urlscan.io logo urlscan.io
SecurityTrails logo

nypost.com Open in urlscan Pro
192.0.66.32  Public Scan

Go To Rescan Add Verdict Report
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Submission: On September 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 131 IPs in 13 countries across 121 domains to perform 431 HTTP transactions. The main IP is 192.0.66.32, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is nypost.com. The Cisco Umbrella rank of the primary domain is 14262.
TLS certificate: Issued by R3 on September 22nd 2023. Valid for: 3 months.
This is the only time nypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
78 192.0.66.32 2635 (AUTOMATTIC)
12 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 108.138.7.59 16509 (AMAZON-02)
1 2600:9000:21c... 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 107.23.205.218 14618 (AMAZON-AES)
1 13.224.189.120 16509 (AMAZON-02)
2 2600:9000:224... 16509 (AMAZON-02)
5 7 2600:9000:244... 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
1 142.250.185.226 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2600:1901:0:7... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 184.30.24.22 16625 (AKAMAI-AS)
1 3 18.65.39.28 16509 (AMAZON-02)
1 151.139.128.10 20446 (STACKPATH...)
16 2a04:4e42:400... 54113 (FASTLY)
1 34.36.206.170 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
4 130.211.23.194 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.185.70 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 18.239.50.8 16509 (AMAZON-02)
2 108.156.60.114 16509 (AMAZON-02)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.110.220.19 396982 (GOOGLE-CL...)
1 18.66.97.91 16509 (AMAZON-02)
2 44.218.131.204 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 108.138.7.43 16509 (AMAZON-02)
4 184.30.16.195 16625 (AKAMAI-AS)
6 7 185.89.210.141 29990 (ASN-APPNEX)
11 185.239.172.77 55081 (24SHELLS)
3 5 3.75.62.37 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
3 2600:9000:249... 16509 (AMAZON-02)
8 45.133.44.3 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 198.47.127.19 62713 (AS-PUBMATIC)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 184.72.145.68 14618 (AMAZON-AES)
3 108.138.1.25 16509 (AMAZON-02)
7 185.83.69.58 55081 (24SHELLS)
3 2a0c:5c87:523... 55081 (24SHELLS)
2 45.133.44.4 39572 (ADVANCEDH...)
1 178.250.1.9 44788 (ASN-CRITE...)
1 2 67.220.224.150 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
17 185.64.191.210 62713 (AS-PUBMATIC)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 4 18.198.19.227 16509 (AMAZON-02)
2 2 3.122.160.38 16509 (AMAZON-02)
1 1 54.146.162.150 14618 (AMAZON-AES)
2 3 151.101.2.49 54113 (FASTLY)
1 1 35.214.174.212 15169 (GOOGLE)
5 5 52.211.174.80 16509 (AMAZON-02)
5 6 142.250.185.194 15169 (GOOGLE)
1 1 185.86.139.104 201081 (SMARTADSE...)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 63.251.232.165 32475 (SINGLEHOP...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 35.186.193.173 15169 (GOOGLE)
1 1 193.0.160.131 54312 (ROCKETFUEL)
2 2 213.155.156.182 1299 (TWELVE99 ...)
1 34.102.163.6 396982 (GOOGLE-CL...)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 6 52.18.182.246 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 2 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.174.89.161 14618 (AMAZON-AES)
4 6 37.157.6.243 198622 (ADFORM)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
5 3.33.220.150 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 98.98.134.241 21859 (ZEN-ECN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 99.86.4.39 16509 (AMAZON-02)
1 44.199.95.168 14618 (AMAZON-AES)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 184.30.211.26 16625 (AKAMAI-AS)
1 18.239.18.12 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.138.185 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 216.52.2.39 30282 (AS-INAPCD...)
2 51.38.120.206 16276 (OVH)
2 145.40.97.67 54825 (PACKET)
5 5 46.228.174.117 56396 (AMOBEE)
1 35.227.252.103 15169 (GOOGLE)
3 7 104.18.27.193 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 8.18.47.7 398989 (DEEPINTENT)
4 46.228.174.115 56396 (AMOBEE)
2 185.89.210.212 29990 (ASN-APPNEX)
2 185.86.138.123 201081 (SMARTADSE...)
1 52.50.134.20 16509 (AMAZON-02)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 185.255.84.151 200271 (IGUANE-)
1 18.196.92.110 16509 (AMAZON-02)
7 2602:803:c004... 26667 (RUBICONPR...)
2 52.57.151.220 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 2a04:4e42::626 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 193.3.178.4 399668 (E-PLANNING-)
1 185.106.140.18 7979 (SERVERS-COM)
1 37.157.2.229 198622 (ADFORM)
2 34.233.180.235 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 1 141.94.242.204 16276 (OVH)
2 2 141.94.171.215 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
3 3 15.235.15.221 16276 (OVH)
2 3 34.254.143.3 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
10 2600:9000:249... 16509 (AMAZON-02)
4 2a02:2638:d::2 44788 (ASN-CRITE...)
2 35.80.108.76 ()
4 2a02:2638:3::c ()
4 141.95.98.65 ()
1 2606:4700:e4:... ()
2 95.101.149.233 ()
1 104.18.25.18 ()
2 13.248.245.213 ()
1 130.211.16.136 ()
2 162.19.138.116 ()
3 4 34.111.113.62 ()
1 2a04:4e42:600... ()
1 1 151.1.205.165 ()
1 185.15.245.83 ()
1 69.173.144.139 ()
431 131
78    192.0.66.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
nypost.com
pagesix.com
12    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    108.138.7.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-59.fra56.r.cloudfront.net
zephr-v4.nypost.com
1    2600:9000:21c7:1800:13:af59:7380:93a1 (United States)

ASN16509 (AMAZON-02, US)
pbcs.nypost.com
1    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
nypost-com.videoplayerhub.com
3    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    107.23.205.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-205-218.compute-1.amazonaws.com
platform.datazoom.io
1    13.224.189.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-120.fra2.r.cloudfront.net
launcher-sa.spot.im
2    2600:9000:2240:800:e:5a70:ca40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.flipboard.com
7    2600:9000:2449:8a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
2    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rebelhen.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
warp.media.net
3    18.65.39.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-28.ams1.r.cloudfront.net
sb.scorecardresearch.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.watchingthat.net
16    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
prd.jwpltx.com
assets-jpcust.jwpsrv.com
ping-meta-prd.jwpltx.com
1    34.36.206.170 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.206.36.34.bc.googleusercontent.com
nid.nypost.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:21f3:3a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
4    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    18.239.50.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-8.ams58.r.cloudfront.net
api-2-0.spot.im
2    108.156.60.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-114.ams1.r.cloudfront.net
publisher-assets.spot.im
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.110.220.19 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 19.220.110.34.bc.googleusercontent.com
sac.nypost.com
1    18.66.97.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-91.fra56.r.cloudfront.net
direct-events-collector.spot.im
2    44.218.131.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-131-204.compute-1.amazonaws.com
broker.datazoom.io
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    108.138.7.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-43.fra56.r.cloudfront.net
static-cdn.spot.im
4    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
11    185.239.172.77 (Staines-upon-Thames, United Kingdom)

ASN55081 (24SHELLS, US)
sync.spotim.market
sync.adtelligent.com
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
3    2600:9000:2491:a800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
8    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
player.adtelligent.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    2a02:26f0:480:794::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    184.72.145.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-145-68.compute-1.amazonaws.com
track1.aniview.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
7    185.83.69.58 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.spotim.market
ghb.adtelligent.com
3    2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.spotim.market
ghb1.adtelligent.com
2    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
p.nodserving.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    67.220.224.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
17    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    18.198.19.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-19-227.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.122.160.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-160-38.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    54.146.162.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-162-150.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.174.212 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 212.174.214.35.bc.googleusercontent.com
csync.loopme.me
5    52.211.174.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-174-80.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    52.18.182.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
id.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.174.89.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-89-161.compute-1.amazonaws.com
a.audrte.com
6    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
5    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a05:d018:d29:3602:5aec:1139:b771:4a28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    44.199.95.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-95-168.compute-1.amazonaws.com
go1.aniview.com
1    2606:4700:10::6816:36e8 (United States)

ASN13335 (CLOUDFLARENET, US)
c.aaxads.com
4    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    18.239.18.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-12.ams58.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
1    18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
5    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
7    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
htlb.casalemedia.com
2    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
prebid.deepintent.com
4    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
2    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs-simple.com
2    185.86.138.123 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    52.50.134.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-134-20.eu-west-1.compute.amazonaws.com
exchange.postrelease.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    18.196.92.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-92-110.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    52.57.151.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
1    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    34.233.180.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-180-235.compute-1.amazonaws.com
us.q2s15.com
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    141.94.242.204 (France)

ASN16276 (OVH, FR)
PTR: bixel-10.cloudy.ovh
green.erne.co
2    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel-eu.onaudience.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
11    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
3    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
3    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
loadeu.exelator.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
10    2600:9000:2491:9a00:3:37c9:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront.jwpsrv.com
4    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    35.80.108.76 (None, )

ASN- ()
prod.tahoe-analytics.publishers.advertising.a2z.com
4    2a02:2638:3::c (None, )

ASN- ()
gum.criteo.com
4    141.95.98.65 (None, )

ASN- ()
id5-sync.com
1    2606:4700:e4::ac40:a613 (None, )

ASN- ()
adxbid.info
2    95.101.149.233 (None, )

ASN- ()
eus.rubiconproject.com
1    104.18.25.18 (None, )

ASN- ()
js-sec.indexww.com
2    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
1    130.211.16.136 (None, )

ASN- ()
cdn.deepintent.com
2    162.19.138.116 (None, )

ASN- ()
lb.eu-1-id5-sync.com
4    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    2a04:4e42:600::300 (None, )

ASN- ()
trc.taboola.com
1    151.1.205.165 (None, )

ASN- ()
bn01.er.bemail.it
1    185.15.245.83 (None, )

ASN- ()
dmp.theadex.com
1    69.173.144.139 (None, )

ASN- ()
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
83 nypost.com
nypost.com — Cisco Umbrella Rank: 14262
zephr-v4.nypost.com — Cisco Umbrella Rank: 37422
pbcs.nypost.com — Cisco Umbrella Rank: 36770
nid.nypost.com — Cisco Umbrella Rank: 63874
sac.nypost.com — Cisco Umbrella Rank: 32926
943 KB
29 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
image2.pubmatic.com — Cisco Umbrella Rank: 1547
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
45 KB
17 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 4005
player.spotim.market — Cisco Umbrella Rank: 9384
ghb.spotim.market — Cisco Umbrella Rank: 10940
206 KB
15 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4247
videos-cloudfront.jwpsrv.com
3 MB
12 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 8872
ghb.adtelligent.com — Cisco Umbrella Rank: 7086
sync.adtelligent.com — Cisco Umbrella Rank: 4457
ghb1.adtelligent.com — Cisco Umbrella Rank: 10578
109 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 635
307 KB
11 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 4098
spl.zeotap.com
4 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
ad.doubleclick.net — Cisco Umbrella Rank: 180
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
163 KB
11 spot.im
launcher-sa.spot.im — Cisco Umbrella Rank: 20490
api-2-0.spot.im — Cisco Umbrella Rank: 3664
publisher-assets.spot.im — Cisco Umbrella Rank: 6358
direct-events-collector.spot.im — Cisco Umbrella Rank: 6129
static-cdn.spot.im — Cisco Umbrella Rank: 6022
130 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
eus.rubiconproject.com
pixel.rubiconproject.com Failed
token.rubiconproject.com
15 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
424 KB
8 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3185
entitlements.jwplayer.com — Cisco Umbrella Rank: 4287
47 KB
7 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
htlb.casalemedia.com — Cisco Umbrella Rank: 803
3 KB
7 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4243
c1.adform.net — Cisco Umbrella Rank: 954
adx.adform.net — Cisco Umbrella Rank: 3884
4 KB
7 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
id.crwdcntrl.net
14 KB
7 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 910
bidder.criteo.com — Cisco Umbrella Rank: 949
gum.criteo.com
1 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945
aax.amazon-adsystem.com — Cisco Umbrella Rank: 541
73 KB
7 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2710
track1.aniview.com — Cisco Umbrella Rank: 2842
go1.aniview.com — Cisco Umbrella Rank: 7540
148 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
4 KB
7 btloader.com
btloader.com — Cisco Umbrella Rank: 1773
api.btloader.com — Cisco Umbrella Rank: 1917
14 KB
6 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3427
ping-meta-prd.jwpltx.com
227 B
6 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 3028
274 KB
5 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18527
pixel.onaudience.com — Cisco Umbrella Rank: 3680
2 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
targeting.unrulymedia.com — Cisco Umbrella Rank: 1375
790 B
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
773 B
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1223
id5-sync.com
34 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
1010 B
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
3 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
cms.analytics.yahoo.com
991 B
4 tapad.com
pixel.tapad.com
2 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
117 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
assets.a-mo.net — Cisco Umbrella Rank: 2804
1 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662
104 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30144
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
1 KB
4 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1963
2 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 11
31 KB
4 datazoom.io
platform.datazoom.io — Cisco Umbrella Rank: 29628
broker.datazoom.io — Cisco Umbrella Rank: 28947
64 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1059
p.typekit.net — Cisco Umbrella Rank: 1428
54 KB
3 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 35065
loadeu.exelator.com
2 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com
539 B
3 deepintent.com
prebid.deepintent.com — Cisco Umbrella Rank: 11025
cdn.deepintent.com
match.deepintent.com Failed
3 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2364
a.ad.gt — Cisco Umbrella Rank: 2797
4 KB
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
prg.smartadserver.com — Cisco Umbrella Rank: 2163
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
1013 B
3 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2688
257 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 239
54 KB
3 rebelhen.com
rebelhen.com — Cisco Umbrella Rank: 36996
26 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
800 B
2 a2z.com
prod.tahoe-analytics.publishers.advertising.a2z.com
374 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2139
1 KB
2 q2s15.com
us.q2s15.com — Cisco Umbrella Rank: 45226
341 B
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 8725
1 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
14 KB
2 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1680
307 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
1 KB
2 adnxs-simple.com
ib.adnxs-simple.com — Cisco Umbrella Rank: 8970
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
952 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4264
497 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
374 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
562 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3602
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
1 KB
2 nodserving.com
p.nodserving.com — Cisco Umbrella Rank: 50642
38 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 657
355 KB
2 media.net
warp.media.net — Cisco Umbrella Rank: 3467
prebid.media.net — Cisco Umbrella Rank: 1975
38 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
174 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 958
564 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3500
pixel.wp.com — Cisco Umbrella Rank: 3212
3 KB
2 flipboard.com
cdn.flipboard.com — Cisco Umbrella Rank: 16041
4 KB
1 theadex.com
dmp.theadex.com
84 B
1 bemail.it
bn01.er.bemail.it
659 B
1 taboola.com
trc.taboola.com
204 B
1 indexww.com
js-sec.indexww.com
2 KB
1 adxbid.info
adxbid.info
3 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5800
464 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 11001
1 erne.co
green.erne.co — Cisco Umbrella Rank: 27364
412 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 14784
5 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7041
173 B
1 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 6899
389 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
245 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2416
10 KB
1 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 6028
229 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8195
278 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 5404
482 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417
795 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 7500
368 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
553 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
283 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
705 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
225 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
1 KB
1 rlcdn.com
di.rlcdn.com — Cisco Umbrella Rank: 3051
98 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2383
312 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
250 B
1 google.de
www.google.de — Cisco Umbrella Rank: 3974
455 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 851
481 B
1 watchingthat.net
cdn.watchingthat.net — Cisco Umbrella Rank: 23595
7 KB
1 pagesix.com
pagesix.com — Cisco Umbrella Rank: 19750
62 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 178
19 KB
1 videoplayerhub.com
nypost-com.videoplayerhub.com — Cisco Umbrella Rank: 37004
459 B
0 ck-ie.com Failed
as.ck-ie.com Failed
0 imrworldwide.com Failed
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com Failed
0 bluekai.com Failed
tags.bluekai.com Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 krxd.net Failed
beacon.krxd.net Failed
usermatch.krxd.net Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 fwmrm.net Failed
dmp.v.fwmrm.net Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
431 121
Domain Requested by
77 nypost.com nypost.com
cdn.jwplayer.com
12 cdn.cookielaw.org nypost.com
cdn.cookielaw.org
10 videos-cloudfront.jwpsrv.com ssl.p.jwpcdn.com
10 mwzeom.zeotap.com spl.zeotap.com
9 simage2.pubmatic.com ads.pubmatic.com
8 image2.pubmatic.com ads.pubmatic.com
8 sync.spotim.market ads.pubmatic.com
rumcdn.geoedge.be
nypost.com
prebid.a-mo.net
player.spotim.market
7 fastlane.rubiconproject.com player.spotim.market
7 cdn.jwplayer.com 5 redirects nypost.com
ssl.p.jwpcdn.com
6 cm.g.doubleclick.net 5 redirects spl.zeotap.com
6 ib.adnxs.com 5 redirects spl.zeotap.com
6 ssl.p.jwpcdn.com cdn.jwplayer.com
5 prd.jwpltx.com
5 assets-jpcust.jwpsrv.com
5 ssum-sec.casalemedia.com 3 redirects nypost.com
js-sec.indexww.com
5 ap.lijit.com rumcdn.geoedge.be
nypost.com
player.spotim.market
5 match.adsrvr.org ads.pubmatic.com
player.spotim.market
spl.zeotap.com
5 match.prod.bidr.io 5 redirects
5 ghb.spotim.market player.spotim.market
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
spl.zeotap.com
5 api-2-0.spot.im launcher-sa.spot.im
static-cdn.spot.im
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 id5-sync.com player.adtelligent.com
player.spotim.market
4 gum.criteo.com player.adtelligent.com
player.spotim.market
4 static.criteo.net player.spotim.market
static.criteo.net
player.adtelligent.com
4 targeting.unrulymedia.com player.spotim.market
pbcs.nypost.com
4 sync.1rx.io 4 redirects
4 ghb.adtelligent.com p.nodserving.com
player.spotim.market
4 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 a.audrte.com 3 redirects
4 x.bidswitch.net 2 redirects ads.pubmatic.com
spl.zeotap.com
4 player.adtelligent.com player.spotim.market
p.nodserving.com
player.adtelligent.com
4 player.spotim.market nypost.com
player.spotim.market
4 ads.pubmatic.com static-cdn.spot.im
player.spotim.market
4 www.gstatic.com www.google.com
www.gstatic.com
4 ad-delivery.net nypost.com
4 api.btloader.com nypost-com.videoplayerhub.com
c.aaxads.com
4 www.google.com nypost.com
www.gstatic.com
www.google.com
3 pixel.onaudience.com 3 redirects
3 sync.adtelligent.com nypost.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 c.amazon-adsystem.com player.spotim.market
c.amazon-adsystem.com
3 track1.aniview.com player.aniview.com
3 player.aniview.com static-cdn.spot.im
player.aniview.com
3 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
3 ups.analytics.yahoo.com 1 redirects
3 sb.scorecardresearch.com 1 redirects nypost.com
3 rebelhen.com nypost.com
rebelhen.com
3 btloader.com 1 redirects nypost.com
3 zephr-v4.nypost.com nypost.com
3 use.typekit.net nypost.com
use.typekit.net
2 lb.eu-1-id5-sync.com player.spotim.market
player.adtelligent.com
2 eb2.3lift.com player.spotim.market
adxbid.info
2 eus.rubiconproject.com player.spotim.market
eus.rubiconproject.com
2 id.crwdcntrl.net player.adtelligent.com
player.spotim.market
2 prod.tahoe-analytics.publishers.advertising.a2z.com c.amazon-adsystem.com
2 loada.exelator.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 pixel-eu.onaudience.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 us.q2s15.com cdn.watchingthat.net
2 pbjs.e-planning.net 1 redirects
2 pagead2.googlesyndication.com imasdk.googleapis.com
2 simage4.pubmatic.com ads.pubmatic.com
2 btlr.sharethrough.com player.spotim.market
2 hb-api.omnitagjs.com player.spotim.market
2 bidder.criteo.com player.spotim.market
player.adtelligent.com
2 htlb.casalemedia.com player.spotim.market
2 prg.smartadserver.com player.spotim.market
2 ib.adnxs-simple.com player.spotim.market
2 prebid.deepintent.com player.spotim.market
2 assets.a-mo.net prebid.a-mo.net
2 prebid.a-mo.net rumcdn.geoedge.be
player.spotim.market
2 onetag-sys.com rumcdn.geoedge.be
player.spotim.market
2 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
2 id.hadron.ad.gt cdn.hadronid.net
2 ad.turn.com 2 redirects
2 pixel-sync.sitescout.com nypost.com
2 um.simpli.fi 1 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 idsync.frontend.weborama.fr 1 redirects
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects
2 d5p.de17a.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 cms.quantserve.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
spl.zeotap.com
2 p.nodserving.com rumcdn.geoedge.be
p.nodserving.com
2 securepubads.g.doubleclick.net nypost.com
rumcdn.geoedge.be
2 static-cdn.spot.im launcher-sa.spot.im
2 fonts.gstatic.com www.google.com
2 broker.datazoom.io platform.datazoom.io
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 publisher-assets.spot.im launcher-sa.spot.im
2 ad.doubleclick.net nypost.com
2 www.googletagmanager.com nypost.com
www.googletagmanager.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 cdn.flipboard.com nypost.com
2 platform.datazoom.io nypost.com
platform.datazoom.io
1 token.rubiconproject.com eus.rubiconproject.com
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 cdn.deepintent.com player.spotim.market
1 js-sec.indexww.com player.spotim.market
1 adxbid.info player.adtelligent.com
1 spl.zeotap.com player.adtelligent.com
spl.zeotap.com
1 ping-meta-prd.jwpltx.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 adx.adform.net player.adtelligent.com
1 rtb.adxpremium.services player.adtelligent.com
1 s0.2mdn.net imasdk.googleapis.com
1 tlx.3lift.com player.spotim.market
1 prebid.media.net player.spotim.market
1 prebid-eu.creativecdn.com player.spotim.market
1 hbopenbid.pubmatic.com player.spotim.market
1 ghb1.adtelligent.com player.spotim.market
1 exchange.postrelease.com player.spotim.market
1 a.ad.gt rumcdn.geoedge.be
1 rtb.openx.net nypost.com
1 sync.targeting.unrulymedia.com 1 redirects
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.id5-sync.com rumcdn.geoedge.be
1 cdn.hadronid.net nypost.com
1 tags.crwdcntrl.net rumcdn.geoedge.be
1 c.aaxads.com 1 redirects
1 go1.aniview.com player.aniview.com
1 config.aps.amazon-adsystem.com rumcdn.geoedge.be
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com
1 pr-bh.ybp.yahoo.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ad.mrtnsvr.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 di.rlcdn.com
1 pixel.advertising.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 direct-events-collector.spot.im launcher-sa.spot.im
1 sac.nypost.com nid.nypost.com
1 www.google.de nypost.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 pixel.wp.com nypost.com
1 static.adsafeprotected.com nypost.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 nid.nypost.com www.googletagmanager.com
1 cdn.watchingthat.net cdn.jwplayer.com
1 warp.media.net pbcs.nypost.com
1 pagesix.com nypost.com
1 p.typekit.net use.typekit.net
1 www.googleadservices.com nypost.com
1 stats.wp.com nypost.com
1 launcher-sa.spot.im nypost.com
1 nypost-com.videoplayerhub.com 1 redirects
1 pbcs.nypost.com nypost.com
0 as.ck-ie.com Failed adxbid.info
0 match.deepintent.com Failed cdn.deepintent.com
0 pixel.rubiconproject.com Failed spl.zeotap.com
0 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com Failed spl.zeotap.com
0 tags.bluekai.com Failed spl.zeotap.com
0 usermatch.krxd.net Failed spl.zeotap.com
0 sync.richaudience.com Failed spl.zeotap.com
0 beacon.krxd.net Failed spl.zeotap.com
0 odr.mookie1.com Failed spl.zeotap.com
0 dpm.demdex.net Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
0 dmp.v.fwmrm.net Failed spl.zeotap.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.search.spotxchange.com Failed
431 186
Subject Issuer Validity Valid
nypost.com
R3		 2023-09-22 -
2023-12-21		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
zephr-v4.pagesix.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
pbcs.nypost.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.datazoom.io
Amazon RSA 2048 M01		 2023-02-20 -
2024-03-21		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.flipboard.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-12		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
rebelhen.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
pagesix.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.watchingthat.net
R3		 2023-09-06 -
2023-12-05		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
nid.nypost.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
v2.pixel.nypp.data.newscorp.com
GTS CA 1D4		 2023-08-21 -
2023-11-19		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
player.spotim.market
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-11 -
2024-09-11		 a year crt.sh
player.adtelligent.com
R3		 2023-09-16 -
2023-12-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
ghb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-08-19 -
2023-11-17		 3 months crt.sh
p.nodserving.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
ad.mrtnsvr.com
GTS CA 1D4		 2023-09-06 -
2023-12-05		 3 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2023-02-27 -
2024-03-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-08-03 -
2023-11-01		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
q2s15.com
Amazon RSA 2048 M02		 2023-01-23 -
2024-02-22		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-21		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
adxbid.info
E1		 2023-08-09 -
2023-11-07		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh

