA2NjI5Njk1Nw%3D%3D&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA3MDUxNzIzNDA2NjI5Njk1Nw%3D%3D&google_tc=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA3MDUxNzIzNDA2NjI5Njk1Nw%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.bing.com/ Frame AB41 		42 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=7070517234066296957&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:10 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: D0BCC2AB46AD4DADBE17DD291A6D7499 Ref B: FRAEDGE1511 Ref C: 2021-05-04T11:32:10Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame AB41
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/7070517234066296957?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-mAHZTilE2oRcxLgRpc5iyWXufVXvkyeT_VEKwLJNHQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-mAHZTilE2oRcxLgRpc5iyWXufVXvkyeT_VEKwLJNHQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.72.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-72-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 04 May 2021 11:32:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-mAHZTilE2oRcxLgRpc5iyWXufVXvkyeT_VEKwLJNHQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AB41
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=145506032757471806&dongle=4d58&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=3335&xuid=145506032757471806&dongle=4d58&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=3335&xuid=145506032757471806&dongle=4d58&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.72.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-72-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=3335&xuid=145506032757471806&dongle=4d58&gdpr=1&cmp_cs=&us_privacy=
date
Tue, 04 May 2021 11:32:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
iu3
s.amazon-adsystem.com/ Frame AB41
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7070517234066296957
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7070517234066296957&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7070517234066296957&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 04 May 2021 11:32:10 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7070517234066296957&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AB41
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.72.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-72-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 04 May 2021 11:32:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame AB41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=7070517234066296957
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame AB41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=7070517234066296957
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1620127933676&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1223&pt=-1105190586&tz=120&viewable=true&ddast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
3815bab549477501679f095b62dcd07095e5c60936c37bb58e834a83c6602394

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:13 GMT
content-encoding
gzip
server
nginx
machineid
1440
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1620127938708&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1223&pt=-1105190586&tz=120&viewable=true&ddast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e8822bd2fa24ff22a69648cac86f041ea94413449154e8a135ba2671bc0b8135

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:18 GMT
content-encoding
gzip
server
nginx
machineid
1474
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
am-match.taboola.com/ Frame D126 		973 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_6_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

server
nginx
date
Tue, 04 May 2021 11:32:19 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3402
generic
match.adsrvr.org/track/cmf/ Frame D126 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame D126 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:9e4c:4287:35ff:53db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:19 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame D126 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:19 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D126
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=628bc567-accc-11eb-a09a-155da6fd0506&orig=video&us_privacy=1---
0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=628bc567-accc-11eb-a09a-155da6fd0506&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Tue, 04 May 2021 11:32:19 GMT
server
nginx
x-fastly-to-nlb-rtt
22889

Redirect headers

Date
Tue, 04 May 2021 11:32:19 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=628bc567-accc-11eb-a09a-155da6fd0506&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
101
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame D126 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.146.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-146-86.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame D0F5 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a9b13261b1c03077a76e00366561271f1632ad862f31639f0deafb1b7924b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7633
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 04 May 2021 11:32:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A114 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 04 May 2021 11:09:38 GMT
expires
Wed, 04 May 2022 11:09:38 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1362
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
pagead2.googlesyndication.com/bg/ Frame A114 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:03:51 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 12:48:00 GMT
server
sffe
age
1709
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5711
x-xss-protection
0
expires
Wed, 04 May 2022 11:03:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=3322899586406933&bg=!FhWlFVHNAAYXzPaOF8w7ACkAdvg8WhYqGC5nGcJeETPZRh170g2DbFSwU2shGJeIMY1o2JKLBSF7pwIAAAC2UgAAAAxoAQcKADe78BtbBwOR-Ga9qVwyDNgUbV7xqZSvppTGzHw2hyuDX0IkisvcFHO7WuY2iRX7S9JFDqL7JqFTmQI8MnRFbInzhvgZ84JERCrIDAnum-o-Fl7M1rHWAeTggRzjfP7BGZoPB9hnHQkGzf72-8aUCpoapnEYEaEKX_plCBhnIQ6b2hC2GyyTYaZ0HsWuEx-SA28WrLwR5m8PrwClTCw-DObdVJSI5i4fCVwjCnUKQmklvAzp2mHFy2lHvds1ZMCiyP38jzSg_ua1b1TaK1mQ65oGcjCyP7pQomLfKW0cis__W095A71eD7DmNtqwCvUAR2s0PyfYB0nEsK5G3BOs84WmIKhrEnMYCbT0h3QIDWIgHR2eg-yfA2La3SOowXTWq1plmjG-eh2zMaXTjopZZdA8_ESTaX-wlAMQv98nZUKL3JtWcCYoNU4DUWP8mZPhJYYirli52wIqC5aHIQmbs2zuspiPBLBl39wjGGoLcw0c8Ue9mR9TLB-3R_i2Wwr1A5fEk_7XtLL0-IHOfyHuAOZa4fPajrsBKqR8eGNvISgGy1wlJK3dGnq9DEDBgsG_8O22FqCEYVQ72j36V9tGjyZVjTC6i-Kj2b7FNt5TgG8LZDdwKCNpap72OQLsxhOvRoXo6EUCnhKXTNt2gomdZD6UV8m0GiG_KQKfXg5weAa_2urg_i4jvTGFdEbYDh9LvufUaTcbuYRgX60t_DUGy0d-I4dvlHSMxZIrO2BnlYObUiN3SMLNWFBiC_4d-JB1p9e4l9D-a1cjantToAUVADPQkOYjc7_3CrqlEkjzHJzW9iC0lW_gDFiZmVxNBLCwnWBCzeZj9dA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1620127943724&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=6&pv=1223&pt=-1105190586&tz=120&viewable=true&ddast=V7FAECFgNsv0A_71HCfQRsv0A_71HCfQUAAAAGBuIHG7HajGbL2YrGWOw2y8louFtuJpPFZDNZDYEjVpvRbDlb0RiL3WY5GQ1ni9lkt1gsZ5vhFDCEZfb7DgrK6ekxuwyiouttsTucZs8bmNB0Onyue73QaTZbXoa_5fSy3DV-t1_qd7nVDrvH6LS7NQ_n5y10uXV_19nkFjpsL7fM7_oZTW_J0296WT5v5XI5mM0BAAAA4AFAiisU4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAAGhUgNAlSNBnCef33P9WP8BAPBQAAIAIIBBAlDAdFICoEGbdQIAAAAAAAAAwPL___8fMzAf_ygDAOKW1APw4APwQFSQWMQIAAAAQHgsbexoUidUFlUAAATpVgBXAAABeTcmJExhAAAAAWML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiAqONC0IMopd7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqAmJ2AAAAAHf_____eiC1WZlmM9tu5BzMfMuFw7ey-SazjW1ic9lMvoVhe9_EbYXdTbAJfRjCMvt9BwXl9PSYXQZR0fW22B1Os-d-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBHjbLJxzWZuyWyzcItGg8laOFwN18KJxeKYTHYTh2niFr0-pt9wYbFNNl4UDLjai-AinQidZrPlZfhbTi_LW-g0my0vw99yelkuYonmZJFOZJd9a7MyzWa23cg5mPmWC4dvZfNNZhvbxOaymXwLw75inE02rtnMLZltFm7RaDBZC4er4Vo4sVgck8lu4jBN3KLXx_QbLiy2ycbfmE0Gi8luuZjtG7PJYDHZLRezfYfO8F19zkZnrVjy2DQL28w2lZkPCpfB4l1-LtJu8XMz-nTjl7B0EO58E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_l0aKIJYLTRToRvYyni1gieVqkE8FquPGMbBvLyGGZTEwuy8SwHCxHG9fMZJssFsOJWKI0XaQTvdTvcqsddo_RaXdrHs7PW-hy6_6us8ktdNhebpnf9TOa3pKn3_SyfN7K5XIwm6j_2BDL0Vy5nCsGq7lyuUoAAAAAAAAAAEuYM28CAAAAcBrMaLfYrZYLIGHzrQsMAgAAAAAAsMshWBGRtJWsXdz4cQY6zWbLy_C3nF6Wt9BpNltehr_l9LJcGUDChpt5s2eCWKvVsgYAABDABgAACODWzVsARiMH!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=aat1_vB!adh5c-1_vA!insc_vA!scrn_vA!smbs!spa2_vB!sre_vA!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
3815bab549477501679f095b62dcd07095e5c60936c37bb58e834a83c6602394