This page contains 52 frames:

Primary Page: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Frame ID: 05F3B9584C3AD866B21D9081B902B03C
Requests: 199 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=xb94vstittz
Frame ID: 48FB41B7748CD9F1071C89F76D11B983
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: AB21758095083FB66A7EA3A8E1267A19
Requests: 24 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 376E96CFA0FD93FFD247079A4B404FF6
Requests: 81 HTTP requests in this frame

Frame: https://p.nodserving.com/prebidlink/19628/j.html?i=11600
Frame ID: EA6FCC54968F254F8F7E736FB50A7A40
Requests: 19 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 48F6F83949B77AFACB0FCD3BA72DFB00
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 45C8E0ED51EF41BFD694D3D3040DDD42
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FA8D2C7D-93A7-420D-975D-E9EB10601650&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 5E9821802B8D7A00586615913ED9E2C6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H
Frame ID: 000112CDA0CFC1BB7757CB385CA61D82
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2098319400227191563&gdpr=0&gdpr_consent=
Frame ID: 9A8064E529B7D1C56FDDA5D7223B206C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284006397900355723&gdpr=0&gdpr_consent=
Frame ID: F42AB9A93B9BFCC6EA75AF243C7EF4C2
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cc151ade-34c3-4e1d-8d0d-b6e3e65ba9fb&ssp=pubmatic
Frame ID: E79E54AFEEB3A003CEBAFC9D2B6E563D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
Frame ID: A3718B5EF7F9B84743CEF09C06CF5ED2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRX9OgAT2kDlpQBY
Frame ID: 6143027D62BBBB45E24DD39A2F7A72AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: CE355BDD080BB89604558373C68BE9A6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGjb07KK_oAABjvR4xNrw&gdpr=0&gdpr_consent=
Frame ID: 8FA84446AED81695AAEBEBC1BD12DB07
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 79FD0F51B34E902D833F6108495469F9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda77a42fd25a4ad8ad2799390eb11ca6
Frame ID: 96205266A2DD8C020F81F3F8E9627E0B
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F6CB82AA3118ECD2A77ED8625A4B4402
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526623952065
Frame ID: FE29A78E96A12064F978B49A5365BAFD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4406721295720255939
Frame ID: 654CB6F70D03B595E800912856677E36
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: CECFC743F6E381E29EA644A6BDDDA335
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 5421576B8D286E8B47414F7BECEE1CBF
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 703BD449AFDBB9678C3C8B7C103F1FE8
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 90C0BBF8C9A2B63D8FCF4B5EABCBF30F
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=FA8D2C7D-93A7-420D-975D-E9EB10601650
Frame ID: B729090825B663E9E8130436AD1B2AAD
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: C5E0A12A1D4D50E31D29E05AE6290433
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: 947876E1ADBCB06658D7914EDBF83D12
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Frame ID: BF228DFD03AE0473E2C0CB3607D81A2E
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 54CC178A964A77EC43048D430EA6EF68
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: 76528B0EABA2E7B305696D542ADFD6C1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4A5B30BC73A2416F3183733B73A58B6F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=FA8D2C7D-93A7-420D-975D-E9EB10601650&gdpr=0&gdpr_consent=
Frame ID: A28F1E51D870970B4366872472BAC5A1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXnWjVVhWQXQYSWn&gdpr=0&gdpr_consent=
Frame ID: DD98E558CBF4708E6ABDCAD4FF38DACC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E73FD2631F856851FE5D92107F30CB06
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A205FFD83F664DEEBB5F600D1D1F2489&gdpr=0&gdpr_consent=
Frame ID: 7E05B1407D7DCDC29634934D625B2D6C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5604958134
Frame ID: 6BD9DE957A731A1AFE950BA8899BF163
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=FA8D2C7D-93A7-420D-975D-E9EB10601650
Frame ID: 80F46F8CA9F97A500B37D196F8484AA7
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 467545896EB9257029BB8C8D70836474
Requests: 33 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Frame ID: 11FCAA753AA0590C12E6EB4FBA881608
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Frame ID: 8FBB0876A3C10C2BC15EFB1BE7957050
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 01384E46D6D74FC3AD9717B4BE170BB3
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 05619EFFDDB57C1ACD490D89D1E595D6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Frame ID: 3A6DD10FF3B52B9BF5A8D0ED3A6110C8
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Frame ID: 6046E19BF20D7C42523705BDD44EB63D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: 82D07AB7D0B5859CA737B77448F2412D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 8000DC10698DAE78139864EE3D7E745F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&informer=13399841
Frame ID: D80940CC90CB07C8EBE76166922680A3
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 122AE01BE705B9722159C2BE300CAD14
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&
Frame ID: C44E494FAD3ABFE9FB02313910C8D7C3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.deepintent.com/syncpixel.html
Frame ID: BCA5700B23974D6ED07DD1DE8927A661
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7CB3D2E933F547EC8C923C492893BD7B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DOJ held Hunter Biden charges ahead of midterms to not 'shoot themselves in the foot'Back ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

431
Requests

86 %
HTTPS

32 %
IPv6

121
Domains

186
Subdomains

131
IPs

13
Countries

7720 kB
Transfer

18242 kB
Size

108
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0 HTTP 301
  • https://btloader.com/tag?h=nypost-com&upapi=true
Request Chain 112
  • https://sb.scorecardresearch.com/c2/plugins/streamingtag_plugin_jwplayer.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
Request Chain 168
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=2098319400227191563
Request Chain 170
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
Request Chain 193
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FA8D2C7D-93A7-420D-975D-E9EB10601650&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FA8D2C7D-93A7-420D-975D-E9EB10601650&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 194
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H
Request Chain 195
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2098319400227191563&gdpr=0&gdpr_consent=
Request Chain 196
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284006397900355723&gdpr=0&gdpr_consent=
Request Chain 197
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cc151ade-34c3-4e1d-8d0d-b6e3e65ba9fb&ssp=pubmatic
Request Chain 198
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
Request Chain 199
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRX9OgAT2kDlpQBY
Request Chain 200
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 201
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHamIwN0tLX29BQUJqdlI0eE5ydw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGjb07KK_oAABjvR4xNrw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2724395385258311914&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAGjb07KK_oAABjvR4xNrw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2724395385258311914%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2724395385258311914&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGjb07KK_oAABjvR4xNrw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGjb07KK_oAABjvR4xNrw&gdpr=0&gdpr_consent=
Request Chain 203
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda77a42fd25a4ad8ad2799390eb11ca6
Request Chain 205
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526623952065
Request Chain 206
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4406721295720255939
Request Chain 209
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-o0sfZOnQg2XXenrEGAWUA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 214
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3065475015 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FA8D2C7D-93A7-420D-975D-E9EB10601650
Request Chain 215
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FA8D2C7D-93A7-420D-975D-E9EB10601650 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTY1UEJSMXZIWldTYWVrNG94LVdtSDJhQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5814413650076095197&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkE4RDJDN0QtOTNBNy00MjBELTk3NUQtRTlFQjEwNjAxNjUw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFjwmXb2uyklTmI7Sah34gM&google_cver=1
Request Chain 219
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5814413650076095197
Request Chain 225
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4260316832137327304&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 226
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:85d6fe1f-fd95-4db8-a154-0f9104627b6a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 234
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Request Chain 255
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 260
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent} HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1695939899147 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4511585997 HTTP 302
  • https://sync.1rx.io/usersync/turn/4260316832137327304?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003
Request Chain 263
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRX9O.o0wlFC.WfFVUWb2AAA%261176
Request Chain 264
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Request Chain 302
  • https://cdn.jwplayer.com/strips/RBUtazJi-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.vtt
Request Chain 313
  • https://cdn.jwplayer.com/strips/RBUtazJi-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.jpg
Request Chain 315
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/nypost.com/ROS?rnd=0.12283942109775636&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&gdpr=1&gdprcs=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&ccpa=1---&e_pubcid=1c971390-b3f2-44a9-85ee-6c9fc2269e55 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.12283942109775636&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&gdpr=1&gdprcs=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&ccpa=1---&e_pubcid=1c971390-b3f2-44a9-85ee-6c9fc2269e55
Request Chain 319
  • https://cdn.jwplayer.com/v2/media/gDEZjQW7/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/cJ1RsJTx-120.jpg
Request Chain 324
  • https://cdn.jwplayer.com/v2/media/gDEZjQW7/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/cJ1RsJTx-120.jpg
Request Chain 325
  • https://cdn.jwplayer.com/strips/RBUtazJi-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.jpg
Request Chain 329
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2e4c55b4d2d384e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhXnWjVVhWQXQYSWn%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhXnWjVVhWQXQYSWn%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXnWjVVhWQXQYSWn&gdpr=0&gdpr_consent=
Request Chain 331
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A205FFD83F664DEEBB5F600D1D1F2489&gdpr=0&gdpr_consent=
Request Chain 332
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5604958134
Request Chain 335
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FA8D2C7D-93A7-420D-975D-E9EB10601650&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FA8D2C7D-93A7-420D-975D-E9EB10601650&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 336
  • https://pixel.onaudience.com/?partner=214&mapped=FA8D2C7D-93A7-420D-975D-E9EB10601650&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=5814413650076095197&gdpr=0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f7bf62ca17580f3d0ca5c7b05fca32df&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 337
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2098319400227191563
Request Chain 374
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 392
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a2b4df09-819e-4353-8423-610299e3566e&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Request Chain 401
  • https://bn01.er.bemail.it/zeotap.php?_bid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023092900-25791-0.619386001695939904-6b3f773fb24d58729f774be370547738&zdid=533&env=mWeb
Request Chain 402
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7284006397900355723&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Request Chain 403
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe
Request Chain 404
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=G0cP9aJlkTFvNuh3iT8xEO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Request Chain 406
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Request Chain 407
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-xTt8K5NE2oq6_GEFk3xkVBgj0k0CYD_06Q--~A&zpartnerid=570&env=mWeb
Request Chain 408
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=uYuAHxkjGqepIhDovo8av5LkNC3apfgj%2BS41iYitP1U%3D
Request Chain 412
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZRX9OgAT2kDlpQBY&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Request Chain 420
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=kfKCPMGjgGiK8dEwlPaeO5P2hzmK99Jskf7RBoH9&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361

431 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/ 		539 KB
98 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
52bd154b5d217dca9312eaa97f6032c2c671634bc19061450a15797aa55424b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20023
cache-control
private, no-store
content-encoding
gzip
content-length
99358
content-security-policy
frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
content-type
text/html; charset=UTF-8
date
Thu, 28 Sep 2023 22:24:56 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://nypost.com/wp-json/>; rel="https://api.w.org/" <https://nypost.com/wp-json/wp/v2/article/28893684>; rel="alternate"; type="application/json" <https://wp.me/pb3Qpq-1Xeza>; rel=shortlink
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000
x-cache
grace
x-content-type-options
nosniff
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 96 184 443
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
h6ThlO7ea17v6JNPXbI1zQ==
age
21022
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6822
x-ms-lease-status
unlocked
last-modified
Wed, 27 Sep 2023 19:43:54 GMT
server
cloudflare
etag
0x8DBBF92153F4C34
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bd698354-201e-0081-497b-f19959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df663ffd095c20-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
64113
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80df663ffd0b5c20-FRA
pyz4pvc.css
use.typekit.net/ 		2 KB
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/pyz4pvc.css?ver=bebcff6cd672f78e7d33
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6f8b2b91c0a7c18a0eafd67bcaa80fdb350695ecc4d866f71728c74a8f886598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 28 Sep 2023 22:24:56 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
650
features
zephr-v4.nypost.com/zephr/ 		1020 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/features
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-59.fra56.r.cloudfront.net
Software
/
Resource Hash
87171d091d307d077266964e43251dbffd6d69c3fa0775e26481e08d31c949d6

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
br
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
public, max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
IonPh1-dTyMqzFT2twiMV-noVem6SxmvJK5LH7CCive-G0e69lH9Cw==
x-blaize-request
3aca20e0
nyp-slideshow-modal-styles.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/nyp-slideshow-modal-styles.min.css?ver=fdcb808d1e08b537f98e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3678aab0b3567729e07aeb488a538c7417e763aff7967d1cb60b47ecc23dc7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-6d5"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
index.css
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.css?ver=0a8eecac915890e1bf24
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1574ec82e9639e92b14f9f29da076c74b16d9461a746192bd9428b7aa1254ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-138b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
style.min.css
nypost.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:03 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bb-15b64"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
mediaelementplayer-legacy.min.css
nypost.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bc-2bf8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
wp-mediaelement.min.css
nypost.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:05 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bd-105a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-betting-offer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-betting-offer.min.css?ver=36198e80e2d0f7048c79
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d098860773d68c5d80ac5f428b3c1d0ed991cb1f89964c20d059cb645aa4494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d142-810"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-button.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
654 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-button.min.css?ver=512bdd0fe42491bc570a
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ad5f11dd00d48d6058bb7ab44edeb643ccb1c0ad2fc53703f3e898ef0229b681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-734"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-primary-tag.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		3 KB
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-primary-tag.min.css?ver=21a82a87bed2ec83851b
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
54884e22a5a776b6c7eb41ae0e119b2ac1d2ba8765b063811b485dea1b8de946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-b4e"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-gracenote.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		407 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-gracenote.min.css?ver=0ec0bd194e069b461720
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
617bf1c27e03853ae5fa288ae5361889fc49736672164dbfd2007a2dcb8be86b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-197"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
407
blocks-info-box.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		547 B
335 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-info-box.min.css?ver=59f9cfec8cb76e051ebd
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c9cef747eb759ceb172aaaba4857e1f3a31c5894e7448dd79818ef717ec94bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-223"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-list.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
432 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-list.min.css?ver=c25122c3781a3cce2f2d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bea78c373ea76ea89c8ec1a21b6989b051fa55ac737af65b7ee0bae59eac9e30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-44a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-newsletter.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		4 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-newsletter.min.css?ver=a368d4c69bfc3b246091
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9ed96d3023e9f7b4ec4992578c70790583f41d3dbcca81f6e3f6d73a4889ab84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-10af"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-syndicated.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
381 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-syndicated.min.css?ver=00f9c28724565db7d6bc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c86554a8933a7bdf79a3d3ec72511c6091be0487cfef52a044214d68697dcff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-440"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-related-post.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		527 B
262 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-related-post.min.css?ver=0a188ea2358131801982
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
683245d5f3f9976ce066aa5d899f8c533bec2ab49b9a848f1d19825c0b791566
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-20f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-review.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-review.min.css?ver=d55d56f644fdf8e003fc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
badbcf045249cc5d9eab597c09eac8e1e4cac6d32f71d0b73213411bec24040e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-422"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-comments.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		623 B
357 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-comments.min.css?ver=b31677c57ff0449031c7
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
451ce2bcc056a9985c7d83a91689076e08450f9f5375b3f35ee6a6ff454eb6a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-26f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-promo.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		2 KB
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-promo.min.css?ver=6d3780c6e29cae6a391d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1d5efa1877ba09128cd3c07a1c9e9e0b2f7579817311cfd00b01a835d32634a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-734"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
widget.subscribe.css
nypost.com/wp-content/plugins/sailthru-wordpress-plugin/css/ 		2 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/sailthru-wordpress-plugin/css/widget.subscribe.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-9a1"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
social-logos.min.css
nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/social-logos/social-logos.min.css?ver=11.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 18:11:24 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515c1cc-2f4a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
pb.js
pbcs.nypost.com/p/nyp/nyp/ 		813 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:1800:13:af59:7380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68d915d90152855140b5fda03f779e6d2795a8913b86ae33e9eb54d3e8869057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:56 GMT
Content-Encoding
br
Via
1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS54-C1
Age
1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-server-side-encryption
AES256
Last-Modified
Mon, 11 Sep 2023 19:00:31 GMT
Server
AmazonS3
ETag
W/"fd707563d0a395e4d957dd954cf270ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
H4LDwCxGuJhVHsHGzWqaLw4LjN9SHtnBYQFMBvUKOsj-6u4-p7Idjg==
tag
btloader.com/
Redirect Chain
  • https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
  • https://btloader.com/tag?h=nypost-com&upapi=true
15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=nypost-com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37abef88a91af49d4c28175753243e01c7c6bc5366e643432a21615799c7f8a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 21:43:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2458
etag
W/"470f7a2b4333144b03968040209f494e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqlCgta7qm0vtH5bJEdFUfnvaHEQPhZG39qBDqOVSaO%2FBStV5wOp0Qaity1mOGz%2BINRoQAYhW165PnDkfdiAzAeFhb0XI7AGKNXJ%2BN6AVMzl5%2B15nmtHzITUdtmjsQYwq0dzOjslD3tS0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
80df66419e7b30e8-FRA

Redirect headers

date
Thu, 28 Sep 2023 22:24:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e55BC7kSJ9C3ySt2mxnje23m7e92vx2FBdgGsaPbKsnFWdFJPJwwy3xekMK%2BT925%2BI69XtiRchi7h%2FKGcvT24XRB%2Bq4mZmKhqeKEWyw1F%2FZjUKqsqzyAydpZhOi3dkN3hlwPnjRyRLgcqSG%2FpHt47F6vzinmdZ4mmWD5"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=nypost-com&upapi=true
cache-control
max-age=3600
cf-ray
80df6640feff9bbc-FRA
expires
Thu, 28 Sep 2023 23:24:56 GMT
vendor-dompurify.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/vendor-dompurify.bundle.js?ver=7a769f1ea2277539e74a
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
affe42e5878cb6a6d888d239d3a3f211f395539eba2813a8bba74593dcc50107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-5060"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
global-assets.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/global-assets.bundle.js?ver=81bc11587b260908492e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e948eb7fd66f63fa94dee8b077495ba1c4053573182d8aebf90aa1db18d95245
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d142-1387"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
header-footer.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/header-footer.bundle.js?ver=51319387dd635cf2f21d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
819dcb4ae19b3c27e3374d9fa37ed58caaaaf3b897a9d80bf4046f3765da89f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d142-30f2"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
analytics.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/analytics.bundle.js?ver=cb61dde09f034628b230
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
32ad2ce0b3c149e8e9e90671f4dda953c5cb04a744e4bb83c35e3e8c10fc3173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-c73"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
zephr.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/zephr.bundle.js?ver=41473408724f45207d69
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
411c8ac2a8c4eb17f5f1d0d9419a21235a8dbb20b4fcd49d8dde46ed9178298d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-1f34"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-article-like.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-article-like.bundle.js?ver=498d9e2ff075ccc05dcf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
557dd5d6af85b5639c20b92b58670a12f90b7d07a6f1277464fd05502e8b419b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-46df"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-article-like-scripts.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-article-like-scripts.bundle.js?ver=554505b6ae8a5c99f28f
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
83c3b0cd425750525a180e93326fcd9d74f41597088f5957fe1d96d93ceb5f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-1174"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
23 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-interior-with-sidebar.bundle.js?ver=f1da12d770724a568e79
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
membership-shared.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
23 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/membership-shared.bundle.js?ver=24f7074e7dc2f3dceae9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
membership-nypost.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
23 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/membership-nypost.bundle.js?ver=e4d437a63cbbf5dddaac
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
regenerator-runtime.min.js
nypost.com/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bc-194b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
wp-polyfill.min.js
nypost.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bc-4ac6"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
hooks.min.js
nypost.com/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bc-132e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
i18n.min.js
nypost.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bc-27ee"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
config
platform.datazoom.io/beacon/v1/ 		62 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.datazoom.io/beacon/v1/config?configuration_id=d6ee0345-1775-424f-9589-5be490675ddc&ver=d75dbe9a6989bac4d2f0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.205.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-205-218.compute-1.amazonaws.com
Software
/
Resource Hash
7e6d8425e323a908a2c90d047c45e0bc2073f86d2508c04908af805adbb34486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-length
63432
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
jwdatazoom.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwdatazoom.bundle.min.js?ver=d75dbe9a6989bac4d2f0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d62735077645cd3c421d34a4b49456bb9f1d0dbc3223e3a1f4f77428a65c6a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-16e9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
sp_Sx8YukwE
launcher-sa.spot.im/spot/ 		192 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher-sa.spot.im/spot/sp_Sx8YukwE
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c3bb5e6f3f98afca5fc78c20b91e44813394cc9bebfe0968438fa6c39539251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
wWG2fCf2k.K18YfUmpMHkaKaazTpS4x1
content-encoding
br
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 22:24:57 GMT
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
52348
last-modified
Wed, 27 Sep 2023 12:45:30 GMT
server
AmazonS3
etag
"50a933390761b3fe9716ff1a78ff894f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
kLRa7AY82WuX95EWsY0wKd2M_1eAaL8NEVZIMd6nJ0acmR91yV698A==
button_3_bg-2.png
nypost.com/wp-content/uploads/sites/2/2023/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/02/button_3_bg-2.png?resize=231,45
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
73d3b0665c9ba0323fbadb5cd70a07ec2fdd1a7b2e550709a93c2a51027cfa15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 88 443
last-modified
Fri, 28 Jul 2023 08:02:44 GMT
server
nginx
etag
"ab5384986f0d3c3a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2882
flbuttons.min.js
cdn.flipboard.com/web/buttons/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:800:e:5a70:ca40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 22:49:08 GMT
content-encoding
gzip
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:43:48 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608743508/ctime:1608745368/gid:1000/gname:ubuntu/md5:e9b04ad509ffb00302d9625f75774548/mode:33204/mtime:1608745368/uid:1000/uname:ubuntu
x-amz-cf-pop
FRA60-P1
age
84949
etag
W/"e9b04ad509ffb00302d9625f75774548"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-id
QLIzpazp2j9zxSmKvbxeOiJWTmJkGRkjemRqdM8Q5r-DOk_CApp2dw==
NYPICHPDPICT000045423220.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000045423220.jpg?resize=1024,718&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
02d2367aaf67f102ad767298bbbc9992a4878217f9c6e90bc244e4824184e454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 144 443
last-modified
Wed, 27 Sep 2023 23:03:42 GMT
server
nginx
etag
"b652072a19372275"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17104
vip-powered-dark-small.png
nypost.com/wp-content/mu-plugins/vip-helpers/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/mu-plugins/vip-helpers/images/vip-powered-dark-small.png?ver=20220317
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b0b26fb8e1318f612e7bc978307f18fc79b93bc58e8b7311eed80de7b21e45ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Mon, 25 Sep 2023 17:03:51 GMT
server
nginx
etag
"6511bd77-849"
x-cache
HIT
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2121
nyp-video-player-styles.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/nyp-video-player-styles.min.css?ver=d7522d54601d39a22641
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
876ed8d39144369bb5e9bc3bd83516efcc6fd763970926f6ef46485dc818c6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-5ec"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
jw-player-floatingPlayerDesktop.min.css
nypost.com/wp-content/plugins/nyp-video-player/build/css/ 		134 B
180 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/css/jw-player-floatingPlayerDesktop.min.css?ver=116ab7db761d50067ed8
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
042f7f2584ad7ef059a8a04fe074f4f1ef875d8ba45fd73580e0224106debbc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-86"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
134
index.js
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.js?ver=0a8eecac915890e1bf24
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1e46342c0be92982579a97285a650bb33f8cec310189760e860564b45b42ba1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-3a03"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
app.bundle.min.js
nypost.com/wp-content/plugins/nyp-zephr/build/ 		303 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=bebcff6cd672f78e7d33
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7cc16a477c1a90bfd29f57eb3a725e7f3ad44be936b0d800a9045ec0857f67eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-4bce1"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
main.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		729 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
01b7e314743f8a5c5ce3167eff99cacd2a4cc0719a2333ab9060cde899c26004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d142-b6472"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
blocks-related-video.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		1 KB
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/blocks-related-video.bundle.js?ver=0d4d1b6aabfcc8a940fc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9b5482933146ef854dc6abdb4fe947ff1479d8e79f27d486bb9803bae120dae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-4bd"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
spddoyds.js
cdn.jwplayer.com/libraries/ 		119 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:8a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
cd04ec32b7c2fa3d613ef228661dc83f47eb70e35a1fc73332d9244fcb409b02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:22:04 GMT
content-encoding
gzip
via
1.1 b7258653b42aa6de9758e92b2878c108.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS58-P6
age
171
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
44725
x-amz-cf-id
-Bd53Mm-W8MlinbE9FT6BgaqcNkPwIO52NIcZp_j0I16ny4bZuGSLg==
widgets-zone.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		0
34 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/widgets-zone.bundle.js?ver=c4a2c8a6199c4d89e1e9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
nyp-show-ads.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/ 		28 B
74 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/nyp-show-ads.bundle.js?ver=869dd293421c93317414
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
37619e5369a3825b83c19196aa81cbe8e25a28ffad018fd9667af11c6b4838ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-1c"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28
sharing.min.js
nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/build/sharedaddy/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/build/sharedaddy/sharing.min.js?ver=11.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 18:11:24 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515c1cc-2145"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
e-202339.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202339.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684461103136.7104
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 22 Sep 2024 23:30:25 GMT
conversion.js
www.googleadservices.com/pagead/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18630
x-xss-protection
0
server
cafe
etag
7951265875426957259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 28 Sep 2023 22:24:56 GMT
6c0f8417-b563-477c-8b00-33914cb4600e.json
cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/6c0f8417-b563-477c-8b00-33914cb4600e.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e43dd04a274a58748ea704967748907767444d6a04c9abfe7fc84b1aabec9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21124
content-md5
QO4nX2ubfiE2GmZA8fzEcQ==
content-length
1762
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jul 2023 15:37:25 GMT
server
cloudflare
etag
0x8DB8480390ACDFF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
49a2cfd4-801e-0003-5b69-b6dbe1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df664049354d64-FRA
expires
Fri, 29 Sep 2023 22:24:56 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		75 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
80df6640e9261db3-FRA
vary
Accept-Encoding
content-type
text/javascript
global-assets.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		88 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/global-assets.min.css?ver=1f28878e931ecf110d48
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cd19cc5fc19a2b0bcf831d5455f7ce926bb88535cd47410696935df2865c669f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-160a6"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
header-footer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/header-footer.min.css?ver=68942ac49cc4d0281af6
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aa75fa22ae72c1b4edfbca3f4e9c8f3b57244c5674346e5301af41125b389b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-6190"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-core.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-core.min.css?ver=5d8efb9cbff3dce0c73f
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
13999a8611659365a88f9dd85c252af76e7f72b032ccc0fed703910b796e4776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-4bca"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
zephr.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		659 B
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/zephr.min.css?ver=3449ace190db7537ddda
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-293"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like.min.css?ver=760ad67c04ce3ae5f56e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7a0e8cb59a8b9b723a2e298c769bcea0631bd75c7442e21702deed1d6c2813c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-4767"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like-scripts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like-scripts.min.css?ver=aaf6531c874770c22709
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9dd7f3509b0c04a53f7a60edd65fd4dafd9c5c8723ba3296de33dacb56e21ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-411"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		6 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-interior-with-sidebar.min.css?ver=8292a2721a6f812743bc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e1dd78ad69fc4a0df1f0edb67f6c10bcbf16057588c2b6f7535930e967ef742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-16c2"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-shared.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		209 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-shared.min.css?ver=6b62e74d1e3975a217dc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
60ef4cc14c7ddf4064f13e86655ef0186713e3eb6aeba049195017225d9733df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-3420b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-nypost.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		55 B
109 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-nypost.min.css?ver=9416c23049560a0f89bf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-37"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55
wp-emoji-release.min.js
nypost.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:05 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bd-48b9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=pyz4pvc&ht=tk&f=39500.39501&a=738589&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=bebcff6cd672f78e7d33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/pyz4pvc.css?ver=bebcff6cd672f78e7d33
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
80df66408a763722-FRA
access-control-allow-headers
Content-Type
v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
rebelhen.com/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
16c61195d0b627aa07cf3d5befd83ae2990cf031a836d57769b5b27a2f915928
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 28 Sep 2023 22:24:56 GMT
x-datacenter
gce-europe-west1
etag
"f02e0f463fe85ad04d4af40ac5cdf92864348f045f26a983da9a8997823b070c"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-b8mh
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
998028631
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		291 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
771676df0a22e07f73f7710292ec29b573ac81f5c107ae4d3527071d98343fd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		404 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5662149034f5fd127ca3fac155c369590a333672567f6d75983f58984d0b7d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/384d9b/00000000000000007735bb6a/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/384d9b/00000000000000007735bb6a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=bebcff6cd672f78e7d33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741

Request headers

Referer
https://use.typekit.net/pyz4pvc.css?ver=bebcff6cd672f78e7d33
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
server
nginx
etag
"23427917d6d72688888854d7151dc7962d8d8301"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25828
gtm.js
www.googletagmanager.com/ 		261 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d87337c4d45c00ab69990de4a61a289b9b49cde25c9bc29f00b460fadc1f3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88382
x-xss-protection
0
last-modified
Thu, 28 Sep 2023 21:09:22 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Sep 2023 22:24:56 GMT
widgets-trending-now.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		147 B
228 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-trending-now.min.css?ver=96757172c641c255fb9e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fa34a2e5ec9044ed1dc5bf38ec8144a0dcdf4abf25476015a0c4f3b36fa55d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-93"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
147
widgets-zone.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		150 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-zone.min.css?ver=599db50c91ffec1aaad0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
199e4835af79f304e97b71d6bd8c6e970c7d03c607f8b2cec52cc93ae73b5ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-96"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
150
widgets-now-on.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		313 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-now-on.min.css?ver=4ad4e48c5f61a81ba0da
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-139"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
313
widgets-custom-posts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/ 		68 B
120 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-custom-posts.min.css?ver=46d34fcb7e0fa5cd7fc5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-44"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68
l
use.typekit.net/af/fcc1c9/00000000000000007735bb6c/30/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/fcc1c9/00000000000000007735bb6c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=bebcff6cd672f78e7d33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c8303d94c22f8d08a2bbf554557afbb554161aa594d248b2c77286b1d3c98252

Request headers

Referer
https://use.typekit.net/pyz4pvc.css?ver=bebcff6cd672f78e7d33
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
server
nginx
etag
"4a18a3989731aaa007ed313e06dcae2e9eeac63d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27920
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.39.0/ 		372 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zp/CcrZmK7hQ2S6c/t9Tpw==
age
64946
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
90454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:04 GMT
server
cloudflare
etag
0x8DA87805EB35DE2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
faf13959-101e-016f-0fe1-5a3667000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df66413e335c20-FRA
340.js
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/ 		0
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/340.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.js?ver=0a8eecac915890e1bf24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-142ed"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
slideshow-swiper.js
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/ 		0
734 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/slideshow-swiper.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.js?ver=0a8eecac915890e1bf24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-610"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
NYPICHPDPICT000014341780-2.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000014341780-2.jpg?resize=1024,683&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b0c1754513771739e14afd119d90ffe8a3d4b5148e8425288102bd1833dbcf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 139 443
last-modified
Wed, 27 Sep 2023 23:03:45 GMT
server
nginx
etag
"442919e286035d24"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27678
NYPICHPDPICT000048665198.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000048665198.jpg?resize=1024,683&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
50b50177c1a5dc100fd047f23a6dd0e27fa034ff847c6742e692d916b6a21e03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 142 443
last-modified
Wed, 27 Sep 2023 23:03:45 GMT
server
nginx
etag
"dab62140425b21e4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
39998
newspress-collage-346wu6h7z-1695875793489.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/newspress-collage-346wu6h7z-1695875793489.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e1a1ff9f3534170921c8598ce7927c5839aa0d03108d1096f6f0d9c9d4588dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 140 443
last-modified
Thu, 28 Sep 2023 05:29:49 GMT
server
nginx
etag
"0902f8b9610bdcde"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5342
NYPICHPDPICT000050973210.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000050973210.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2c2ccf88df3bee2fba31007db1f1fc2dc45eea79a231654f197d27e5fa2d6bed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 28 443
last-modified
Thu, 28 Sep 2023 10:32:07 GMT
server
nginx
etag
"5b71da80ade1d05d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6056
GettyImages-1404300867.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/GettyImages-1404300867.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fda8db814549908ee137821eba45365c0c60ba6c2470a475d05354bf3c1335c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 86 443
last-modified
Wed, 27 Sep 2023 22:00:18 GMT
server
nginx
etag
"40747e39d320e519"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5466
NYPICHPDPICT000014618309.jpg
nypost.com/wp-content/uploads/sites/2/2023/07/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/07/NYPICHPDPICT000014618309.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
094e34495daeac2cdad47cf80071d73ddd79df53f398481670149a12a5557f19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 84 443
last-modified
Thu, 28 Sep 2023 14:18:44 GMT
server
nginx
etag
"8ca449bc695dd556"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8000
celebrities-paris-fashion-week-1.jpg
pagesix.com/wp-content/uploads/sites/3/2023/09/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagesix.com/wp-content/uploads/sites/3/2023/09/celebrities-paris-fashion-week-1.jpg?quality=90&strip=all&1695904599&w=1024
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
404b7aeea155776bcbbbcc0d4e845ed8f62f07cfcb1bcc31db324a44f20c20d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 88 443
last-modified
Thu, 28 Sep 2023 16:49:09 GMT
server
nginx
etag
"2a2f721e771eb52b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63430
092823USFLXFLNYP.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/092823USFLXFLNYP.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cb6488ea543938d04ddcf314af7c203a7a5f44d950001d3219d143365a2f3468
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 140 443
last-modified
Thu, 28 Sep 2023 16:49:02 GMT
server
nginx
etag
"98e6fcaf779b175e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9084
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c66fcbd005b49322f31177cd407cb74dbcca28d8dd197efc3aa2e754e724450

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20b7efe8486155db01ea1304479465917360eb8fec4092f7592b5eabc9b24d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		144 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbf903684c94e204498e6645da2359da42517d09a3d9c330f43e9c66fa58b5b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		419 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba0e4777ade6e76d319d95ffe9cf484ea240834e319431ff6b0a2a09bd2e3107

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		607 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa7791fec913342ea73faacc4e2b72f72e264b8d305946ddd559384bf4d124a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
569570d532fa6c2737ee3dccac947e9f02fbb9dde932e4f704d7ba37ca0fc7f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		353 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4808c8e8e2350265366b6e9b590043f18be423649ffdfaaa4a87c4edc2961d5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		342 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
538be4d0f583d206b41eaf40ba202b642d3b7bca07ad734c834ef7ad8d13a700

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
5908.4001815fd88e7dc1e883.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		605 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/5908.4001815fd88e7dc1e883.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8881b6734eaa1ef2330b7ba22a9edf08afe8d4fe3bec5ba8edb3d90eedb888d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-25d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
1706.9cc9f8953b66d584b90f.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/ 		618 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/1706.9cc9f8953b66d584b90f.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0661ebcdc864598ea7c0f4811aa08de5f2feaf045e2b9ec9c2aae351a47a52d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:21 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d141-26a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
clear.gif
cdn.flipboard.com/dev_O/ 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flipboard.com/dev_O/clear.gif?utm_source=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:800:e:5a70:ca40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 06:30:39 GMT
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:41:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608745226/ctime:1608745224/gid:20/gname:staff/md5:ad4b0f606e0f8465bc4c4c170b37e1a3/mode:33188/mtime:1608745180/uid:501/uname:greg
x-amz-cf-pop
FRA60-P1
age
57258
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
rjmTBMv3w0JymUwMRqePqgPWnfWvqRWxqlzqAHY8p1zc-gZelsq7jQ==
decision-engine
zephr-v4.nypost.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-59.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://nypost.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Sep 2023 22:24:56 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-id
PiqQ8bPqPwi5yzw3HwPeb7iYBcVGm5Y5KCnCIeJyKptkQD2mLS5kWQ==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
decision-engine
zephr-v4.nypost.com/zephr/ 		266 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-59.fra56.r.cloudfront.net
Software
/
Resource Hash
9fa030bd8c5330c2e8e981e3449f052b5bdf950bf9bd955d93e0c02518805ca8

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
266
x-amz-cf-id
9f2vH_cpMR8LdaRx-hijYJgeQkcYuKTz-sJNm43wvw0ySyynu9LQRg==
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-blaize-request
ffffffff97c26950
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&hl=en
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e38eb3d2b538a6720761004893b118f40723de23a3c57df68b50d5037c50c8f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 28 Sep 2023 22:24:56 GMT
en.json
cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/79893a67-1b64-44b5-9e00-2b4149a2aeb0/ 		783 KB
107 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/79893a67-1b64-44b5-9e00-2b4149a2aeb0/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07c21d52204f6df0f2295eac770281a8f9c0eeb50f00a45dec9e35c9cabd6df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28042
content-md5
ERx2gPTlbz6qwAWru43S4g==
content-length
109422
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jul 2023 15:37:56 GMT
server
cloudflare
etag
0x8DB84804B90CD8C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
535e87ef-001e-00b3-2769-b62261000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df6642db354d64-FRA
expires
Fri, 29 Sep 2023 22:24:56 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		387 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b516c88139845d962dc7d766587ad4062bc40c0f84b8aab837c0f799aa43a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
plRtsp39Lx3qjlw9DgkrPw==
age
57918
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
56413
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 01:10:55 GMT
server
cloudflare
etag
0x8DBBFBFC420810B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
df8de704-301e-000b-02c7-f1c2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df6642db374d64-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.39.0/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7+d5z1W8EcmBqv81Q4Kzhw==
age
63068
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15011
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:02 GMT
server
cloudflare
etag
0x8DA87805DD135D9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d39cd3e4-301e-0178-45e1-5af604000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df6642df7c5c20-FRA
prebidrtdclient.js
warp.media.net/js/tags/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/js/tags/prebidrtdclient.js?cid=8CU3I8M1G&dn=nypost.com
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a958f4668ae3475e82efb5cd8ec12e6455ed7e78245f7001fa5b79d3a5c93fc2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 28 Sep 2023 22:24:56 GMT
server
Apache
etag
13220481328004461032
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
content-length
37848
expires
Thu, 28 Sep 2023 22:54:56 GMT
jwadvertise.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwadvertise.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bbf6000ae861eaaa745128dfb1d54a771fcb19d77ab2e07f8d089051c06cdcd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-11a6"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
streamingtag_plugin_jwplayer.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/plugins/streamingtag_plugin_jwplayer.js
  • https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
210 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Server
18.65.39.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-28.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96281150fc4b153640ffd15f9ce9a133ee631aecb0f955cd67974e72af74ae64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:15:06 GMT
content-encoding
gzip
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
last-modified
Thu, 24 Feb 2022 15:25:16 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
592
x-amz-server-side-encryption
AES256
etag
W/"45e1b1186d270bf042fe7ed57882f85b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7PLzYQ55nwg7tiAnDEBT9KwhQKpTmYW5InuWc7mxd4999jDiv2-wkw==