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 May 2021 11:32:23 GMT
content-encoding
gzip
server
nginx
machineid
1437
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

298 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery function| fbq function| _fbq function| documentInitOneSignal object| OneSignal object| propertag function| gtag object| dataLayer object| _taboola function| toggleMenu object| date object| google_tag_manager object| wp object| alm_localize object| ajax_load_more_vars object| ajaxloadmore object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| almInit function| almUpdateCurrentPage function| almGetParentContainer function| almGetObj function| almTriggerClick boolean| payload_loaded object| _oneSignalInitOptions object| google_tag_data string| GoogleAnalyticsObject function| ga function| IScroll object| _stq function| st_go function| linktracker_init object| wpcom object| twemoji function| pb function| beacon object| TRC object| _tblConsole undefined| msg object| _comscore object| gaplugins object| gaGlobal object| gaData object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| properSpecialOps object| googletag object| _qevents function| proper_log function| proper_debug_console function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant object| TraceKit function| UAParser object| device string| SYNC_ENDPOINT string| NON_MEASURABLE string| ENDPOINT_TEST number| accountId function| udm_ object| ns_p object| COMSCORE function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl number| taboola_view_id string| requestType number| timeout boolean| edge string| bidder boolean| withCredentials function| proper_7fbc4939_d0ea5b9d_1 string| proper_ad_page_uuid string| proper_ad_session_uuid object| apstag number| placementId string| x string| pubcidCookie object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| apstagLOADED string| mantis_uuid string| nam object| placementData object| _tfa object| cmTag object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| _cm_wfCounters string| lastWfUrl object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| startCMTagMain function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| category function| webpackHotUpdate function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist string| vpaidId function| OvaMediaPlayer object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.openx.net/ Name: i
Value: 024b4284-5264-430e-b8a8-ec7fc96456a2|1620127940
.taboola.com/ Name: t_gid
Value: eeef96f0-d7e8-4b14-92a3-277d1ecb5219-tuct78ab643

10 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/MWrPytNNxryW8-T6S38kzh9SW197v5Z4r93hVN4KxWMy2-Hw7V1-WJV7CgBRVW6__h1s1-gFq4W1gm_3c1STnjzW2q2Yn958D9xWW2lmn927k7JnzW2nkSmq4XJpwgW1xFxDT8lQL-8N567HMWrwsKSW82PkG847zztXW42rDb83LPS_fW4_YKMS7nsxpWW7j_1967k0TfkVVj2MK8_-h-pW73G_Xc3Jx7slW954H1871ykWMW4rqF3p9ht-ygW2vMBzz659JhHW816_RX27N1wyW5zKq6R5rsFRtV1hRy338x_1MMGNKz2W7dztW7MgqFB2rVk8MW9lHKC_7Ph4x2W8GbkRl1BXWzjMPb_lWZ91b-3dDc1(Line 13)
Message:
toS
console-api log URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.1(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USPAPI workflow exceeded timeout threshold.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
3d0be4e4347b421f73fd5201b84c6325.safeframe.googlesyndication.com
a.teads.tv
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.pl
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c0.wp.com
c1.adform.net
cdn.districtm.io
cdn.hillreporter.com
cdn.onesignal.com
cdn.taboola.com
cdn.undertone.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
d5p.de17a.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb.proper.io
eb2.3lift.com
ecs.mantisadnetwork.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
hb.emxdgt.com
hbopenbid.pubmatic.com
hillreporter.com
i0.wp.com
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
info.silobreaker.com
js-sec.indexww.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
propermedia-d.openx.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.c.appier.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
sync-t1.taboola.com
sync.bfmio.com
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
sync.teads.tv
taboola-supply-partners.tremorhub.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