Redirect headers

date
Thu, 28 Sep 2023 22:24:56 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
location
/internal-c2/default/streamingtag_plugin_jwplayer.js
content-length
0
x-amz-cf-id
99ktBwtOlmAD2-1Lo6eZWbXhEHle2oG3rvNp7ou1f8KBJ0crFSN65A==
jwcomscore.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwcomscore.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6dcd7a25009c28fde817678bf4854e8bca5562347340f717af0d950c9c95fc83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-b99"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
us.wtat.plugin-jw_ima.min.js
cdn.watchingthat.net/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.watchingthat.net/us.wtat.plugin-jw_ima.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
8aabf0113f8006f81da8b7164efce760ae81669f8c606f060cc2b375cc46728d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
x-amz-version-id
dNP2mGuwM2pOtpSnfnOgPTZ8IN7pssB9
last-modified
Sat, 03 Sep 2022 08:50:12 GMT
server
AmazonS3
x-amz-request-id
J3CXYPDDZ2TYVB0B
etag
"4070350269c67de441aae97b6abc6c83"
x-hw
1695939896.cds322.fr8.hn,1695939896.cds259.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=185
accept-ranges
bytes
content-length
6410
x-amz-id-2
w87hx4slyyk161b5iivvujbCxUeCaYRQsHGcIJjjBTNs1yxkrFBSrR3V1QNBvp4tcNpPWhWTfzE=
jwcustomizations.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		352 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwcustomizations.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3c735c4ebe1bb83751e8325342cba1b6b6044ac98ec1d9e14b63eac5603ec184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-160"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
352
jwfloatingplayerdesktop.bundle.min.js
nypost.com/wp-content/plugins/nyp-video-player/build/ 		1 KB
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/jwfloatingplayerdesktop.bundle.min.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a3fdce8587c21fb3df135dc7761dd203b6883685d4f791045a673d7f1f59db47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-535"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
googima.js
ssl.p.jwpcdn.com/player/v/8.28.1/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6e05f5bd6f9da2d90030b22960571faf14590890c05e3d932604d3ce53e54ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
via
1.1 varnish
age
22847
x-cache
HIT
content-length
22014
x-served-by
cache-fra-eddf8230048-FRA
last-modified
Thu, 31 Aug 2023 21:28:41 GMT
server
AmazonS3
x-timer
S1695939897.932148,VS0,VE0
etag
"42b3c20cb65670ec5907c539ef5a0739"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
3025
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.28.1/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cce768cee839e01c304a426f0dbce4298f6024d856d1abe69efe450ac35863b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
via
1.1 varnish
age
632
x-cache
HIT
content-length
19606
x-served-by
cache-fra-eddf8230048-FRA
last-modified
Thu, 31 Aug 2023 21:28:42 GMT
server
AmazonS3
x-timer
S1695939897.932536,VS0,VE0
etag
"3ce929563cdc089513e92ce60145673b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
199
gapro.js
ssl.p.jwpcdn.com/player/v/8.28.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.1/gapro.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4b924a35823385fe5d1fbf922aa99d0e37d3aa5b08c30ed3517516e3515c6be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
via
1.1 varnish
age
759573
x-cache
HIT
content-length
1655
x-served-by
cache-fra-eddf8230048-FRA
last-modified
Thu, 31 Aug 2023 21:28:39 GMT
server
AmazonS3
x-timer
S1695939897.932380,VS0,VE0
etag
"13ccc48bd1c0243599a5885433bb0ad8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
10059
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.28.1/ 		317 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45bba1c625ca7128376311c5490b2d4a283dd787eec1c011be838141bfbb42ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
via
1.1 varnish
age
2096449
x-cache
HIT
content-length
85266
x-served-by
cache-fra-eddf8230048-FRA
last-modified
Thu, 31 Aug 2023 21:28:35 GMT
server
AmazonS3
x-timer
S1695939897.932363,VS0,VE0
etag
"a69921d2a260f2b763c6f4866ab08ff5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
34175
jw-player-skin.min.css
nypost.com/wp-content/plugins/nyp-video-player/build/css/ 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nypost.com/wp-content/plugins/nyp-video-player/build/css/jw-player-skin.min.css?ad9fc065dbc69fad5901
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d607757f51eb50a5a0f61a788dc2bc11b03c4ce84232f0e60e01458018b7c65d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-516"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.28.1/ 		413 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fac5e74d89a9f7ebaada1c783e47de50657803bf20ced45bea0336b9a0dda254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
gzip
via
1.1 varnish
age
2096450
x-cache
HIT
content-length
126154
x-served-by
cache-fra-eddf8230048-FRA
last-modified
Thu, 31 Aug 2023 21:28:38 GMT
server
AmazonS3
x-timer
S1695939897.932357,VS0,VE0
etag
"750b19146211c426d9bdd9dcf4d93787"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
30386
nid_sp.js
nid.nypost.com/prod/sp/ 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nid.nypost.com/prod/sp/nid_sp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.206.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.206.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f34c8e47b276629a716cea9d7e2555f948db14bd4d250c5b0af3b1092697a65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:13:35 GMT
via
1.1 google
content-encoding
br
age
681
x-guploader-uploadid
ADPycdtuI_iu_3rpOLwkC9NIuIjLljwpXt3jsR28cnO1giPS_-loHz1HbPVn7Zo1JOegk-VKPcggxzu8XB7ShsMLK_YTtA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23363
last-modified
Wed, 16 Aug 2023 07:10:34 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1692169834387192
x-goog-hash
crc32c=jx66WA==, md5=RzA+xGu4wsrxwc6aPvPtUw==
content-type
text/javascript
cache-control
max-age=2592000
x-goog-stored-content-length
74303
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		253 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dccb7ec234ca213511fa14bf7dc135ff1a105166bf202f3af41b549fb289c177
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89002
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Sep 2023 22:24:56 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/?random=1695939896929&cv=9&fst=1695939896929&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tiba=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&hn=www.googleadservices.com&us_privacy=1---&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e726299bfb821173ffa3ab4573c0c51bee9736e4636d0024797ecb3c85dd19f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1492
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_862490
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 02:16:03 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
22190934
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
SfHDce9RhVIhikLwl49BT4TsufknKzjEXe33XMpCPdtMmi12PHk0TQ==
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:24:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1448847
x-guploader-uploadid
ADPycdvoAKZcVYy5cu--d5Ie_gYPFlSzNJileWVO2kmxPAwROpZh4Fs17-VKE0vULL0UmTLXqr0kN90JfJJWI_t0CAlhpQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Gou655U67QZragwGz%2FwALmwdAL%2F6qzSyp2m2jeL3zYvYr8OI9M163yWuoT%2F179q%2Fj%2FeRmhUlKMXy49q26sMsHPy7pNbcfEETymri%2FeJ2I%2FdKahT8W%2FsAFf1BIsWCUyDjc9Lw9Dbbft1OKgx7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80df664438918fef-FRA
expires
Tue, 12 Sep 2023 04:18:21 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 09:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 09:03:46 GMT
px.gif
ad-delivery.net/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.33760342837275203
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1448847
x-guploader-uploadid
ADPycdvoAKZcVYy5cu--d5Ie_gYPFlSzNJileWVO2kmxPAwROpZh4Fs17-VKE0vULL0UmTLXqr0kN90JfJJWI_t0CAlhpQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsN0xq2MRFVJiSTW4gIpxMhInZx22lkTLW%2BdF54kiTBmsmmvr6XIfeKgMxLXIhVe%2BBjLJAJPgKFuNAK7phAgVARurovtE53nMKIUUULCrRdhOKfCNFnbUQrfosiTtAG0gtbUIquOo3lGAB%2BUUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80df664438948fef-FRA
expires
Tue, 12 Sep 2023 04:18:21 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ 		458 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 15:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187176
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 15:48:05 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=163456144&post=28893684&tz=-4&srv=nypost.com&hp=vip&host=nypost.com&ref=&fcp=200&rand=0.16129847784695683
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:24:56 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
config
platform.datazoom.io/beacon/v2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://platform.datazoom.io/beacon/v2/config?configuration_id=d6ee0345-1775-424f-9589-5be490675ddc
Requested by
Host: platform.datazoom.io
URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=d6ee0345-1775-424f-9589-5be490675ddc&ver=d75dbe9a6989bac4d2f0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.205.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-205-218.compute-1.amazonaws.com
Software
/
Resource Hash
62a37e43f875eaacd71dd29e7745644f6ddd6470c63334bb624ec89241bc2b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:24:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-8.ams58.r.cloudfront.net
Software
fasthttp /
Resource Hash
fe91307eea221c8ee07aebdbbfa588e1ad6e5a9b502cc9aa7438727676aa044a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
via
1.1 c3919dfed58c39e6da91faec1344110c.cloudfront.net (CloudFront)
x-spotim-device-uuid
eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
AMS58-P3
x-cache
Miss from cloudfront
content-length
36
x-guid
eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
FfDmpx6EyGxGwqymlNGEbJYhq10K01Dh39cZ97q7ZygYRKfuDAa2qg==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-114.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 03:25:19 GMT
via
1.1 1b575b46b9e4dd6b829accb4ea728b00.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
68379
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
UzdN76lAyOoIKt9PRsxKCOLDIkkrIfIu4DsnEWjcrkdpmv2IUPlzOQ==
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
58754
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
76a6d10c-f01e-00ad-3fe1-5af88c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df6644dc9d4d64-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 		63 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc5068304cfb22bbddb5a9800f7c59d843824381ad7183f89291ae41a6d09b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PpYet/3D+UMQBHrd1SR49w==
age
27996
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13981
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:58 GMT
server
cloudflare
etag
0x8DA87805B3CBC97
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
87409a01-001e-0134-04e1-5a311b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df6644dc9e4d64-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
58300
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
cbf70938-501e-00a0-0fb6-a51780000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80df6644dca04d64-FRA
wExvYnLyEeyygEIIgluVXw.json
entitlements.jwplayer.com/ 		69 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/wExvYnLyEeyygEIIgluVXw.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/670D) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 19:41:20 GMT
server
ECAcc (frb/670D)
age
9817
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=11760
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125650
x-xss-protection
0
expires
Thu, 28 Sep 2023 22:24:57 GMT
/
www.google.com/pagead/1p-user-list/988380111/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/988380111/?random=1695939896929&cv=9&fst=1695938400000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tiba=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&fmt=3&is_vtc=1&random=3472419641&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/988380111/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/988380111/?random=1695939896929&cv=9&fst=1695938400000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tiba=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&fmt=3&is_vtc=1&random=3472419641&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=LTnzMOb0&w=5766767856058368&o=5747039208996864&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&sid=R7YGl6Ci&upapi=true
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:24:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
anchor
www.google.com/recaptcha/api2/ Frame 48FB 		52 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=xb94vstittz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ec1c3e94da29461af12dd590e39720b1c2f41d3ace2737de17336c083b3f8329
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kbSqQFY6aLRAqIeVmpJ1jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kbSqQFY6aLRAqIeVmpJ1jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 22:24:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
i
sac.nypost.com/ 		43 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sac.nypost.com/i?stm=1695939897252&e=pv&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&page=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&eid=4530480c-b85d-4117-862f-13978661e928&tv=js-3.8.0&tna=_nyp_nid&aid=ncg-nyp&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Europe%2FBerlin&dtm=1695939897250&vp=1600x1200&ds=1600x6527&vid=1&sid=946a4374-9252-4812-ab74-16cef3353cf2&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI3MDU1MjhkYy1hNjk2LTQ3ZDMtYmUyNC1hNjZiMjlkMzY1NjcifX1dfQ
Requested by
Host: nid.nypost.com
URL: https://nid.nypost.com/prod/sp/nid_sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.220.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.220.110.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://nypost.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
blank.png
cdn.cookielaw.org/logos/8930e991-baac-4a05-89f0-fc400879fa8a/0489e0b3-45b9-44ef-bd10-68aee62b4a0e/2788269b-b46f-4e9a-afe9-1775559bbd27/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/8930e991-baac-4a05-89f0-fc400879fa8a/0489e0b3-45b9-44ef-bd10-68aee62b4a0e/2788269b-b46f-4e9a-afe9-1775559bbd27/blank.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3229d1b3a2ceaf5cd78e728fef972048e012430d2bd31b69eddbb48d70b66dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SmtsaftXMon5dlVJkRpF/g==
age
56612
content-length
2031
x-ms-lease-status
unlocked
last-modified
Fri, 07 Jan 2022 20:35:06 GMT
server
cloudflare
etag
0x8D9D21D30D60623
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
0192f357-701e-009e-47e1-5aa1a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df6646ba7d5c20-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 22:24:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
13875
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:11:24 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7e4c15bb-601e-0080-1336-f2c685000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80df6646ba7f5c20-FRA
events
direct-events-collector.spot.im/api/v2/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-91.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:24:57 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
MLH2afX_p5i6GbJjNLtTejDQy4fPk8wWOLtNo6npC-80Ya2C8T4iCw==
x-cache
Miss from cloudfront
no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/ 		141 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/no_post
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-8.ams58.r.cloudfront.net
Software
fasthttp /
Resource Hash
370ce95fb3cade298648c5e8e4b4a75fa359043f85462cf951114103072d887c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
x-spotim-device-uuid
eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd
x-spotim-page-view-id
076336dd-7b41-4597-a48f-77072791f1dc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
via
1.1 644a5a573cbbd5ac03f5c40fa8642914.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
AMS58-P3
x-cache
Miss from cloudfront
content-length
141
x-request-id
db11e66a-5e4d-11ee-ae12-7a90d430b029
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
Og9ZsaBaqNuYvyXBRIrnk8DU0-yF-avpU8aF0-_0qcCf_A_ngYkUrw==
no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/no_post
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-8.ams58.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 28 Sep 2023 22:24:57 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 644a5a573cbbd5ac03f5c40fa8642914.cloudfront.net (CloudFront)
x-amz-cf-id
NkoW3_dqm-6dzydZQvai7P6oXBIZCMzzluSosIDZ0-A6qVpW8-OU-Q==
x-amz-cf-pop
AMS58-P3
x-cache
Miss from cloudfront
styles__ltr.css
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame 48FB 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=xb94vstittz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 15:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 15:50:57 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame 48FB 		458 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=xb94vstittz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 15:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187176
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 15:48:05 GMT
getEpochMillis
broker.datazoom.io/broker/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://broker.datazoom.io/broker/v1/getEpochMillis
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.218.131.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-131-204.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
cache-control
access-control-allow-methods
POST,OPTIONS,HEAD,GET
access-control-allow-origin
*
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 28 Sep 2023 22:24:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
getEpochMillis
broker.datazoom.io/broker/v1/ 		30 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://broker.datazoom.io/broker/v1/getEpochMillis
Requested by
Host: platform.datazoom.io
URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=d6ee0345-1775-424f-9589-5be490675ddc&ver=d75dbe9a6989bac4d2f0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.218.131.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-131-204.compute-1.amazonaws.com
Software
/
Resource Hash
25151eb49bfba2a97876839edf771241ed4328d6bb413b6b0dcbb2dfecd3bb90

Request headers

cache-control
no-cache
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:24:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 48FB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 06:02:48 GMT
x-content-type-options
nosniff
age
490929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 30 Sep 2023 06:02:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 48FB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=xb94vstittz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 06:47:09 GMT
x-content-type-options
nosniff
age
488268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 48FB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=xb94vstittz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 17:41:40 GMT
x-content-type-options
nosniff
age
189797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 17:41:40 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 48FB 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=xb94vstittz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bd3fcac620ef1b86850c77ac1fc5fcc02fe744cc5ac5f999421cf03f4127a75
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=xb94vstittz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 28 Sep 2023 22:24:57 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DZ7LHF5PZ&gtm=45je39r0&_p=49457317&cid=267935833.1695939898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695939897&sct=1&seg=0&dl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&dt=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.tags=hunter%20biden%2Cjustice%20department%2Crepublicans%2Cus%20house%20of%20representatives%2Cwhistleblowers&ep.byline=Caitlin%20Doornbos&ep.page_type=article&ep.display_template=standard&ep.title=DOJ%20delayed%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27%3A%20whistleblower%20docs&ep.short_title=DOJ%20delayed%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27%3A%20whistleblower%20docs&ep.original_title=DOJ%20delayed%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27%3A%20whistleblower%20docs&ep.publish_date=2023-09-27&ep.publish_time=18%3A%2057&epn.post_id=28893684&ep.section=news&ep.primary_tag=hunter%20biden&ep.outbrain_widgets=Outbrain%20Guarantee&epn.word_count=514&ep.has_comments=no&ep.has_brightcove_player=no&ep.has_sendtonews_player=no&ep.redesign_viewer=true&ep.photo_display_type=In-line
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads-independent.css
static-cdn.spot.im/production/ads/tags/v22.4.0/ads-independent/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads-independent/ads-independent.css
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ede54aed8f87fb9a902f235291ee5d4c05a6174c882318d5d0d4accb19c61f1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
uWJ7ardDLCKSTNqDj1OaFR4j6qh8nKmp
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 06:59:39 GMT
last-modified
Fri, 25 Aug 2023 08:28:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
55520
x-amz-server-side-encryption
AES256
etag
W/"6f5ec27cf4246fe0d4fbb9ae356b7b78"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
oSZ63HQyy7fRX-b1BctYYbe7YPL0qTes-h09ieVtW_fnc5QjpUVYew==
ads-independent.js
static-cdn.spot.im/production/ads/tags/v22.4.0/ads-independent/ 		213 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads-independent/ads-independent.js
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f7878bce0e8aafd5ee13b5e7c9dbc892b8452be39621976f0b8a9004fa6667e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
rXZJ8L6C_titnYIGYeqKI6yRS2DDqZv_
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 03:29:03 GMT
last-modified
Fri, 25 Aug 2023 08:28:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
68155
x-amz-server-side-encryption
AES256
etag
W/"1fb09993e5a090612d0cf0ce952589e8"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
D1UMiLJ8jYaOx7LNeME1h7Niiq9Ej3lJzQFeiABGkCyYK2hAsULINQ==
1bb568c37cf66f68f94b1dbd1db6226afc695d686d9
rebelhen.com/u/a627f775e/ 		288 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rebelhen.com/u/a627f775e/1bb568c37cf66f68f94b1dbd1db6226afc695d686d9
Requested by
Host: rebelhen.com
URL: https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0cf27d2a9369374840a31464cb543e98378fabed3f97d2d4dcc6b2e600b480c4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 28 Sep 2023 22:24:57 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-europe-west1-b8mh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 28 Sep 2023 22:24:56 GMT
92806d5a4a58e3102ea1dcd7e883d238c835060528bb8a1ff7b9
rebelhen.com/ 		3 KB
942 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rebelhen.com/92806d5a4a58e3102ea1dcd7e883d238c835060528bb8a1ff7b9
Requested by
Host: rebelhen.com
URL: https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a18a2e314eb89924b1871c684a4ab96815ec3e9ec4a858b07b8227b5779544b5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Thu, 28 Sep 2023 22:24:57 GMT
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
916
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-europe-west1-b8mh
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-8.ams58.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 28 Sep 2023 22:24:57 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 644a5a573cbbd5ac03f5c40fa8642914.cloudfront.net (CloudFront)
x-amz-cf-id
khDO42t8Xsr6riN86dHdOJviqS3UNNGhLMEEyIr36GBegCDNcPJKow==
x-amz-cf-pop
AMS58-P3
x-cache
Miss from cloudfront
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/ 		28 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads-independent/ads-independent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-8.ams58.r.cloudfront.net
Software
fasthttp /
Resource Hash
75dbdae146761f03ea3bc68ee23079280ff2564778dd8a93d43c88c27fb710f9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-guid
eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd
x-post-id
no_post
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
076336dd-7b41-4597-a48f-77072791f1dc
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
x-access-token
null

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
content-encoding
gzip
via
1.1 c3919dfed58c39e6da91faec1344110c.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
AMS58-P3
x-cache
Miss from cloudfront
x-request-id
db47c3f6-5e4d-11ee-a32c-7ac4af7fe311
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
7H0B-iqSphKH2gk5IUk0JpyFxulCV0kzqPv8X1zMF8K26g8rOhLuTA==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AB21 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads-independent/ads-independent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75804
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 28 Sep 2023 22:24:58 GMT
expires
Fri, 29 Sep 2023 19:28:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=2098319400227191563
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=2098319400227191563
Protocol
HTTP/1.1
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:57 GMT
Server
Adtelligent
Etag
04fc765a11283558
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
an-x-request-uuid
b7a67c7f-8d67-40e7-94a4-25b4b80f0d33
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=2098319400227191563
x-proxy-origin
178.162.209.141; 178.162.209.141; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/ 		0
0
sync
ups.analytics.yahoo.com/ups/58196/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.75
content-length
360
content-language
en
partner
sync.search.spotxchange.com/ 		0
0
710530.gif
di.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 376E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads-independent/ads-independent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c67b2c5a246898ee41fbb13a7aa993bd4f1f446248e10afdc609a3d2462ceacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:07:50 GMT
x-amz-version-id
MT6ZEnD98Ib1PnGaCRhMhAAdaPK33tDZ
content-encoding
br
last-modified
Thu, 14 Sep 2023 09:38:00 GMT
server
AmazonS3
via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"30a1d10e64cddb8e92a6c2a24a8de6a6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
1029
x-amz-cf-id
FbY9j6BlTlIT4t2b9T4d3vt1upWHKCYlKbxKHvwJrTlALijk5jfY-Q==
hb_270443_10247.js
player.spotim.market/prebidlink/471094/ Frame 376E 		918 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/471094/hb_270443_10247.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
555cd03ff6898614166494825516fbaf15aadfb16f88611778b580257d120a24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 22:24:58 GMT
date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 12:20:51 GMT
server
nginx
etag
W/"65156fa3-396"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 376E 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3de512e65eca27243b7b560005d5dfa55328125106f0013eea24cd411003fe69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29490
x-xss-protection
0
server
cafe
etag
805 / 19628 / m202309210101 / config-hash: 6693637385863441016
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 28 Sep 2023 22:24:58 GMT
wrapper_hb_270443_10247.js
player.spotim.market/prebidlink/471094/ Frame 376E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/471094/wrapper_hb_270443_10247.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5e9379b04c04ded23ded2a88c24082f40dfc6aefb18f4cf021695e3d66b44f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 22:24:58 GMT
date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 12:20:51 GMT
server
nginx
etag
W/"65156fa3-863"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-114.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 06:41:24 GMT
via
1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
56615
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
j3HCzpg6NFnQF23_d5qdEOnsDNNJ76r7LqBElTAwn_4Zk-ZvjBFVQQ==
PugMaster
image6.pubmatic.com/AdServer/ Frame AB21 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80139878&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f3e0ecbf2ffcd68e029ca07d1e31d94c6f8839de278fe825e4f483c1b9eeae77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 28 Sep 2023 22:24:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
player.js
player.aniview.com/script/6.1/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads-independent/ads-independent.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:794::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c46f47251a8cedcc92264f0ba3ab8eb34f512b76d477e402cbe79a4472b06ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsekPW3g9Z9jClm8bZvBlteRY_W9T6aPVr5zAIqXk2pOE66_PasaDVUxEwjH-K-y-2Xv-M5dAWuXX3DSBFGVwbpZHI4lAdb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13568
last-modified
Tue, 26 Sep 2023 11:41:22 GMT
server
UploadServer
etag
"7b0373cff2baf92a25e88f8fc9dd2cef"
vary
Accept-Encoding
x-goog-generation
1695728482251882
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=wq7hdQ==, md5=ewNzz/K6+Sol6I+Pyd0s7w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13568
accept-ranges
bytes
expires
Thu, 28 Sep 2023 22:34:58 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=634e65320022fb473b34ce15&e=playerLoaded&cb=1695939898172&r=https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.145.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-145-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hbp_master_270443_10247.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 376E 		469 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/471094/hb_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
70cb36e1705100380461ae92749d1b7838286c8fd15d2773d2232695c4b5d070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 22:24:58 GMT
date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-754af"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbw_master_270443_10247.js
player.spotim.market/prebidlink/gXYYL/ Frame 376E 		264 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/gXYYL/hbw_master_270443_10247.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/471094/wrapper_hb_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
7c945c76f61bf69cee97b683207ad92cb4c83136b3a6c074307258826ce88e81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 22:24:58 GMT
date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 12:20:51 GMT
server
nginx
etag
W/"65156fa3-421ad"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 376E 		383 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a299896d755c28f0b7313d5a96517a8e8b9d8c5408971bb0784a2d8c8aa69a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:07:50 GMT
x-amz-version-id
_vUH0OmG9dlr_2wb7J2zdOcJG3pIILII
content-encoding
br
last-modified
Thu, 28 Sep 2023 21:32:54 GMT
server
AmazonS3
via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"99468ef666ab7ea45bcca172fe2ceaf9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1029
x-amz-cf-id
6mC-Ie6hPCUgMOWHcmY0PvII--Xe6BPSEhudJfsqatj11XRfd9N_eQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ Frame 376E 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 20:22:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
7320
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132106
x-xss-protection
0
server
cafe
etag
17184539905708832606
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 27 Sep 2024 20:22:58 GMT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 376E 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b23823d19aa819243da10b86c35354aad004d08b0d47e5f9484e1143dbacbf60

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 30 Sep 2023 22:24:58 GMT
date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Tue, 26 Sep 2023 12:01:12 GMT
server
nginx
etag
W/"6512c808-84e"
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=172800
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 376E 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/gXYYL/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:03:39 GMT
content-encoding
gzip
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
last-modified
Thu, 21 Sep 2023 19:18:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1280
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
dlEedjGod8Xq1xRAS1VJruamCVkvcREZit4wtN-lw1IhzG4My8B0uQ==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 376E 		383 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/gXYYL/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4218b75101bc538fd7f8f71f58b381fde82f2322a3f2323a40a0107e4165352e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:07:50 GMT
x-amz-version-id
JQNNjtVX7iwo.Gvuq7evFOUX3Vr1k6Fi
content-encoding
br
last-modified
Thu, 28 Sep 2023 21:32:25 GMT
server
AmazonS3
via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"f53570c616b0cbded4209b36d9bc0251"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1029
x-amz-cf-id
UBQswU_vcuDoeEhgn2-Hr_KWnN-A6OF0Ikn4_D7xH0KAA_P9G9PpWQ==
/
ghb.spotim.market/geo/ Frame 376E 		135 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/gXYYL/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c7550fa72c33dd4da5056c9d639cf40b7d67ae36199e0f62bfda556c7c8b28c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:57 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
135
tracking
ghb.spotim.market/adunit/ Frame 376E 		43 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=10247&pbjsv=v7.37.4&full_page_url=https%3A%2F%2Fnypost.com&adid=3qtsij.n2&features=82144&vpbv=N175&tte=246&lifecycle_tte=268
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/gXYYL/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:57 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.nodserving.com/prebidlink/19628/ Frame EA6F 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.nodserving.com/prebidlink/19628/j.html?i=11600
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
etag
W/"620bee41-43d"
expires
Sat, 30 Sep 2023 22:24:58 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
AVmanager.js
player.aniview.com/script/6.1/ Frame 48F6 		435 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:794::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5d6f2cecf904b1b45caa6561439a7f26cd547a36c611227f71b18b1b37139585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt53lP7HUtqW5yNxFiVomkVBDxl-LCElBNcaJU96gjIHB2NESJ7DlZbo5876XFf_hp3AxfhGHd8F9ZieN8m2_yYBMMeomrB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
127792
last-modified
Tue, 26 Sep 2023 11:41:22 GMT
server
UploadServer
etag
"60466a992d9c38260ef197ba853db7dd"
vary
Accept-Encoding
x-goog-generation
1695728482137645
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=ikOrMQ==, md5=YEZqmS2cOCYO8Ze6hT233Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
127792
accept-ranges
bytes
expires
Thu, 28 Sep 2023 22:34:58 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 45C8 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 22:24:58 GMT
expires
Thu, 28 Sep 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
229761
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5E98
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FA8D2C7D-93A7-420D-975D-E9EB10601650&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FA8D2C7D-93A7-420D-975D-E9EB10601650&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FA8D2C7D-93A7-420D-975D-E9EB10601650&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 28 Sep 2023 22:24:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PHW3WRG47RR4SA8XBEMW

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 28 Sep 2023 22:24:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FA8D2C7D-93A7-420D-975D-E9EB10601650&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CG2YHNDCA2CT2WSAE3RY
Pug
image2.pubmatic.com/AdServer/ Frame 0001
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H
42 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 28 Sep 2023 22:24:58 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 9A80
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2098319400227191563&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2098319400227191563&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
08813c94-326b-4798-b5d6-7f63a1f657fa
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2098319400227191563&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.162.209.141; 178.162.209.141; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F42A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284006397900355723&gdpr=0&gdpr_consent=
42 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284006397900355723&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 28 Sep 2023 22:24:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284006397900355723&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame E79E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cc151ade-34c3-4e1d-8d0d-b6e3e65ba9fb&ssp=pubmatic
43 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cc151ade-34c3-4e1d-8d0d-b6e3e65ba9fb&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.19.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-19-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 28 Sep 2023 22:24:58 GMT

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 28 Sep 2023 22:24:58 GMT
Location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cc151ade-34c3-4e1d-8d0d-b6e3e65ba9fb&ssp=pubmatic
Pug
simage2.pubmatic.com/AdServer/ Frame A371
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 28 Sep 2023 22:24:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6143
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRX9OgAT2kDlpQBY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 28 Sep 2023 22:24:58 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220029-FRA
x-timer
S1695939899.613148,VS0,VE92

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 28 Sep 2023 22:24:58 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRX9OgAT2kDlpQBY
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220029-FRA
x-timer
S1695939899.507324,VS0,VE93
Pug
simage2.pubmatic.com/AdServer/ Frame CE35
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:24:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 28 Sep 2023 22:24:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 8FA8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHamIwN0tLX29BQUJqdlI0eE5ydw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGjb07KK_oAABjvR4xNrw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2724395385258311914&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAGjb07KK_oAABjvR4xNrw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2724395385258311914%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2724395385258311914&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGjb07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGjb07KK_oAABjvR4xNrw&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGjb07KK_oAABjvR4xNrw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 28 Sep 2023 22:24:59 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGjb07KK_oAABjvR4xNrw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
bridge
cm.adgrx.com/ Frame 79FD 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 28 Sep 2023 22:24:58 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
Pug
image2.pubmatic.com/AdServer/ Frame 9620
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda77a42fd25a4ad8ad2799390eb11ca6
42 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda77a42fd25a4ad8ad2799390eb11ca6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUda77a42fd25a4ad8ad2799390eb11ca6
pragma
no-cache
server
Tengine
cm
ipac.ctnsnet.com/int/ Frame F6CB 		43 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 28 Sep 2023 22:24:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame FE29
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526623952065
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526623952065
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 28 Sep 2023 22:24:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526623952065
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 654C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4406721295720255939
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4406721295720255939
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4406721295720255939
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pubmatic
ad.mrtnsvr.com/sync/ Frame CECF 		332 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.163.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.163.102.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Thu, 28 Sep 2023 22:24:58 GMT
referrer-policy
no-referrer
cookiesync
core.iprom.net/ Frame 5421 		43 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 28 Sep 2023 22:24:58 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-ff9c7a96775c@version_1.571v3
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 703B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
80df664eab5f2c3d-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
80df664d6a162c3d-FRA
content-type
text/html
date
Thu, 28 Sep 2023 22:24:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
141
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 90C0 		0
0
csync
sync.spotim.market/ Frame B729 		43 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=FA8D2C7D-93A7-420D-975D-E9EB10601650
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 28 Sep 2023 22:24:57 GMT
Etag
ec8900977dae359f
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AB21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-o0sfZOnQg2XXenrEGAWUA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=75804
accept-ranges
bytes
content-length
5606
expires
Fri, 29 Sep 2023 19:28:22 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame AB21 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FA8D2C7D-93A7-420D-975D-E9EB10601650&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.9.68
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame AB21
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3065475015
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FA8D2C7D-93A7-420D-975D-E9EB10601650
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FA8D2C7D-93A7-420D-975D-E9EB10601650
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
via
1.1 google
last-modified
Thu, 28 Sep 2023 22:24:58 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FA8D2C7D-93A7-420D-975D-E9EB10601650
date
Thu, 28 Sep 2023 22:24:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame AB21
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FA8D2C7D-93A7-420D-975D-E9EB10601650
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTY1UEJSMXZIWldTYWVrNG94LVdtSDJhQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5814413650076095197&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.174.89.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-89-161.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:59 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 28 Sep 2023 22:24:59 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame AB21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkE4RDJDN0QtOTNBNy00MjBELTk3NUQtRTlFQjEwNjAxNjUw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AB21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFjwmXb2uyklTmI7Sah34gM&google_cver=1
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFjwmXb2uyklTmI7Sah34gM&google_cver=1
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFjwmXb2uyklTmI7Sah34gM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AB21 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 27 Sep 2023 22:24:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AB21
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5814413650076095197
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5814413650076095197
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5814413650076095197
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame AB21 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58292/ Frame AB21 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FA8D2C7D-93A7-420D-975D-E9EB10601650&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
FA8D2C7D-93A7-420D-975D-E9EB10601650
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AB21 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FA8D2C7D-93A7-420D-975D-E9EB10601650?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5aec:1139:b771:4a28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pixelSync
pixel-sync.sitescout.com/dmp/ Frame AB21 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame AB21 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FA8D2C7D-93A7-420D-975D-E9EB10601650&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame AB21
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4260316832137327304&gdpr=0&gdpr_consent=&us_privacy=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4260316832137327304&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4260316832137327304&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame AB21
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:85d6fe1f-fd95-4db8-a154-0f9104627b6a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:85d6fe1f-fd95-4db8-a154-0f9104627b6a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:85d6fe1f-fd95-4db8-a154-0f9104627b6a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 28 Sep 2023 22:24:58 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
hbw_master_307825_11600.js
p.nodserving.com/prebidlink/y19628/ Frame EA6F 		117 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.nodserving.com/prebidlink/y19628/hbw_master_307825_11600.js
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/19628/j.html?i=11600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d8a0e8fb64462d3b62780f316f3f56be341cf1c9939dd4979ab35b4ae1ba7c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/prebidlink/19628/j.html?i=11600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 01:33:10 GMT
server
nginx
etag
W/"64f7d6d6-1d268"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Sat, 30 Sep 2023 22:24:58 GMT
08ed2dbba267205f7da9.css
player.aniview.com/script/6.1/assets/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/assets/08ed2dbba267205f7da9.css
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:794::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0acc4587ac96b58cf4b13f1fb52bbf29f6b15555aa3d52d14ccd7966d226f5f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds5bA_3uPWN9TfXYYLcXPH9nBYOT1ixN3ZL3ciMKuBoL6yAprNcavpfwqqZIgTNl_tWCTfcWGD1onqVoLZc_O5-e5eJLouY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
3542
last-modified
Tue, 26 Sep 2023 11:41:22 GMT
server
UploadServer
etag
"1437d970d6b55154b2dd57d8f2e24584"
vary
Accept-Encoding
x-goog-generation
1695728482645108
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=1iuiXg==, md5=FDfZcNa1UVSy3VfY8uJFhA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
3542
accept-ranges
bytes
expires
Thu, 28 Sep 2023 22:34:58 GMT
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame 376E 		537 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:20:53 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
245
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
jdmsjFT8GMCuJ0Hb20fJOuMAczzXKwhjWUnQG_4cAdcAMjhKxRYtkQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame 376E 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnypost.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:57 GMT
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
4461
x-amz-cf-id
A_Dz4OrQqaBFEvrFi3XseeyrjqiiXYZsYlEhn-eloJ2KwAoQ1m5DHA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 376E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 05:00:26 GMT
x-amz-cf-pop
FRA56-P6
age
62672
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
c4KFnDyZO7bzdZLH9hWrIF1Ln34EjC3KFWqQX7K5v48qA6xh-UH48w==
/
go1.aniview.com/api/adserver/tag/ 		53 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=independent_ad&AV_CDIM4=076336dd-7b41-4597-a48f-77072791f1dc&AV_CDIM5=CHtHAfDeZYMmXxiqT9fqkjtCUprP7zqHpU9sWVOx8NoC8lB_IrCVWD_drDRKtxSn&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.4.0&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads-independent&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=634e65320022fb473b34ce15&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/634e65320022fb473b34ce15/nypost.com&d36=6.2.130&responsive=1&sver=4&avtoken=898602&omv=1.0.1&clsid=545e5255-7774-418a-9e16-d91fb61e5fc0&rando=15&AV_WIDTH=300&AV_HEIGHT=169&AV_CCPA=1---&AV_DNT=0&cb=1695939898609&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.95.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-95-168.compute-1.amazonaws.com
Software
/
Resource Hash
856fa2733ed707a50356f34d55495288a207982cb0b2814a85f09a6d761b1374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sun, 17 Sep 2023 08:38:18 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=independent_ad&cd4=076336dd-7b41-4597-a48f-77072791f1dc&cd5=CHtHAfDeZYMmXxiqT9fqkjtCUprP7zqHpU9sWVOx8NoC8lB_IrCVWD_drDRKtxSn&cd6=tier1-conv3&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.4.0&cd13=false&cd14=%5B%5D&cd15=ads-independent&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.2.130&apppkg=&fv=1&proto=https&clsid=545e5255-7774-418a-9e16-d91fb61e5fc0&rando=15&pid=5e0e296628a061270b21ccab&cid=634e65320022fb473b34ce15&stagid=&stplid=&e=inventory&vi=0&cb=1695939898606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.145.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-145-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tag
btloader.com/ Frame 376E
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152588670e321c471ade3b64c472922c0baaf6f96297cfb285be886b7770c503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 21:42:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2360
etag
W/"c4589fad62bc97a7de617c79413d165e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5%2B5kd4MSIU6scw9whSd58II7nC3Zd%2BGy0R1XZOsIk1QFVFpAapFlkWa1dPvHX4ljphIsYnxioUC3qQ7EyJKlO1egX3GmXmbmtXFFf9ljiGBI1Jcar79Jgq5NDzDkVeM%2FCK8STn9KwQ9aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
80df664f58d230e8-FRA

Redirect headers

date
Thu, 28 Sep 2023 22:24:58 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2361
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKh5NsMViOLNwGh3lQFb9lmCzxbz7qH9%2B0lxZ4NtzyI2R8%2FmZSoG1dprA3uCm2BIiPJe1ORVgSA%2B2s3643pcTD6i%2Bckvy58iIudhE14HJpv8bGxshWNcbj374fYZ3HQc3Pna611iZCt1mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=nypost.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
80df664f28b130e8-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 376E 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 28 Sep 2023 22:39:58 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 376E 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-12.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 04:31:23 GMT
content-encoding
gzip
via
1.1 3a5e4105e7e14b13dcdcd3f0d9062fa0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
64416
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
SY2glWhIJ_uW16XUYx3SVWOpmPZ3cBo-BsRhfKR2UR_gMx5PeQZTkg==
hadron.js
cdn.hadronid.net/ Frame 376E 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&ref=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&_it=amazon&partner_id=471
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
6731
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
80df664ee8fa91e9-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 376E 		142 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362cb3ee451098e7663093e3dc502c715c2c942c5e026387806197a9a815bc35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 09:24:45 GMT
server
cloudflare
x-amz-request-id
C3FTFKTQ8JPVT90K
age
2006
etag
W/"7bfa86f4fd91656713a35814298e67fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80df664ef96c37da-FRA
x-amz-id-2
hbFOjFY8zJd1NjI9E3oHmZCsYjy8lylOioq0iCJ+OLKgTN3d/GPqZ3dVTFnj0pWf25yAuXXXV7/bDBpltphk4w==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 376E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 28 Sep 2023 22:39:58 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 376E 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 28 Sep 2023 22:39:58 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 376E 		95 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=nypost.com&url=https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&ref=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&_it=amazon&partner_id=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b729a2c7e76acacca858d1729626b29c8ad1e3345d40f73e9a74aed04a2f210

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Sep 2023 22:24:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
80df6651fc519170-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=nypost.com&url=https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
80df66515bd99170-FRA
content-length
0
content-type
application/json
date
Thu, 28 Sep 2023 22:24:59 GMT
debug
OPTIONS block
expires
Fri, 27 Sep 2024 22:24:59 GMT
server
cloudflare
hb_307825_11600.js
player.adtelligent.com/prebidlink/ex19629/ Frame EA6F 		920 B
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19629/hb_307825_11600.js
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19628/hbw_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
91605739a2dfb9746ad599e1d4e88499641083f2fbd8017262853b605b3becc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 22:24:58 GMT
date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 01:33:10 GMT
server
nginx
etag
W/"64f7d6d6-398"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 376E 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&pid=yV4mPS1GGGlAq&cb=0&ws=336x280&v=23.919.1525&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1649081769412-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F39694909%2C5850%2FIndependent%2FInd-NYpost%22%7D%5D&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprc=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:59 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
RRV6ZNJNN6JVY4MGZTWV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ScdWjWPslVZNT9615CFxk1JqGQdWIELDh9m7HyxxZiCHFry3aJ9Q4w==
map
bcp.crwdcntrl.net/6/ Frame 376E 		60 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7f862b9f032bb4a85cdc7d4b25be8454050b6de3d1e634a3a1a61b09da2994af

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.45.16.177
access-control-allow-credentials
true
content-length
60
expires
0
/
ghb.adtelligent.com/geo/ Frame EA6F 		135 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19628/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c7550fa72c33dd4da5056c9d639cf40b7d67ae36199e0f62bfda556c7c8b28c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:58 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.nodserving.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
135
tracking
ghb.adtelligent.com/adunit/ Frame EA6F 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11600&full_page_url=https%3A%2F%2Fnypost.com&adid=3qtt01.6h&features=16480&vpbv=N173&lifecycle_tte=593
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19628/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:58 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.nodserving.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
csyncs
ghb.spotim.market/ Frame 376E 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=744459&aid3=767137&aid4=767587&aid5=833229&aid6=839059&aid7=849704
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/gXYYL/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
aace117e0e94120ae1104561a6c1f98d5f3aa24dadfd79424113a4a09b28a222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:57 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
825
state
api.btloader.com/mw/ Frame 376E 		0
11 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:24:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame 376E 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1448849
x-guploader-uploadid
ADPycdvoAKZcVYy5cu--d5Ie_gYPFlSzNJileWVO2kmxPAwROpZh4Fs17-VKE0vULL0UmTLXqr0kN90JfJJWI_t0CAlhpQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaX0LCe5H4t5DEOabU8QL78Ev5xkAfrdpc3JjDZ2l3lUSOtRJ9ZIjMVeNimZBwykm50YucAvg5LLIGavQx7ePssbL%2FebS%2FvGivxiszQpnWBDGsHTcVpe3WGwKh5if10fU%2FQ7ThIEOXfk4ENi0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80df6650880a8fef-FRA
expires
Tue, 12 Sep 2023 04:18:21 GMT
favicon.ico
ad.doubleclick.net/ Frame 376E 		1 KB
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 09:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 09:03:46 GMT
px.gif
ad-delivery.net/ Frame 376E 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9186925310665011
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1448849
x-guploader-uploadid
ADPycdvoAKZcVYy5cu--d5Ie_gYPFlSzNJileWVO2kmxPAwROpZh4Fs17-VKE0vULL0UmTLXqr0kN90JfJJWI_t0CAlhpQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWmM1hQe02%2FV3x3dLXaRqbCukyFCan04EpVO0Isd9c5igmSPX94AJ4vNTnHn3z0krlx9T0NjHvlfW4V9Jh33BHx66d86eW5nsIumt4WmKYLzMeGf052Cl2tS%2BD07jB3sbqxD8Q%2B7FC3ZfY5lew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80df6650880e8fef-FRA
expires
Tue, 12 Sep 2023 04:18:21 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 376E 		190 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:59 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Thu, 28 Sep 2023 22:54:59 GMT
hbp_master_307825_11600.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame EA6F 		315 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19629/hb_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd1ffd0298a29b2df605ae5f258324b2a5a0f8fa59f74efd92b775c72c17b086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 22:24:58 GMT
date
Thu, 28 Sep 2023 22:24:58 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 13:16:06 GMT
server
nginx
etag
W/"64ac0496-4eb0b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
csync
sync.spotim.market/ Frame C5E0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 28 Sep 2023 22:24:58 GMT
Etag
ec8900977dae359f
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
cd3cc7a7-46a2-4b23-ad43-122ca27802a5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:24:59 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.162.209.141; 178.162.209.141; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
pixel
ap.lijit.com/ Frame 9478 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 28 Sep 2023 22:24:59 GMT
X-Sovrn-Pod
ad_ap7ams1
/
onetag-sys.com/usync/ Frame BF22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 54CC 		125 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b151aa3d07143e0caf0150faf6eeb78f9869493f8eedb7ae5ad677194b5c39b4

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:24:58 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 376E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame 376E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent}
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1695939899147
  • https://ad.turn.com/r/cs?pid=45&rndcb=4511585997
  • https://sync.1rx.io/usersync/turn/4260316832137327304?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-f944b26c-c708-4ccd-b32b-d...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
HTTP/1.1
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:58 GMT
Server
Adtelligent
Etag
ec8900977dae359f
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003
date
Thu, 28 Sep 2023 22:24:59 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf944b26cc7084ccdb32bd512a56c09e2003
content-type
text/html
prebid
rtb.openx.net/sync/ Frame 376E 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:59 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
ap.lijit.com/ Frame 376E 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Sep 2023 22:24:59 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 376E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRX9O.o0wlFC.WfFVUWb2AAA%261176
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRX9O.o0wlFC.WfFVUWb2AAA%261176
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
HTTP/1.1
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:58 GMT
Server
Adtelligent
Etag
04fc765a11283558
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xZySe7ziTPP31nVC%2BJJAG255zp0BTKZfDlFh%2Fl1sa3mUJRHTgrhsdsV8NOGaxizyl0nwedeucd13Rqn%2FZ7DJifM32FcM7tNBy7yUKst7avPJZ%2BKgsSOzsE%2BHaq7aKUyP8kBFKMbsJRkeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRX9O.o0wlFC.WfFVUWb2AAA%261176
cache-control
no-cache
cf-ray
80df6651cc48bb74-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 376E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eA8t3KE%2Bgb15n06PMYTdYmSDdOar9g%2Boq0Ek2qCRYDqRK%2BhpL6VdBu8uL26c4bV0vMSpEnLcZaZDjb7SvI4hNBD%2BO2s5PW0ncI7DyloSUjq45BbgiYQpc6QiwYARNpb50yHkvP83aYThJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80df6651cc45bb74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJa6%2Bk0iIZJZ5OliUofcBtstS8%2FK%2Bo57xShIq0rhtBuXBCmOj2dIm93PywaXl%2BBMsCy5NwamMCXN%2BhK7lEluaFhwWsHaaFMEYgtCBddAJjol03fmsILbCcFwzkkccad2Kf6yrwdd%2FKyZUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
cache-control
no-cache
cf-ray
80df66519c13bb74-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
csync
sync.adtelligent.com/ Frame 376E 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751324&extuid=${USER_ID}&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:58 GMT
Server
Adtelligent
Etag
04fc765a11283558
Content-Length
43
Content-Type
image/gif
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 376E 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:59 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Thu, 28 Sep 2023 22:39:59 GMT
config.json
player.adtelligent.com/exchange_rates/307824/ Frame EA6F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b23823d19aa819243da10b86c35354aad004d08b0d47e5f9484e1143dbacbf60

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 30 Sep 2023 22:24:59 GMT
date
Thu, 28 Sep 2023 22:24:59 GMT
content-encoding
gzip
last-modified
Tue, 26 Sep 2023 12:01:18 GMT
server
nginx
etag
W/"6512c80e-84e"
content-type
application/json
access-control-allow-origin
https://p.nodserving.com
cache-control
max-age=172800
x-proxy-cache
HIT
csync
sync.spotim.market/ Frame 54CC 		43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:24:58 GMT
Server
Adtelligent
Etag
ec8900977dae359f
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 54CC 		32 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:59 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA6-C1
age
289
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
80df66522dcb1c79-FRA
x-amz-cf-id
ezNksh412zlKy-pOWeu6OP0l7Tny76Qj7t7E0NIyJa6NLXCsRmK9jw==
expires
Thu, 28 Sep 2023 23:24:59 GMT
471
a.ad.gt/api/v1/u/matches/ Frame 376E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab67fbad9433a8d9ad28014c28c6ca9e73cbf05ebe341ee02a49f6b81fc6f84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 22:21:47 GMT
server
cloudflare
age
192
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
80df6652eb9537f0-FRA
prebid
prebid.deepintent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://nypost.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 28 Sep 2023 22:24:59 GMT
server
b
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 28 Sep 2023 22:25:00 GMT
prebid
ib.adnxs-simple.com/ut/v3/ Frame 376E 		584 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
90c6a10f569d87ccfdca58f208b0632848228105f804f587e889f512856d2bfb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
content-encoding
gzip
an-x-request-uuid
bd4e12d5-68c1-439d-aaa1-2eef890b8516
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.141; 178.162.209.141; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ghb.adtelligent.com/v2/auction/ Frame 376E 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
046ab3eec19878d2c0f325c5a61d0b1f8b147ab5904bc647fe3cdd6a56756505