usync.proper.io
vidstat.taboola.com
visitor.fiftyt.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.111.230.142
104.111.242.245
104.16.68.69
104.17.120.107
141.226.228.48
142.250.185.226
142.250.186.66
148.251.128.74
151.101.13.108
159.253.128.183
172.105.221.29
174.137.133.49
178.250.2.151
18.159.8.206
18.185.167.149
18.194.69.169
18.195.155.181
18.195.72.17
18.197.47.23
184.30.21.51
185.29.135.227
185.33.221.14
185.33.221.52
185.33.221.88
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.81
185.64.190.87
185.86.137.133
185.94.180.125
192.0.76.3
192.0.77.2
192.0.77.37
192.132.33.46
198.148.27.139
199.232.137.44
199.60.103.2
2.18.233.180
2.18.234.21
213.155.156.185
213.19.147.43
216.52.2.48
23.21.153.230
23.79.143.124
2600:1f18:612b:4216:9e4c:4287:35ff:53db
2600:9000:2104:dc00:6:44e3:f8c0:93a1
2600:9000:214f:c600:1f:2473:9080:93a1
2606:4700:10::6816:1857
2606:4700::6811:4f22
2606:4700::6812:e234
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
3.127.88.255
3.214.189.234
34.98.64.218
35.201.96.126
37.157.4.41
44.238.170.237
52.209.246.140
52.22.66.224
52.222.183.71
52.222.183.91
52.24.184.198
52.45.128.104
52.58.146.86
52.58.177.37
54.239.17.112
54.36.109.48
54.93.115.47
65.9.86.127
69.173.144.138
70.42.32.31
72.251.249.13
76.223.111.131
77.243.60.138
88.214.206.247
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03df0c2786bb5987c9ffb05114ed3b9fbeadfe828a1865b0b4a6492319ff2054
04a79056d51076ba7b2183599b71cd5fd6f40b84ca218de2d5121979c7edb1a0
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076685d37633a9eb76c08c31be51329a3731fe62afc957155a79054fedeb96e5
08494183cde4255b3766982490c25fa92b544875dec629c686664520d488a0b8
087b49a05824378a9dd68b9787bcddce390c8aeab26f1aef1ffd8b4993d337ef
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e3ea0ec55dca3df2b00d0feba6fa3779939e8fa9f58639bc1bc830e31ff5534
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1498723b9048cd7b11f0660e553ef531cc952be1d488a7d42cf74425aa8fffd6
16be5f81f03b388f7849f4d95aa1ca4c14b03c8da15009e85b3f6141d3a4f7bd
16c4f109b12e909b1789636cfb11f8603d443ff6945e589e676de1e5f929d274
17d2789d83fb8541d191051353c97ee8a010e9d05cf7e96df06a468357a28ea3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
248ccb60ff73ec7c27ca22bbfe068770600c60bfc1cf44155fd2b77859d4e9de
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b1b2cf02f686e53880822d7f48d060e9ab7c454d9e949c3186889f03545863c
2b2f7a084d598df3d0b165507e0d4fb6fb88de8cb7d6aaad00f66b5d81ac0c5e
2b42d2a2e706a9ca28d4af7fe09a3e3314447d76b7db85c62386ce529bb6f97c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
312730480b85341db68e149f2f19806d8dee31be4119ef59c62a4c1e5271ac50
34d956fbe769d5f28df24429d0e8ff6278b9abf435fd6537d8be621280309bb2
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
3815bab549477501679f095b62dcd07095e5c60936c37bb58e834a83c6602394
3922f5dbd6bafea3328cab750615d25b77f1c14bb0a182da60fd29f415550053
3a9b13261b1c03077a76e00366561271f1632ad862f31639f0deafb1b7924b0d
3b503eb7fa98490d29b88c957cba6a16b214703c5f3d344fd6dcf064790b7d96
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3cde7327c67a2bde4b077ce381cda87e1cdbc5b0e7eab38f7c4ab06078f97ed5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef5f080e8b7370737ef13358799e8c511950eb7552a674a03abb04ae9571f21
3fa473d6b3c64226cfee6729a9c111dcef10b1312b1f5806036e7ea8348b2f7d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
440fd66ded0c98c9c1710654b4d7f4d865780613e4797f11e136d876c8580aba
46af55aacefb6fd164b7aee49cae754af8a2eb481c8e7f2b805c67865c206ffe
48991c9e2effcf30d3bbf1e91f1c3ab17919b4bfda16140fcf9af6adac2ff4ba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a30a44fbebdcd5ecd522693531e989aecce231ef21651e068a6e69bfadf178e
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4acc1ad1225689fe2c5479e7f8d822ecba31f2fe25bf5897678f12e640fc2321
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eeeaa4e345fef8be54d0a26426b4fb41a4fa9110bf30cba2254472189aca82c
5047db1ed9fce6b794573bfb6aa422698d4e0796b5e85444f316722059b98b4c
53da7e4b2b784af81549ddfe3ebc3374f06ef290f620c5f2aa231530da07445b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
562313bd23f06ebb62ff1a0be90112e0034e8cc35cca4bfd101e141b854297e4
58f18a82a75b50707afc2e2d1454d2748c20a825744b726a2dcf64bd90f53e4f
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cbdf0b59ecd440b342dae6e7710d444b8b962f1c92a3f48cfa483c382e92cf8