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 28 Sep 2023 22:24:58 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1175
bid
ap.lijit.com/rtb/ Frame 376E 		94 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.4
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
750a19bc3e94bc62761d27d140dba1a06e1ef3ffa0522a854ba912198c42d194

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 28 Sep 2023 22:24:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
prebid.deepintent.com/ Frame 376E 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Sep 2023 22:24:59 GMT
server
c
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
v1
prg.smartadserver.com/prebid/ Frame 376E 		685 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
82418b28c8078ce9f2ea74d6b62008b537809b7cca62f396595097b4e3dbea16

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 376E 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
exchange.postrelease.com/ Frame 376E 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?us_privacy=1---&ntv_gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&ntv_ptd=1163444&ntv_pas=eyIxMTYzNDQ0IjpbWzMwMCwyNTBdLFszMjAsMjUwXSxbMzM2LDI4MF1dLCJsZW5ndGgiOjF9&ntv_pb_rid=34b2b756f7cdd7c&ntv_ppc=W3siYWRVbml0Q29kZSI6ImRpdi1ncHQtYWQtMTY0OTA4MTc2OTQxMi0wIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF0sWzMyMCwyNTBdLFszMzYsMjgwXV19LCJuYXRpdmUiOnsic2VuZFRhcmdldGluZ0tleXMiOmZhbHNlLCJ0eXBlIjoiaW1hZ2UifX19XQ==&ntv_dbr=eyJkaXYtZ3B0LWFkLTE2NDkwODE3Njk0MTItMCI6MH0=&ntv_url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.134.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-134-20.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 376E 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494467
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
504447152b42e9590490a14287a3d471b2ee340018520a15f229e47c51dc204d

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4rP%2FMxEMtwxBDIsx8SKfnAd9opyOuVSR4C5LfPq%2BnilsfWbbGJZuKr1lgHQuqkOT3RkNdqxOIo6Ed1hOiIpRhg1iBMbJPieMKGc5I8X4UjaBkTuapS1WXYR3n0BzFimMBZaX3bh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80df665708f0bb74-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 376E 		37 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494467
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
504447152b42e9590490a14287a3d471b2ee340018520a15f229e47c51dc204d

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bq%2FGR4FTQEIKTq3FY0B%2BQlRfFGdIT5zBZaIlYxDqivxxRzaiCyelofinQ2JYvFV7Cz%2FlL%2FxRTyzzv%2FQ%2BMUmbS9Q7FTRP8iRvDxyON4W6gALu%2B2UX5K6vnHM%2BQAQImayyYWFO%2Fh%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80df665708f2bb74-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ Frame 376E 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.4&cb=7195887155&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:24:59 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
/
ghb1.adtelligent.com/v2/auction/ Frame 376E 		278 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ffac0c4581996417333ba1c1d2f5414b232d502096d89f083cae885db2701368

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 28 Sep 2023 22:24:59 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
233
unruly_prebid
targeting.unrulymedia.com/ Frame 376E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs-simple.com/ut/v3/ Frame 376E 		144 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cd4275759d82539f3ebce0ed13a03c6c3f5fbe17c3c3a01992f41ed4fbef1321
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
an-x-request-uuid
71112907-e4ba-4804-9a20-e7c2f63ae601
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.141; 178.162.209.141; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 376E 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:24:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 376E 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:25:00 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
prebid.media.net/rtb/ Frame 376E 		32 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 28 Sep 2023 22:25:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 376E 		180 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&PageUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&PageReferrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&CanonicalUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1636cd272110170b176c5467bc70d1e8fb96b64d61800884d8f4a6a1ffd7c6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:59 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
auction
tlx.3lift.com/header/ Frame 376E 		19 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.37.4&referrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tmax=2000&gdpr=true&cmp_cs=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.92.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-92-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 376E 		505 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=8eb19f7f-b169-46cf-b4bc-792736c4586b%5E1&eid_spotim.market=eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&kw=News%2Chunterbiden%2Cjusticedepartment%2Crepublicans%2Cushouseofrepresentatives%2Cwhistleblowers&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=bc02151d-5fc2-409c-8d33-76a65503f5b7&l_pb_bid_id=61dfcfcd344803c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.5509610289594382
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
88b15e578ef5ff37b81641e9c94618c5e0eef0985704398b18adbe49201af992

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
505
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 376E 		504 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=8eb19f7f-b169-46cf-b4bc-792736c4586b%5E1&eid_spotim.market=eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&kw=News%2Chunterbiden%2Cjusticedepartment%2Crepublicans%2Cushouseofrepresentatives%2Cwhistleblowers&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=bc02151d-5fc2-409c-8d33-76a65503f5b7&l_pb_bid_id=62f02149a18be27&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.5715931715450056
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a3977968b73bf152f52d30827ab1ca76e87a62f40d9c13e9868f975db073bb7

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
504
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 376E 		505 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2223316&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=8eb19f7f-b169-46cf-b4bc-792736c4586b%5E1&eid_spotim.market=eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&kw=News%2Chunterbiden%2Cjusticedepartment%2Crepublicans%2Cushouseofrepresentatives%2Cwhistleblowers&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=bc02151d-5fc2-409c-8d33-76a65503f5b7&l_pb_bid_id=63a44e1d17411c9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.2894722620311756
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
91c321ec1f8303eb9be3e20072da1ef37aed034ad4841c0a800d465c6432c7e5

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
505
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 376E 		505 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=8eb19f7f-b169-46cf-b4bc-792736c4586b%5E1&eid_spotim.market=eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&kw=News%2Chunterbiden%2Cjusticedepartment%2Crepublicans%2Cushouseofrepresentatives%2Cwhistleblowers&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=bc02151d-5fc2-409c-8d33-76a65503f5b7&l_pb_bid_id=6466a9a8658dad9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.45216163040008306
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b6da8fc22459051e9be93743cfce1cbae1fa4bacb56784a3fc2069851b7f23b7

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
505
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 376E 		505 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=8eb19f7f-b169-46cf-b4bc-792736c4586b%5E1&eid_spotim.market=eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&kw=News%2Chunterbiden%2Cjusticedepartment%2Crepublicans%2Cushouseofrepresentatives%2Cwhistleblowers&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=bc02151d-5fc2-409c-8d33-76a65503f5b7&l_pb_bid_id=651b77ffb320575&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.5440972682916823
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
77ec6beef9a776b87b4544b565cfe565be9c07e0d920660349cc2dc521c0c4bf

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
505
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 376E 		505 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2435342&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=8eb19f7f-b169-46cf-b4bc-792736c4586b%5E1&eid_spotim.market=eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&kw=News%2Chunterbiden%2Cjusticedepartment%2Crepublicans%2Cushouseofrepresentatives%2Cwhistleblowers&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=bc02151d-5fc2-409c-8d33-76a65503f5b7&l_pb_bid_id=6642fee47e411a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.8169949248836019
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d3fb2d051fdbdff72e535518578fd19fdd13eae021334f3b419679b88dac21dc

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
505
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 376E 		505 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=8eb19f7f-b169-46cf-b4bc-792736c4586b%5E1&eid_spotim.market=eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&kw=News%2Chunterbiden%2Cjusticedepartment%2Crepublicans%2Cushouseofrepresentatives%2Cwhistleblowers&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=bc02151d-5fc2-409c-8d33-76a65503f5b7&l_pb_bid_id=67cf340b2d7a786&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.5010222020458848
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1c6e8ebb1e3e6df614cbd59b9f394419a531694c29613afec0db5105238f31bb

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
505
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ Frame 376E 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:25:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame 376E 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:25:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 376E 		714 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&PageUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&PageReferrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&CanonicalUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37c704683c1286c67dc7cf01961715f7241e3888ca8a0b71e75b160305259017
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:24:59 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
46
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
714
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame AB21 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:24:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
RBUtazJi-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/RBUtazJi-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.vtt
1 KB
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.vtt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06758c0fb4c8e5852413486c0768eaab563c04786dd765a7e96c546fa0c5bf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
506
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
229
x-served-by
cache-iad-kiad7000143-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 26 Sep 2023 13:54:39 GMT
server
nginx
x-timer
S1695939901.700923,VS0,VE86
etag
"e37d8f3e28479ce26e2077c4db84a81a"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7, 1

Redirect headers

date
Thu, 28 Sep 2023 22:25:00 GMT
via
1.1 9158fa1ac72d0c0684fe558c8655aeda.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
L4kOEyS0F5mG4JAw643qvY34absK4Yi3rZ5nGNsiZaqJHTOi7BFQhw==
related.js
ssl.p.jwpcdn.com/player/v/8.28.1/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.28.1/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c5b381c0a645c3ee25d34039e042d031d06db4e864a8f7b80ff121901b07e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:00 GMT
content-encoding
gzip
via
1.1 varnish
age
2096458
x-cache
HIT
content-length
25137
x-served-by
cache-fra-eddf8230048-FRA
last-modified
Thu, 31 Aug 2023 21:28:40 GMT
server
AmazonS3
x-timer
S1695939901.517944,VS0,VE0
etag
"0d8080950674fda2021256dc60e96773"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
32516
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame 7652 		723 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83564
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:12:16 GMT
expires
Thu, 26 Sep 2024 23:12:16 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Sep 2023 22:25:00 GMT
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-447501262&e=e&n=0142587920641757&abc=0&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=lezpku1fjnfn&i=0&id=RBUtazJi&lid=119s48ggwl4g&lsa=read&mt=1&pbd=1&pbr=1&pgi=7igxso13rd5p&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=11&pli=u1vgurofu8r1&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&pu=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&pv=8.28.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&tv=3.43.0&vb=1&vi=0.87&vl=90&wd=734&ab=1&cae=0&cb=0&cdid=jw-player-SPdDOYds-RBUtazJi-Toq2ZZoq&cme=0&dd=0&flc=1&fv=&ga=1&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FRBUtazJi.m3u8&pbc=0&pd=2&pdr=&plng=en-US&plt=1450&pni=1&po=0&pogt=DOJ%20delayed%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%E2%80%98shoot%20themselves%20in%20the%20foot%E2%80%99%3A%20whistleblower%20docs&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FToq2ZZoq%3Frelated_media_id%3DMEDIAID&sn=%7B%22name%22%3A%22nyp%22%2C%22url%22%3A%22https%3A%2F%2Fnypost.com%2Fwp-content%2Fplugins%2Fnyp-video-player%2Fbuild%2Fcss%2Fjw-player-skin.min.css%3Fad9fc065dbc69fad5901%22%7D&sp=0&st=3610&sa=1695939900500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230048-FRA
date
Thu, 28 Sep 2023 22:25:00 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4A5B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 28 Sep 2023 22:28:46 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Thu, 28 Sep 2023 22:25:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 28 Sep 2023 22:25:00 GMT
65a7abea-3495-4f7e-b6f3-14a525146880
https://nypost.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/65a7abea-3495-4f7e-b6f3-14a525146880
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=765088443&e=pa&n=8718279071278259&abc=0&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=lezpku1fjnfn&i=0&id=RBUtazJi&lid=119s48ggwl4g&lsa=read&mt=1&pbd=1&pbr=1&pgi=7igxso13rd5p&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=11&pli=u1vgurofu8r1&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&pu=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&pv=8.28.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&tv=3.43.0&vb=1&vi=0.87&vl=90&wd=734&ab=1&cme=0&flc=1&lng=en-US&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FRBUtazJi.m3u8&pd=2&pdr=&plng=en-US&pni=1&pogt=DOJ%20delayed%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%E2%80%98shoot%20themselves%20in%20the%20foot%E2%80%99%3A%20whistleblower%20docs&pr=2&tb=0&vd=35&sa=1695939900617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230048-FRA
date
Thu, 28 Sep 2023 22:25:00 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1463750910&e=ar&n=8512098104507897&abc=1&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=lezpku1fjnfn&i=0&id=RBUtazJi&lid=119s48ggwl4g&lsa=read&mt=1&pbd=1&pbr=1&pgi=7igxso13rd5p&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=11&pli=u1vgurofu8r1&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&pu=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&pv=8.28.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&tv=3.43.0&vb=1&vi=0.87&vl=90&wd=734&ab=1&abid=nc7mdwqbmp71&adi=nc7mdwqbmp71&apid=nc7mdwqbmp71&awi=1&awc=1&p=0&pc=0&pi=0&pr=2&vu=securepubads.g.doubleclick.net&apt=1&rtp=%7B%7D&sa=1695939900623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230048-FRA
date
Thu, 28 Sep 2023 22:25:00 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
RBUtazJi-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/RBUtazJi-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.jpg
58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a8fa6883b77ce9e70ccb0711da606f15f0bc97434b0a167ab880a23426148c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
308
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
58531
x-served-by
cache-iad-kiad7000079-IAD, cache-fra-eddf8230048-FRA
last-modified
Tue, 26 Sep 2023 13:54:39 GMT
server
nginx
x-timer
S1695939901.915979,VS0,VE86
etag
"4d244b05164c4dbc859babd3088ae30b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7214, 1

Redirect headers

date
Thu, 28 Sep 2023 22:25:00 GMT
via
1.1 b7258653b42aa6de9758e92b2878c108.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
acKc06UsOpEbZ7fjOCUYCPIAZLOBPloLQGpQwgbfYhTisBNFYSR2Hg==
multitracking
ghb.spotim.market/adunit/ Frame 376E 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/gXYYL/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nypost.com
Date
Thu, 28 Sep 2023 22:24:59 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
ROS
pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ Frame EA6F
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/nypost.com/ROS?rnd=0.12283942109775636&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.12283942109775636&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=...
293 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.12283942109775636&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&gdpr=1&gdprcs=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&ccpa=1---&e_pubcid=1c971390-b3f2-44a9-85ee-6c9fc2269e55
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3ae502bfe86929d2c34ca94df37c8948e285bfc69de4518de65fec09099dd509

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Thu, 28 Sep 2023 22:25:01 GMT
date
Thu, 28 Sep 2023 22:25:01 GMT
server
openresty
content-type
application/json
access-control-allow-origin
https://p.nodserving.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
293
x-sid
AMS-937

Redirect headers

date
Thu, 28 Sep 2023 22:25:01 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.nodserving.com
location
/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.12283942109775636&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&gdpr=1&gdprcs=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&ccpa=1---&e_pubcid=1c971390-b3f2-44a9-85ee-6c9fc2269e55
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-937
auction
rtb.adxpremium.services/openrtb2/ Frame EA6F 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2bd87964600e4c2d38a94ddb43203d458a261eb0b20102975857aa3d21efee

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 28 Sep 2023 22:25:01 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://p.nodserving.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
cdb
bidder.criteo.com/ Frame EA6F 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.3&cb=76489827978&lsavail=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.nodserving.com
date
Thu, 28 Sep 2023 22:25:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
openrtb
adx.adform.net/adx/ Frame EA6F 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.nodserving.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cJ1RsJTx-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/gDEZjQW7/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/cJ1RsJTx-120.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/cJ1RsJTx-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfc9401b8d463a39e1d4f2bec4f93ed3be066120d7afc0dc7fa03d322fc24c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
610
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6352
x-served-by
cache-iad-kiad7000083-IAD, cache-fra-eddf8230048-FRA
last-modified
Sun, 20 Aug 2023 16:08:08 GMT
server
nginx
x-timer
S1695939901.134143,VS0,VE2
etag
"42305508202e9d87f36ca6b80e9b7953"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
275913, 1

Redirect headers

date
Thu, 28 Sep 2023 22:23:35 GMT
via
1.1 b7258653b42aa6de9758e92b2878c108.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS58-P6
age
86
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/cJ1RsJTx-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Sxy29D-hTp4uN_alr5HgaGEOy0I3FmnoidC2FvtZO-UbzPlrzqSadA==
ads
pagead2.googlesyndication.com/gampad/ Frame 7652 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?sz=400x300&iu=%2F5850%2Fpost.videoplayer%2Fjw&ciu_szs=300x250%2C300x251%2C300x600%2C970x250&cust_params=permutive%3D&testadv&player_name=SPdDOYds&content=news%2Cpolitics%2Cgetty%2Ccrime%2Cap%2Crepublicans%2Chunter%20biden%2Cjustice%20department%2Cus%20house%20of%20representatives%2Cno-playlist%2Cwhistleblowers%2Crudy%20guliani&mediaId=RBUtazJi&mediaTitle=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&mediaDesc=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&mediaURL=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&correlator=2140140257215282&length=35&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&description_url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&vpos=preroll&vid_t=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&vpa=auto&vpmute=1&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=jwplayer&mpv=8.28.1&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2506310718&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=1C9211C9-764B-44D5-97A0-74E91481358E&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44801604&top=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&loc=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&dlt=1695939896287&idt=4440&dt=1695939901150&scor=1192041434494844&ged=ve4_td5_tt0_pd5_la5000_er840.268.1253.1002_vi0.0.1200.1600_vp87_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
in
us.q2s15.com/v5/ 		2 B
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.q2s15.com/v5/in
Requested by
Host: cdn.watchingthat.net
URL: https://cdn.watchingthat.net/us.wtat.plugin-jw_ima.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.180.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-180-235.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryZ8NO2h6KFDjbO1Ph

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:25:01 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
2
vary
Origin
content-type
text/plain; charset=utf-8
csi
csi.gstatic.com/ Frame 7652 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ln3qtuej&c=7161345126688&slotId=3580672563344&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=1759596602&e=ae&n=4526188982046433&abc=1&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=lezpku1fjnfn&i=0&id=RBUtazJi&lid=119s48ggwl4g&lsa=read&mt=1&pbd=1&pbr=1&pgi=7igxso13rd5p&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=11&pli=u1vgurofu8r1&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&pu=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&pv=8.28.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&tv=3.43.0&vb=1&vi=0.87&vl=90&wd=734&ab=1&abid=nc7mdwqbmp71&adi=nc7mdwqbmp71&apid=nc7mdwqbmp71&awi=1&awc=1&p=0&pc=0&pi=0&pr=2&vu=securepubads.g.doubleclick.net&aec=21009&apt=1&ato=10000&atu=https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D400x300%26iu%3D%2F5850%2Fpost.videoplayer%2Fjw%26ciu_szs%3D30&ec=900&iu=%2F5850%2Fpost.videoplayer%2Fjw&sa=1695939901251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230048-FRA
date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
cJ1RsJTx-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/gDEZjQW7/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/cJ1RsJTx-120.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/cJ1RsJTx-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfc9401b8d463a39e1d4f2bec4f93ed3be066120d7afc0dc7fa03d322fc24c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
610
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6352
x-served-by
cache-iad-kiad7000083-IAD, cache-fra-eddf8230048-FRA
last-modified
Sun, 20 Aug 2023 16:08:08 GMT
server
nginx
x-timer
S1695939901.290411,VS0,VE0
etag
"42305508202e9d87f36ca6b80e9b7953"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
275913, 2

Redirect headers

date
Thu, 28 Sep 2023 22:23:35 GMT
via
1.1 b7258653b42aa6de9758e92b2878c108.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS58-P6
age
86
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/cJ1RsJTx-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
d9ETncndYlh3-CFJ4HH3tKGAlqCcjh6dVoIGeZA532a-hHJwVVWmZA==
RBUtazJi-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/RBUtazJi-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.jpg
58 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a8fa6883b77ce9e70ccb0711da606f15f0bc97434b0a167ab880a23426148c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
308
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
58531
x-served-by
cache-iad-kiad7000079-IAD, cache-fra-eddf8230048-FRA
last-modified
Tue, 26 Sep 2023 13:54:39 GMT
server
nginx
x-timer
S1695939901.290872,VS0,VE0
etag
"4d244b05164c4dbc859babd3088ae30b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7214, 2