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
614720662b401ebcc2e88a3b22d87311f4084e22881644ea7940d9841fb3dcf9
647c226cf491168b04b3ae87a1dcf648640b8affe7ee736e96ccf754276caf69
66cb8293061d2e2adbf2a0ba280aa184e50b4a225caa7562215e5c6ab60c133c
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ad98284a3cdd51585af0a9757abf80aff017c041f0ecdc93b87f27dbef0a012
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfc1cffba6bac80d7d839716f8aaac9a11c922685738ce9fe8ac273edcda947
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74c0340218d6ace062201cca2c0f9f8ef0b7158ffaca8b15cc24f2a36618537a
786c50680f94d461218f83ea49d81227302ffb33c8237ad2e27c1b1cfedba6ff
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
82baa6f9c3450e87452871feddf4d823652f5c07ade0d83937bde1f42c23022a
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e27c676e226850a78ff98a02e0afdbcb9dca1055f09b9d9820505f391b8c30
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
899bb1382001afc08739e2fee94e9749d920a948171fcd7ef317628e34d53344
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d04fe1d061c081383d0b62b6861156429a8295ee1ffc214b2432462bca4e039
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f5e10186cfb4ad342d76573ebc90f6c149ca65689fb31865329d1c9b291f1b1
916a84b69b025d8aa42573eec1eb283354ce2cb96b6dfd743e2c6b9765807f34
91a0e1fb89fad7309de2d61e37fd9ed3d61c6ad3ef3ec53563b34d0d5696372d
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
949df1ccf23d571822752903501ed230b592bc352ba1dd90cee047ba37273d76
9573a8f6e1414b1fd532c59aaddaf536b39463c7e223b3884e7acd9b80f50923
964552efbc0c6ea6109780c56ef60f3b1f750da3d37ceedd6be243225baffb25
974a61a8bbc6e03fb74dc57a557a1646e9b511a43c15514b208c81e1f31c6149
98c538199766971a7f71b23b178c2c9ac3c050b798109699bb5047ae5c891cee
98df0c08f0bcc86bd3397315ef1b9a24ea5593c6e753dc4afcc2d476b671432e
99855dce793df375b8faf849aa3959e8e21c3769ef6cdf03fe233b0297907437
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f7867855ef8e70658ce3c108fe3ba8d393c19d9410251fb5afb71933277d35
9dab71b5d30badc235f953ffc2a0abeab3b561c81640541f86d06dc019825ead
9e517641e1c47d965766f6b39e1293ada96d8c04ee1ba730cae2c73344486f22
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2eac7ca47a849455bbf85ddcf23e0f9a2f06ad14568afa998bcc11375882b9c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a68a99fa5e2f7dbaa1240e322bf9a26b0c907209de1d31183c81940803855c1c
aa875d492861f46495b4c8cd49051f6862104712fd8fe34ce63dcc351166468d
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac6ce8a1bfe22c035125ef44040be3ea2d044ff158c9a52918a07d45052ad5bd
b0c6c41ef327012f2ee578c7d48e9102d9a8b3041b0dfd09a1a1dd83ac7c0369
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17a1dde76cbfa8f7e19a7121ecde1ad3d2cc9fca6bbd795042d3f484b53d2a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
c0d64c79308424a9f9a6e94e6aaedfe24b0bde7ea4c3744763e1f4ba7d6f6343
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc9bc1b8a8d7d7140117999c802b9be2e00337e9ab4bd7c69aff5ae57afa116c
ceab30455e06d08009be949828d5685289dcb5e1cad37b9a077d0956a0c23129
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bb15b8866d56b330b53070057f0e74d0df60d2347c53a7ecc55d0a6de8314d
d20663a99c2434ff6b57d088bcf6a40ea6cd417eb7d32e31b0c9abec265ff6fc
dae6ed92f35681ce39f4940dcf187bc969653acc8322306cddb3a884742a640e
db8be4a0e52d8799ebceedc633dcd7e52e7cb25f48e18f76203c8243a432a700
dcc4cf9b744de4de85c0329178637d9f28fe5a21fbb023cea9e23a73a20c7d1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5d9185ebb22baaabf8b2e1b4f83cd96e4508439edaf99d90305c5575f6f1e4
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e297e253e828ecb91ac4b44649ec6bad00ea99a9e20c4632c37e4be6574ca5a8
e2c8a6402dc03698cede65efa462b014507c82bd6751286fc540b7f20926640b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8822bd2fa24ff22a69648cac86f041ea94413449154e8a135ba2671bc0b8135
ea5dc8c55ab8a911b110132a82849471a063473124106d5378f6420e1564f7bf
ec1770570d1c86aedf5d9dcf1d1ead411b919d96db0562c7462caa8cddd47e93
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f66e3bdae7a5d3c12fa075da7cb5f351fad213a44c3dbcbdab14b3369a2008bb
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fd5cb099e20880a844303f3fa924ec36445155c0e874418b092dde6a6b5dcfe9
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c