Redirect headers

date
Thu, 28 Sep 2023 22:25:00 GMT
via
1.1 b7258653b42aa6de9758e92b2878c108.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS58-P6
age
1
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/RBUtazJi-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
MjsMDguhqze7O_E7fSQdBB2xbgzuyhAZlYwL-R0632TnAmbE9gw7xw==
RBUtazJi.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/RBUtazJi.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:8a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
e4c79fdd411a8e7aada2ac0eff8dac3d3fd2bc802fb1f372c725bd67851f8179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
content-encoding
gzip
via
1.1 9158fa1ac72d0c0684fe558c8655aeda.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
544
x-amz-cf-id
kA7zKvxwhLXeOK8Ge6-fOPfwRpCDHY7ihCArtC5_1kRTJHfIKvSG4Q==
PugMaster
image6.pubmatic.com/AdServer/ Frame AB21 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97182054&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c9820303e179668bc773ca6b0dea6a4a072a3255008a9b632d5ec95940953ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 28 Sep 2023 22:25:01 GMT
content-length
1421
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame A28F 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=FA8D2C7D-93A7-420D-975D-E9EB10601650&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 28 Sep 2023 22:25:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame DD98
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2e4c55b4d2d384e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXnWjVVhWQXQYSWn&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXnWjVVhWQXQYSWn&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:25:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXnWjVVhWQXQYSWn&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame E73F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 28 Sep 2023 22:25:01 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 7E05
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A205FFD83F664DEEBB5F600D1D1F2489&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A205FFD83F664DEEBB5F600D1D1F2489&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:25:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 28 Sep 2023 22:25:01 GMT
expires
Wed, 27 Sep 2023 22:25:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A205FFD83F664DEEBB5F600D1D1F2489&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 6BD9
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5604958134
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5604958134
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 28 Sep 2023 22:25:01 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 28 Sep 2023 22:25:01 GMT
etag
RXf944b26cc7084ccdb32bd512a56c09e2003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5604958134
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
csync
sync.spotim.market/ Frame 80F4 		43 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=FA8D2C7D-93A7-420D-975D-E9EB10601650
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 28 Sep 2023 22:25:00 GMT
Etag
ec8900977dae359f
Server
Adtelligent
mw
mwzeom.zeotap.com/ Frame AB21 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=FA8D2C7D-93A7-420D-975D-E9EB10601650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80df665f8909382c-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame AB21
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FA8D2C7D-93A7-420D-975D-E9EB10601650&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FA8D2C7D-93A7-420D-975D-E9EB10601650&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FA8D2C7D-93A7-420D-975D-E9EB10601650&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:14 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:14 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=FA8D2C7D-93A7-420D-975D-E9EB10601650&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame AB21
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=FA8D2C7D-93A7-420D-975D-E9EB10601650&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=5814413650076095197&gdpr=0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f7bf62ca17580f3d0ca5c7b05fca32df&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:02 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame AB21
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2098319400227191563
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2098319400227191563
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 28 Sep 2023 22:25:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:01 GMT
an-x-request-uuid
9e35af38-6ca3-49df-a65c-93d61121b743
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2098319400227191563
x-proxy-origin
178.162.209.141; 178.162.209.141; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
RBUtazJi-34195341.mp4.m3u8
videos-cloudfront.jwpsrv.com/6516a5fd_ec1d5e9272a421b240a0bf841b029323d91201ab/content/conversions/XDErnc08/videos/ 		491 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_ec1d5e9272a421b240a0bf841b029323d91201ab/content/conversions/XDErnc08/videos/RBUtazJi-34195341.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
efac4ac0fb002d9736352f180d262947cc068074d3e8db069c7b3ddb1fa842cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
174
x-served-by
cache-iad-kiad7000071-IAD, cache-fra-etou8220092-FRA
server
otfp
x-timer
S1695736738.771025,VS0,VE88
etag
"CBNhFWN3ZRgbgHkmfB7dLUmmtKqyilqST6Xx56Rxvlu6uE6eOWR69Rp16i8VuykzFvUQjj3447RZBUxI51vAV1tfhw"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
Lc9a7NHtUZBTXZ3slo2yFzHnxOS6hoV7w4_MlpIyxN5rUrGFqziIsw==
x-cache-hits
4, 0
RBUtazJi-34195341.mp4-1.ts
videos-cloudfront.jwpsrv.com/6516a5fd_ec1d5e9272a421b240a0bf841b029323d91201ab/content/conversions/XDErnc08/videos/ 		200 KB
201 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_ec1d5e9272a421b240a0bf841b029323d91201ab/content/conversions/XDErnc08/videos/RBUtazJi-34195341.mp4-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
8410c8dead5dfe12d367fa1f674c5ab2ded97897440651b3352ec5370e8c0ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
204920
x-served-by
cache-iad-kcgs7200035-IAD, cache-fra-etou8220079-FRA
server
otfp
x-timer
S1695791028.293307,VS0,VE6
etag
"Wi8xjHL1HeobmxkdMn14eg6Zabb8wA3u5e6SSXdH-dq3eM9gbXpBZ_UXwoP96FIquvsIfudNd-lkJSoSx_5hQVPN6w"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=0.000 sl=4.000 vl=35.750 rs=320x180
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
DEnO4IWSAodNzoJMgGHgrIr3CSs-Rh7KsGIKl1Q7lthilMlrc4W3yw==
x-cache-hits
5, 1
abfd5897-4d4c-41d0-83e2-d4f6dcfb2e4e
https://nypost.com/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nypost.com/abfd5897-4d4c-41d0-83e2-d4f6dcfb2e4e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length
374591
Content-Type
text/javascript
RBUtazJi-34195348.mp4.m3u8
videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/ 		491 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/RBUtazJi-34195348.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
2027fea24d6e327a0b0439f59b703a883f4ad953b4f197d2d2a01941c9a8cad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
174
x-served-by
cache-iad-kcgs7200141-IAD, cache-fra-etou8220037-FRA
server
otfp
x-timer
S1695781457.734666,VS0,VE1
etag
"gp_6hiHWBID420AjjI7sjDdYMZw5MGykJ22BZdHNymy5-AVHbFRWOFCk-1V1e4TH-t44aOfLAilOHYbtDj6az8huog"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
hh5frm0vbJ07Df5mIyOCSBR3ExlatkyudtHungAMK8-OZD7i4Ti5cQ==
x-cache-hits
1, 1
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1677100211&e=s&n=9424335110859414&abc=1&abt=128_sendDomainToFeedsOn&aid=wExvYnLyEeyygEIIgluVXw&amp=0&ask=FTyzwZMf&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=lezpku1fjnfn&i=0&id=RBUtazJi&lid=119s48ggwl4g&lsa=read&mt=1&pbd=1&pbr=1&pgi=7igxso13rd5p&ph=1&pid=SPdDOYds&pii=0&pl=413&plc=11&pli=u1vgurofu8r1&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&pu=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&pv=8.28.1&pyc=1&s=1&sdk=0&stc=1&stpe=0&t=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&tv=3.43.0&vb=1&vi=0.87&vl=90&wd=734&abm=1&cae=0&cct=0&ch=2&cdid=jw-player-SPdDOYds-RBUtazJi-Toq2ZZoq&drm=0&ff=360&fsm=0&l=2&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FRBUtazJi.m3u8&pcp=0&pd=2&pdr=&plng=en-US&pni=1&pr=2&q=4&qcr=initial%20choice&sbr=600&sp=0&strt=1010&tb=4&tt=1&vd=35&vh=360&vs=5&vw=640&sa=1695939901630
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230048-FRA
date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
RBUtazJi-34195348.mp4-2.ts
videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/ 		535 KB
536 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/RBUtazJi-34195348.mp4-2.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
eecf3487824fa794933630218b974db0275bfe85b4bead6bb446078aab98029e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
547832
x-served-by
cache-iad-kcgs7200146-IAD, cache-fra-eddf8230096-FRA
server
otfp
x-timer
S1695785900.538605,VS0,VE1
etag
"rWP0-dngJOdkTd0BRXUf1dZafDa7cVIjSAgnnL8rhklFiIW5ePy7CiivhmZ7IVdR8TLSEdbrqCakrhYO3yH8E5wUkQ"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=4.000 sl=4.000 vl=35.750 rs=960x540
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
i5vhvT8Kl5Beh7KHx0iXH1w8V8dI6yar012mLQp6zw6eWXldEkvX-g==
x-cache-hits
5, 1
RBUtazJi-34195348.mp4-3.ts
videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/ 		723 KB
724 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/RBUtazJi-34195348.mp4-3.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
ad8c3e06bfffa2d7a9a128b0e7fd87771e78f03c3bbab99ba7b7afcb4566bdc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
740344
x-served-by
cache-iad-kjyo7100089-IAD, cache-fra-etou8220058-FRA
server
otfp
x-timer
S1695736528.284337,VS0,VE109
etag
"CzvXFfWaT7eDvAEdtfRQgNE63NZPy4Mxzn-5gBZ9xdRjGRa8k2sfvL6su02SRXSbmL1-VS8oKgBBfv4C-FAu0Y4LiA"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=8.000 sl=4.000 vl=35.750 rs=960x540
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
Zh7pItOmxMWx0YrqDZbHFr8TAojtrY5UYfXL4Lw1FCJkzPN0FWdFtA==
x-cache-hits
0, 0
RBUtazJi-34195348.mp4-4.ts
videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/ 		558 KB
560 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/RBUtazJi-34195348.mp4-4.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
84b854ea90ac59ac69026b32e475c6b4b8078c6c45de2ce8186ce98137967f25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
571896
x-served-by
cache-iad-kcgs7200143-IAD, cache-fra-etou8220032-FRA
server
otfp
x-timer
S1695791129.861333,VS0,VE1
etag
"RZljQ-LZA_aohYQmh92txKGrdcoeRtLmb6_HeJZNfi8TbXObHkp284rnBCc7Y05_Nn-hfvFTHY_-kJkYLhMPeQzUIw"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=12.000 sl=4.000 vl=35.750 rs=960x540
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
beCLBx_MBlXbAWwfaiWi6R6MJdgIAGsmmdn1YsFLB9IxnKJt_b4BiA==
x-cache-hits
0, 1
csi
csi.gstatic.com/ Frame 7652 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ln3qtutb&c=7161345126688&slotId=3580672563344&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44801604
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RBUtazJi-34195348.mp4-5.ts
videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/ 		482 KB
483 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/RBUtazJi-34195348.mp4-5.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
4dd6133e1fba1bbbf41c961d2fc85e72636d2b5f9e21d242bfb8a2ddc95e177a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
493688
x-served-by
cache-iad-kcgs7200039-IAD, cache-fra-etou8220102-FRA
server
otfp
x-timer
S1695785901.966544,VS0,VE1
etag
"D2KWb-bkRXdvMHYCVOkRtqOs2-luckdgeH9emWW6mn-u75sI1pqIlzZWS9Ai2oy39L56INrFKPfimD5J2Lsnc1CF-Q"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=16.000 sl=4.000 vl=35.750 rs=960x540
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
dt9km3nx_VjiLsb2W-jH1FrInsJoBq607SkTrzwOQPNRs1Ryid5wXA==
x-cache-hits
0, 1
RBUtazJi-34195348.mp4-6.ts
videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/ 		388 KB
389 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/RBUtazJi-34195348.mp4-6.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
ad0515829115a158a76de585848ecd679321a3e076419f16eafd1e62af4deeb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
397432
x-served-by
cache-iad-kjyo7100074-IAD, cache-fra-etou8220102-FRA
server
otfp
x-timer
S1695785901.424682,VS0,VE1
etag
"kXIB70cGVy1ZoYgaqFPMZ9jtjXBxJvC0eqt_8CS5kpOSexuCT67lX_kPOKjNMan49Cer1vHcdbDIOWktmVj2woK5xg"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=20.000 sl=4.000 vl=35.750 rs=960x540
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
SIEym5zJJmDtXbcmwWIzARcbuaKJFMAyC4-hUVH4xqYkHfL2qmpgYA==
x-cache-hits
31, 1
RBUtazJi-34195348.mp4-7.ts
videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/ 		262 KB
263 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/RBUtazJi-34195348.mp4-7.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash
c56fb276a7aac5bc2e05a0aaa649c6b885952a8b7747b3ff0281d8e4177a7d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:01 GMT
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
268088
x-served-by
cache-iad-kcgs7200056-IAD, cache-fra-eddf8230048-FRA
server
otfp
x-timer
S1695736529.180816,VS0,VE111
etag
"hEVIZPrCh2uREEjhi8KWVsyLFshKZacloGqjB7egTUCiEzmixoFzkzdONrcQF6KY8XQu0FmLlWJiqGb8XiOsToZxTQ"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=24.000 sl=4.000 vl=35.750 rs=960x540
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
9tTayB7j74F8RdeXUWvAYFnHyOvSdEj4XSRQil-jMW8SgNf4l_L2Ag==
x-cache-hits
0, 0
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 376E 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 29 Sep 2023 22:25:02 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 376E 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 29 Sep 2023 22:25:02 GMT
in
us.q2s15.com/v5/ 		2 B
170 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.q2s15.com/v5/in
Requested by
Host: cdn.watchingthat.net
URL: https://cdn.watchingthat.net/us.wtat.plugin-jw_ima.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.180.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-180-235.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary3fSUTCyBuBUKBz5m

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:25:02 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
2
vary
Origin
content-type
text/plain; charset=utf-8
mut
ghb.adtelligent.com/adunit/ Frame EA6F 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19628/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.nodserving.com
Date
Thu, 28 Sep 2023 22:25:01 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
multitracking
ghb.spotim.market/adunit/ Frame 376E 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/gXYYL/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nypost.com
Date
Thu, 28 Sep 2023 22:25:01 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=281968159&e=xapi&n=2203416527943336&aid=wExvYnLyEeyygEIIgluVXw&emi=lezpku1fjnfn&id=RBUtazJi&pli=u1vgurofu8r1&pv=8.28.1&tv=3.43.0&ed=6&prs=play&pid=SPdDOYds&ph=1&sdk=0&xam=getVisualQuality&sa=1695939902767
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230048-FRA
date
Thu, 28 Sep 2023 22:25:02 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
p
sb.scorecardresearch.com/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6390601&ns_type=hidden&ns_st_sv=6.3.0.180917&ns_st_pv=1.2.6.200828&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1695939900488&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=1003&ns_st_cl=35750&ns_st_pb=1&ns_st_mp=jwplayer&ns_st_mv=8.28.1&ns_st_pn=1&ns_st_tp=0&ns_st_ci=RBUtazJi&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1695939902824&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=1116&ns_st_dbt=1116&ns_st_bp=1116&ns_st_lt=2336&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_rt=100&ns_st_ub=0&ns_st_vo=0&ns_st_ws=norm&ns_st_ki=1200000&ns_st_pr=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=Hunter%20Biden%20sues%20Rudy%20Giuliani%20over%20infamous%20laptop%20found%20at%20repair%20shop&ns_st_ty=video&ns_st_ct=vc00&ns_st_ge=*null&ns_st_st=NY%20Post&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=NY%20Post&ns_st_ti=*null&ns_st_cu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FRBUtazJi.m3u8&c3=NYPOST&c4=*null&c6=*null&c7=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&c8=DOJ%20held%20Hunter%20Biden%20charges%20ahead%20of%20midterms%20to%20not%20%27shoot%20themselves%20in%20the%20foot%27&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-28.ams1.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:02 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
V-FWwiKgMWP4i9_KJt5W37TNMk-b2SSI37nXoHI-9aD1uSO0xuGL8w==
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame EA6F 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 29 Sep 2023 22:25:02 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame EA6F 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 29 Sep 2023 22:25:02 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame AB21 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 376E 		146 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.108.76 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbe87aa6958f7231301f1cdf4ca04961f58b223d82e1147a85dddb12b97d8d4c

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
x-api-key
79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type
application/json

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
x-amzn-trace-id
Root=1-6515fd40-37f5bf1a57846456768121d3
x-amzn-requestid
3bb376ee-90bd-42cf-a879-ff3cf153d760
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
L_SCFF1ePHcFkCg=
content-length
146
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.108.76 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:25:04 GMT
x-amz-apigw-id
L_SCDHALPHcFvPw=
x-amzn-requestid
4a6fbd25-6cbe-419e-991c-5721ace29174
track
track1.aniview.com/ Frame 48F6 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=independent_ad&cd4=076336dd-7b41-4597-a48f-77072791f1dc&cd5=CHtHAfDeZYMmXxiqT9fqkjtCUprP7zqHpU9sWVOx8NoC8lB_IrCVWD_drDRKtxSn&cd6=tier1-conv3&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.4.0&cd13=false&cd14=%5B%5D&cd15=ads-independent&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.2.130&apppkg=&fv=1&proto=https&clsid=545e5255-7774-418a-9e16-d91fb61e5fc0&rando=15
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.145.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-145-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 28 Sep 2023 22:25:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
json
gum.criteo.com/sid/ Frame EA6F 		2 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.nodserving.com&cw=1&pbt=1&lsw=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://p.nodserving.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
239468
expires
0
prebid
id5-sync.com/api/config/ Frame EA6F 		135 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.nodserving.com
date
Thu, 28 Sep 2023 22:25:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame EA6F 		43 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.nodserving.com
cache-control
no-cache
x-server
10.45.12.173
access-control-allow-credentials
true
content-length
43
expires
0
/
spl.zeotap.com/ Frame 4675 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c7d2a5fca9d1f548dd2ba749e5459a1182765e711f52ea9bba638c0359cc29
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://p.nodserving.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://p.nodserving.com
cf-cache-status
DYNAMIC
cf-ray
80df6672e98d382c-FRA
content-encoding
br
content-type
text/html
date
Thu, 28 Sep 2023 22:25:04 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
sync-all.html
adxbid.info/ Frame 11FC 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a613 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://p.nodserving.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80df66730a5f997b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:25:04 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxiv4ZsrBWCJsO2UxMpUeRpemfYzFDHCge2o4ZQpiTZUdv3m4emnYwHGyiOnBABXL9r6jqTGxlr%2BD7cSJnRHtz8XC2iMJsF%2BgayKO5sFbhBctMPRvx%2B%2FiPWp5g%2FwOZDUO%2BvJ%2BEmlRRORvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
json
gum.criteo.com/sid/ Frame 376E 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
237936
expires
0
prebid
id5-sync.com/api/config/ Frame 376E 		135 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:25:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 376E 		43 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.45.13.136
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 376E 		63 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
a5c9f86e2b5e1d5248a84f10c2352e28e92c2c8e62d972997d622dbc8ae552bb

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 28 Oct 2023 22:25:04 GMT
usync.html
eus.rubiconproject.com/ Frame 8FBB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Sep 2023 22:25:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 0138 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1140
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80df66730d071e3e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 28 Sep 2023 22:25:04 GMT
expires
Fri, 29 Sep 2023 02:25:04 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 0561
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 28 Sep 2023 22:25:03 GMT
Etag
ec8900977dae359f
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
fbdc0339-f1c9-4c27-872e-9c1b784a4215
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:25:04 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2098319400227191563&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.162.209.141; 178.162.209.141; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3A6D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75798
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 28 Sep 2023 22:25:04 GMT
expires
Fri, 29 Sep 2023 19:28:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 6046 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame 82D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 28 Sep 2023 22:25:04 GMT
X-Sovrn-Pod
ad_ap7ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8000 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75798
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 28 Sep 2023 22:25:04 GMT
expires
Fri, 29 Sep 2023 19:28:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame D809 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&informer=13399841
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 28 Sep 2023 22:25:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
isyn
prebid.a-mo.net/ Frame 122A 		551 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
eea964b5ef902f388e56357350bd44eb9c03f0a7f70627670b807a22751d3a1e

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
403
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 22:25:04 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
sync
eb2.3lift.com/ Frame C44E 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 28 Sep 2023 22:25:04 GMT
syncpixel.html
cdn.deepintent.com/ Frame BCA5 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.deepintent.com/syncpixel.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.16.136 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3084
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2178
content-type
text/html
date
Thu, 28 Sep 2023 21:33:40 GMT
etag
"132d7c71dbfb6624f05d37c846072bf8"
last-modified
Mon, 07 Nov 2022 09:28:43 GMT
server
UploadServer
x-goog-generation
1667813323196150
x-goog-hash
crc32c=nI96+A== md5=Ey18cdv7ZiTwXTfIRgcr+A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2178
x-guploader-uploadid
ADPycdtlqtRpG0LG40Af47sHzoXNwQpd9Gl9N57Rv2xoOUWzhF7JVbhfQVmdcHfeknnqIleacxaCrTmoel4L5BhA4zQhxYhNk_r7
csync
sync.adtelligent.com/ Frame 376E 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751324&extuid=${USER_ID}&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:25:03 GMT
Server
Adtelligent
Etag
04fc765a11283558
Content-Length
43
Content-Type
image/gif
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.nodserving.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.nodserving.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.nodserving.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 28 Sep 2023 22:25:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
233377
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 28 Sep 2023 22:25:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
244801
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ Frame 376E 		33 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8f479be0f290b16610cc408f9d6b00831777c4428393749e171dce1affb6972
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:25:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame EA6F 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8f479be0f290b16610cc408f9d6b00831777c4428393749e171dce1affb6972
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.nodserving.com
date
Thu, 28 Sep 2023 22:25:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
csync
sync.spotim.market/ Frame 122A 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&us_privacy=1---&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:25:03 GMT
Server
Adtelligent
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 122A 		32 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA6-C1
age
294
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
80df667318c21c79-FRA
x-amz-cf-id
ezNksh412zlKy-pOWeu6OP0l7Tny76Qj7t7E0NIyJa6NLXCsRmK9jw==
expires
Thu, 28 Sep 2023 23:25:04 GMT
getuid
ib.adnxs.com/ Frame 4675 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 4675 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=a2b4df09-819e-4353-8423-610299e3566e&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a2b4df09-819e-4353-8423-610299e3566e&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df66742aae382c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 28 Sep 2023 22:25:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=a2b4df09-819e-4353-8423-610299e3566e&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 4675 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 4675 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 4675 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230026-FRA
server
nginx
x-timer
S1695939905.594553,VS0,VE8
x-fastly-to-nlb-rtt
7457
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 4675 		0
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4675 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 28 Sep 2023 22:25:03 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 4675 		0
0
ibs:dpid=199624&dpuuid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_c...
dpm.demdex.net/ Frame 4675 		0
0
/
loadeu.exelator.com/load/ Frame 4675 		0
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023092900-25791-0.619386001695939904-6b3f773fb24d58729f774be370547738&zdid=533&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023092900-25791-0.619386001695939904-6b3f773fb24d58729f774be370547738&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df6673fa81382c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023092900-25791-0.619386001695939904-6b3f773fb24d58729f774be370547738&zdid=533&env=mWeb
Date
Thu, 28 Sep 2023 22:25:04 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7284006397900355723&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7284006397900355723&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df6673ba4c382c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7284006397900355723&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Date
Thu, 28 Sep 2023 22:25:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 4675
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 28 Sep 2023 22:25:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=G0cP9aJlkTFvNuh3iT8xEO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-49...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=G0cP9aJlkTFvNuh3iT8xEO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df6673ca59382c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
last-modified
Thu, 28 Sep 2023 22:25:04 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=G0cP9aJlkTFvNuh3iT8xEO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 4675 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df6673ea74382c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
cache-control
no-cache
x-server
10.45.30.142
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-xTt8K5NE2oq6_GEFk3xkVBgj0k0CYD_06Q--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-xTt8K5NE2oq6_GEFk3xkVBgj0k0CYD_06Q--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df66741a9b382c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-xTt8K5NE2oq6_GEFk3xkVBgj0k0CYD_06Q--~A&zpartnerid=570&env=mWeb
date
Thu, 28 Sep 2023 22:25:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=uYuAHxkjGqepIhDovo8av5LkNC3apfgj%2BS41iYitP1U%3D
0
0
v2
odr.mookie1.com/t/ Frame 4675 		0
0
usermatch.gif
beacon.krxd.net/ Frame 4675 		0
0
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4675 		0
0
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZRX9OgAT2kDlpQBY&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZRX9OgAT2kDlpQBY&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df66741a9c382c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-etou8220029-FRA
pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1695939905.548138,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZRX9OgAT2kDlpQBY&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
v2
usermatch.krxd.net/um/ Frame 4675 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4675 		0
0
87734
tags.bluekai.com/site/ Frame 4675 		0
0
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 4675 		0
0
token
pixel.rubiconproject.com/ Frame 4675 		0
0
syncd
x.bidswitch.net/ Frame 4675 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.19.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-19-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 4675 		95 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df66736a0d382c-FRA
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 4675
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=kfKCPMGjgGiK8dEwlPaeO5P2hzmK99Jskf7RBoH9&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=cc1b4c76-76d5-480...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=kfKCPMGjgGiK8dEwlPaeO5P2hzmK99Jskf7RBoH9&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80df6673ba4b382c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 28 Sep 2023 22:25:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=kfKCPMGjgGiK8dEwlPaeO5P2hzmK99Jskf7RBoH9&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 4675 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3A6D 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3912556&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:03 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 8FBB 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b0cb7d4b3cef95429a64326761eecf513b476adfb30ee40b0ee7712497e4e65a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 22:25:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Sep 2023 17:10:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67498
Connection
keep-alive
Content-Length
10472
Expires
Fri, 29 Sep 2023 17:10:02 GMT
getuid
eb2.3lift.com/ Frame 11FC 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
108
match.deepintent.com/usersync/ Frame BCA5 		0
0
112
match.deepintent.com/usersync/ Frame BCA5 		0
0
150
match.deepintent.com/usersync/ Frame BCA5 		0
0
121
match.deepintent.com/usersync/ Frame BCA5 		0
0
126
match.deepintent.com/usersync/ Frame BCA5 		0
0
129
match.deepintent.com/usersync/ Frame BCA5 		0
0
147
match.deepintent.com/usersync/ Frame BCA5 		0
0
106
match.deepintent.com/usersync/ Frame BCA5 		0
0
692.json
id5-sync.com/g/v2/ Frame 376E 		276 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Thu, 28 Sep 2023 22:25:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 		0
0
692.json
id5-sync.com/g/v2/ Frame EA6F 		276 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.nodserving.com
date
Thu, 28 Sep 2023 22:25:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame 7CB3 		54 B
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80df6673dc299131-FRA
content-encoding
br
content-type
text/html
date
Thu, 28 Sep 2023 22:25:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPxmd9Ix%2FhHb1fBTkWhtEpBqM4QjKBnqbmB73ByuGKJn2GfOPbpKWezzXk1YeaM08KqDQjPYI642CesoHy4oYba5NDhXnc20jgdpxLy0ASUsPOv0kPxEZkCODBhnBjRKDZ7LTUHnP5NrbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 8FBB 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
prebid.gif
as.ck-ie.com/ Frame 11FC 		0
0
RBUtazJi-34195348.mp4-8.ts
videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/ 		233 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/6516a5fd_c8e3fce1653929e286f385f8c78eba83a7f3f012/content/conversions/XDErnc08/videos/RBUtazJi-34195348.mp4-8.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.28.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
otfp /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:25:04 GMT
via
1.1 varnish, 1.1 varnish, 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-backend
https://s3-external-1.amazonaws.com
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
fastly-stats
otfp=1
content-length
388408
x-served-by
cache-iad-kjyo7100044-IAD, cache-fra-eddf8230048-FRA
server
otfp
x-timer
S1695736530.539984,VS0,VE135
etag
"GbexpuftJnEap03B29E_z2Ntriv1v0Lz6IYPwxCKGVW61o6c0RE9JaCawNHNAYSgTjGCgrF-3_DWbvhivQyDyBR_3w"
vary
Accept-Encoding
content-type
video/mp2t
x-fastly-otfp-info
ss=28.000 sl=4.000 vl=35.750 rs=960x540
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-amz-cf-id
ZC3LNygS4ctYjftG3ei72SRtvpXDnYU3HLLEd0oUxXMoOAruLzvnzQ==
x-cache-hits
0, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=211945
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
dmp.v.fwmrm.net
URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=199624&dpuuid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361
Domain
mwzeom.zeotap.com
URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=uYuAHxkjGqepIhDovo8av5LkNC3apfgj%2BS41iYitP1U%3D
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/87734?id=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc1b4c76-76d5-480d-7998-8dbcd0cb2cfe%26reqId%3D08bee5de-93b3-4958-56dd-f32ac5e711ca%26zdid%3D1361
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=41544&puid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
spl.zeotap.com
URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/108
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/112
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/150
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/121
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/126
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/129
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/147
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/106
Domain
ping-meta-prd.jwpltx.com
URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=246621820&e=xapi&n=6769859917590382&aid=wExvYnLyEeyygEIIgluVXw&emi=lezpku1fjnfn&id=RBUtazJi&pli=u1vgurofu8r1&pv=8.28.1&tv=3.43.0&ed=6&prs=play&pid=SPdDOYds&ph=1&sdk=0&xam=getConfig&sa=1695939904600
Domain
as.ck-ie.com
URL
https://as.ck-ie.com/prebid.gif?limit=50&gdpr=1&gdpr_consent=CPyz5QAPyz5QAAcABBENDYCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper object| ga4Dims function| gtag object| dataLayer function| nypGa object| nypScripts string| nypost_screen object| _wpemojiSettings object| webpackChunknypost_2016 object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| nypAqfer object| jwDatazoomConfig string| usprivacy function| admiral object| googletag object| saasquatch_settings object| sailthru_vars string| ob_id object| OB_element object| OB_elements string| dimension21 function| nypGoogletag string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| webpackChunknyp_slideshow_modal object| MicroModal object| nypZephr object| nypMembership object| zephr object| twemoji object| webpackChunknyp_membership function| _ object| core object| cj object| __otccpaooLocation function| FlipboardWidgets function| 4dm1r11545242527 function| onRecaptchaLoadCallback object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| pbjs object| ProgrammaticBidding object| pbjsChunk object| _pbjsGlobals object| mnet object| mnjs string| nobidVersion object| nobid object| google_tag_manager object| google_tag_data number| hits object| initialized number| lastVisit number| sessionLastVisit number| sessionStarted boolean| triggerFlag boolean| startChatFlag number| differenceInHours object| GlobalSnowplowNamespace function| snowplow object| sharing_js_options undefined| windowOpen object| _stq object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| datazoom function| st_go function| linktracker_init object| wpcom boolean| availablePlans object| __OW_CONFIG__ object| __SPOTIM__ object| process object| __OW_FLAGS__ object| DD_LOGS string| __SPOTIM_PAGE_VIEW_ID__ object| otTCF object| otIabModule object| Optanon object| OneTrust function| wtAdTracer object| wtStream boolean| __bt_already_invoked function| onYouTubeIframeAPIReady object| gaGlobal function| noop object| mnjsWebpackJsonp object| rtd object| recaptcha object| closure_lm_180804 object| __OPEN_WEB__ object| ns_ object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog function| __SPOTIM_DISABLE_ADS__ function| avPlayer object| storageAni object| hadron boolean| __halo_loaded__ object| au object| closure_lm_481538 object| closure_lm_709258 object| criteo_syncframe_state

108 Cookies

Domain/Path Name / Value
nypost.com/ Name: usprivacy
Value: 1---
.nypost.com/ Name: blaize_session
Value: c3936518-1554-4c20-841d-815d100048bc
zephr-v4.nypost.com/ Name: AWSALB
Value: 3KasRlgEZesRpmMHs90JPpavXJRYjhPgBG/Sffbd5tqn96nJgsio4PD/Z3aiiUVBzh/xR6w0qPz8Cme6fv9PDcBqBLl5EVWacbzDVuYX/GLLZpE4Tupud0EByJUq
zephr-v4.nypost.com/ Name: AWSALBCORS
Value: 3KasRlgEZesRpmMHs90JPpavXJRYjhPgBG/Sffbd5tqn96nJgsio4PD/Z3aiiUVBzh/xR6w0qPz8Cme6fv9PDcBqBLl5EVWacbzDVuYX/GLLZpE4Tupud0EByJUq
.spot.im/ Name: device_uuid
Value: eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd
.nypost.com/ Name: _nyp_ses.64db
Value: *
.nypost.com/ Name: _nyp_id.64db
Value: .1695939897.1.1695939897..946a4374-9252-4812-ab74-16cef3353cf2..4530480c-b85d-4117-862f-13978661e928.1695939897250.1
.nypost.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Sep+29+2023+00%3A24%3A57+GMT%2B0200+(Central+European+Summer+Time)&version=6.39.0&hosts=&consentId=85ea0687-ce95-4863-aae1-f384dd43b316&interactionCount=0&landingPath=https%3A%2F%2Fnypost.com%2F2023%2F09%2F27%2Fdoj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot%2F&groups=BG239%3A1%2CC0022%3A1%2CBG240%3A0%2CC0023%3A0%2CBG241%3A0%2CC0024%3A0%2CBG242%3A0%2CC0013%3A0%2CC0017%3A0%2CC0030%3A0%2CBG243%3A1%2CBG244%3A1%2CBG245%3A0%2C1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2C8%3A0%2C9%3A0%2CC0012%3A0%2CC0020%3A0%2CC0021%3A0%2CC0029%3A0%2CC0033%3A0
.nypost.com/ Name: _nyp_sp_id_
Value: e85e1b2b-2142-4d7d-acc7-c0cde1b8ca27
.nypost.com/ Name: _ga
Value: GA1.1.267935833.1695939898
.nypost.com/ Name: _awl
Value: 2.1695939897.5-c4f158804d4ef2eb5a39d8deeaa61f48-6763652d6575726f70652d7765737431-0
.nypost.com/ Name: _admrla
Value: 2.2-058051ba9b62df94-edabb8db-5e47-11ee-a197-15a63551eda1
.nypost.com/ Name: spotim_visitId
Value: {%22visitId%22:%22eae21fd1-0aa2-4fdb-b26f-b5a87591b7bd%22%2C%22creationDate%22:%22Fri%20Sep%2029%202023%2000:24:57%20GMT+0200%20(Central%20European%20Summer%20Time)%22%2C%22duration%22:1}
.adnxs.com/ Name: uuid2
Value: 2098319400227191563
.advertising.com/ Name: A3
Value: d=AQABBDr9FWUCEAPyAZjYXFytwgmaGPBKeZgFEgEBAQFOF2UfZeANyiMA_eMAAA&S=AQAAAsykxSi46lP7fnaSTB9_UPE
nypost.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.nypost.com/ Name: _pubcid
Value: 8eb19f7f-b169-46cf-b4bc-792736c4586b
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FA8D2C7D-93A7-420D-975D-E9EB10601650
.spotim.market/ Name: a271858
Value: 2098319400227191563
.quantserve.com/ Name: d
Value: EO0BCwGHKvijAA
.quantserve.com/ Name: mc
Value: 6515fd3a-6b931-24140-0ae69
.bidswitch.net/ Name: tuuid
Value: 34ac6935-fecf-4608-ab5e-cfdccf3c986d
.bidswitch.net/ Name: c
Value: 1695939898
.bidswitch.net/ Name: tuuid_lu
Value: 1695939898
.adfarm1.adition.com/ Name: UserID1
Value: 7284006397900355723
.ctnsnet.com/ Name: cid_08098511e24c451d8a90b2ccd5e0eb06
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: P1x4Uc9LXAg-51
.doubleclick.net/ Name: IDE
Value: AHWqTUmUyMrfBsK9rXOYNJh2Xqfy7zHjsBR8QHbBI76_1thGbpSTn493Dcu1RBk1dr4
.simpli.fi/ Name: suid
Value: A205FFD83F664DEEBB5F600D1D1F2489
.csync.loopme.me/ Name: viewer_token
Value: 7002610f-4a16-42a5-a89b-f093e8b3aa31
.spotim.market/ Name: vmuid
Value: ec8900977dae359f
.spotim.market/ Name: a281178
Value: FA8D2C7D-93A7-420D-975D-E9EB10601650
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7284006397900355723&KRTB&23369-7284006397900355723
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2098319400227191563&KRTB&23339-2098319400227191563
.de17a.com/ Name: guid
Value: 1.4406721295720255939
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlqaWxpYWlhamwJAJVxm3gQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjMzMrY0NTIwMxXiM9StcPVx9Stzd4z3SgwAABWoN-ElAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjMzMrY0NTIwMxXiM9StcPVx9Stzd4z3SgwAABWoN-ElAAAA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H&KRTB&19420-ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H&KRTB&22979-ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H&KRTB&23403-ooTv4vLV7ba5h7zup4Dz5aCA6ue5gb-yoojTQZ8H
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFjwmXb2uyklTmI7Sah34gM&KRTB&23025-CAESEFjwmXb2uyklTmI7Sah34gM&KRTB&23386-CAESEFjwmXb2uyklTmI7Sah34gM
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588526623952065
.bidr.io/ Name: bito
Value: AAGjb07KK_oAABjvR4xNrw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4406721295720255939
.adx.opera.com/ Name: UID
Value: OPUda77a42fd25a4ad8ad2799390eb11ca6
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZRX9OgAT2kDlpQBY
.adform.net/ Name: uid
Value: 5814413650076095197
.adsby.bidtheatre.com/ Name: __kuid
Value: 85d6fe1f-fd95-4db8-a154-0f9104627b6a.465153898
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUda77a42fd25a4ad8ad2799390eb11ca6&KRTB&23485-OPUda77a42fd25a4ad8ad2799390eb11ca6&KRTB&23524-OPUda77a42fd25a4ad8ad2799390eb11ca6
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5814413650076095197&KRTB&23263-5814413650076095197&KRTB&23481-5814413650076095197
.turn.com/ Name: uid
Value: 4260316832137327304
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4260316832137327304&KRTB&23150-4260316832137327304&KRTB&23527-4260316832137327304
.sportradarserving.com/ Name: zuuid
Value: cc151ade-34c3-4e1d-8d0d-b6e3e65ba9fb
.sportradarserving.com/ Name: c
Value: 1695939898
.sportradarserving.com/ Name: zuuid_lu
Value: 1695939898
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1695939898
.amazon-adsystem.com/ Name: ad-id
Value: A_HPBdygsk3Dsh_k_MaXuEk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dd61cab4-b2b5-5842-694b-0eef6982e64c.XDldbsOYBPGfvpokyxVthoI%2FuLDQHVrNp5F7gPfM3pk
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dd61cab4-b2b5-5842-694b-0eef6982e64c.XDldbsOYBPGfvpokyxVthoI%2FuLDQHVrNp5F7gPfM3pk
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3WHKtLK1WEJpSw7vaYLmTLKi0Y0.Q7iEC%2FxdE7MAqi%2FHGjaO9lpPW62SW%2B7i1%2BjKRB7GRiA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3WHKtLK1WEJpSw7vaYLmTLKi0Y0.Q7iEC%2FxdE7MAqi%2FHGjaO9lpPW62SW%2B7i1%2BjKRB7GRiA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIM0O50WgEwgStCgaOClTCBeH7oroycBjFEFUVG-jTGABEHwYBCC6-teoBjABOgRLGKL4QgSq8bTn.5xPcCJJoHmoAx%2Fh4p1HidIgMo6OMm7lx1hEsa092OuM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIM0O50WgEwgStCgaOClTCBeH7oroycBjFEFUVG-jTGABEHwYBCC6-teoBjABOgRLGKL4QgSq8bTn.5xPcCJJoHmoAx%2Fh4p1HidIgMo6OMm7lx1hEsa092OuM
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-3WHKtLK1WEJpSw7vaYLmTLKi0Y0&KRTB&23334-3WHKtLK1WEJpSw7vaYLmTLKi0Y0&KRTB&23417-3WHKtLK1WEJpSw7vaYLmTLKi0Y0&KRTB&23426-3WHKtLK1WEJpSw7vaYLmTLKi0Y0
.tribalfusion.com/ Name: ANON_ID
Value: aantuJx2eNlSE0U7atv61Waap5fhMhQxCbkD6HX2JZasTZbF1HUfQUvGRRpw8BDinT23CXfKfk23Va56kqR12BLsS9
.audrte.com/ Name: arcki2
Value: i65PBR1vHZWSaek4ox-WmH2aA!20220908!1695939898792!ip#178.162.209.141
.audrte.com/ Name: arcki2_pubmatic
Value: FA8D2C7D-93A7-420D-975D-E9EB10601650!20220908!1695939898795
.smartadserver.com/ Name: pid
Value: 2724395385258311914
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAGjb07KK_oAABjvR4xNrw
.audrte.com/ Name: arcki2_ddp2
Value: i65PBR1vHZWSaek4ox-WmH2aA!20220908!1695939899019
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b5539b96436718fe
.casalemedia.com/ Name: CMID
Value: ZRX9O.o0wlFC.WfFVUWb2AAA
.casalemedia.com/ Name: CMPS
Value: 1176
.casalemedia.com/ Name: CMPRO
Value: 1176
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGjb07KK_oAABjvR4xNrw
.spotim.market/ Name: a323548
Value: 2098319400227191563
.adtelligent.com/ Name: vmuid
Value: 04fc765a11283558
.audrte.com/ Name: arcki2_adform
Value: 5814413650076095197!20220908!1695939899183
.adtelligent.com/ Name: a323546
Value: ZRX9O.o0wlFC.WfFVUWb2AAA&1176
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003%22%7D
.spotim.market/ Name: a708476
Value: RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003
.pubmatic.com/ Name: SPugT
Value: 1695939899
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AA6yWEHXsBEdWNfh
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156758:4
.pubmatic.com/ Name: DPSync3
Value: 1697068800%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1701043200%3A69%7C1697068800%3A243_249_166_233_46_3_99_81_176_13_8_161_214_238_54_264_254_55_21_165_220_234_204_71_251_56_22_88%7C1696723200%3A63%7C1697155200%3A35%7C1696464000%3A15_2_223%7C1698451200%3A203
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f944b26c-c708-4ccd-b32b-d512a56c09e2-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.zeotap.com/ Name: zc
Value: cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe
ads.playground.xyz/ Name: connect.sid
Value: s%3ANs9WMDfPH6Gz3UsUS3kjcwQFmyUHFWe6.MHo9FJkxX2427jlXQd8inW%2BjxV4B4SqJlidwxNSPWfE
.onaudience.com/ Name: done_redirects104
Value: 1
.semasio.net/ Name: SEUNCY
Value: C62607C042E9D26A
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-woK5xk2lhXnWjVVhWQXQYSWn
.pubmatic.com/ Name: PugT
Value: 1695939901
nypost.com/ Name: _dd_s
Value: logs=1&id=5565809d-6ea9-4404-8c22-4d4baecc5f5d&created=1695939897699&expire=1695940801576
.nypost.com/ Name: _ga_0DZ7LHF5PZ
Value: GS1.1.1695939897.1.0.1695939901.0.0.0
.onaudience.com/ Name: cookie
Value: db2f04e5a8b5a13c
.onaudience.com/ Name: done_redirects68
Value: 1
.onaudience.com/ Name: done_redirects161
Value: 1
.exelator.com/ Name: EE
Value: "f7bf62ca17580f3d0ca5c7b05fca32df"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHNPCnNzCg50dDc1MIgzTjFIDnRNNk8ycA0LTnR2CglbXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQfEl%252BUWb6IhfXxUUpaQyLSopPBR%252FN%252BwwA3lErcg%253D%253D"
.onaudience.com/ Name: done_redirects147
Value: 1

13 Console Messages

Source Level URL
Text
rendering warning URL: https://cdn.jwplayer.com/libraries/spddoyds.js?ver=6.0.5(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network error URL: https://sync.search.spotxchange.com/partner?source=211945
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://di.rlcdn.com/710530.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FA8D2C7D-93A7-420D-975D-E9EB10601650&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 498)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript warning URL: https://nypost.com/2023/09/27/doj-held-hunter-biden-charges-ahead-of-midterms-to-not-shoot-themselves-in-the-foot/
Message:
The resource https://zephr-v4.nypost.com/zephr/features was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc1b4c76-76d5-480d-7998-8dbcd0cb2cfe&reqId=08bee5de-93b3-4958-56dd-f32ac5e711ca&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adx.adform.net
adxbid.info
ap.lijit.com
api-2-0.spot.im
api.btloader.com
as.ck-ie.com
assets-jpcust.jwpsrv.com
assets.a-mo.net
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
broker.datazoom.io
btloader.com
btlr.sharethrough.com
c.aaxads.com
c.amazon-adsystem.com
c1.adform.net
cdn.cookielaw.org
cdn.deepintent.com
cdn.flipboard.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jwplayer.com
cdn.watchingthat.net
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
core.iprom.net
cr.frontend.weborama.fr
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
eb2.3lift.com
entitlements.jwplayer.com
eus.rubiconproject.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.gstatic.com
geolocation.onetrust.com
ghb.adtelligent.com
ghb.spotim.market
ghb1.adtelligent.com
go1.aniview.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
launcher-sa.spot.im
lb.eu-1-id5-sync.com
loada.exelator.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mwzeom.zeotap.com
nid.nypost.com
nypost-com.videoplayerhub.com
nypost.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.nodserving.com
p.rfihub.com
p.typekit.net
pagead2.googlesyndication.com
pagesix.com
pbcs.nypost.com
pbjs.e-planning.net
ping-meta-prd.jwpltx.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
platform.datazoom.io
player.adtelligent.com
player.aniview.com
player.spotim.market
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.deepintent.com
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
prod.tahoe-analytics.publishers.advertising.a2z.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
rebelhen.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
rumcdn.geoedge.be
s.tribalfusion.com
s0.2mdn.net
sac.nypost.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static-cdn.spot.im
static.adsafeprotected.com
static.criteo.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.richaudience.com
sync.search.spotxchange.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
track1.aniview.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.q2s15.com
use.typekit.net
usermatch.krxd.net
videos-cloudfront.jwpsrv.com
warp.media.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
zephr-v4.nypost.com
aax-eu.amazon-adsystem.com
as.ck-ie.com
beacon.krxd.net
cm-supply-web.gammaplatform.com
dmp.v.fwmrm.net
dpm.demdex.net
match.deepintent.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
ping-meta-prd.jwpltx.com
pixel.rubiconproject.com
spl.zeotap.com
sync.richaudience.com
sync.search.spotxchange.com
sync.tidaltv.com
tags.bluekai.com
usermatch.krxd.net
104.18.25.18
104.18.27.193
107.23.205.218
108.138.1.25
108.138.7.43
108.138.7.59
108.156.60.114
13.224.189.120
13.248.245.213
130.211.16.136
130.211.23.194
141.94.171.215
141.94.242.204
141.95.98.65
142.250.185.194
142.250.185.226
142.250.185.70
145.40.97.67
15.235.15.221
151.1.205.165
151.101.2.49
151.139.128.10
152.199.22.243
162.19.138.116
162.55.120.196
178.250.1.9
18.196.92.110
18.198.19.227
18.239.18.12
18.239.50.8
18.65.39.28
18.66.138.185
18.66.97.91
184.30.16.195
184.30.211.26
184.30.24.22
184.72.145.68
185.106.140.18
185.15.245.83
185.184.8.90
185.239.172.77
185.255.84.151
185.64.189.112
185.64.190.81
185.64.191.210
185.83.69.58
185.86.138.123
185.86.139.104
185.89.210.141
185.89.210.212
192.0.66.32
192.0.76.3
193.0.160.131
193.3.178.4
195.5.165.20
198.47.127.19
2001:4860:4802:32::3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.182
216.52.2.39
2600:1901:0:7416::1
2600:9000:21c7:1800:13:af59:7380:93a1
2600:9000:21f3:3a00:8:48e:53c0:93a1
2600:9000:2240:800:e:5a70:ca40:93a1
2600:9000:2449:8a00:1:a3fa:7cc0:93a1
2600:9000:2491:9a00:3:37c9:30c0:93a1
2600:9000:2491:a800:4:b37b:9440:93a1
2602:803:c004:200::140
2606:4700:10::6816:1857
2606:4700:10::6816:3556
2606:4700:10::6816:36e8
2606:4700:10::6816:445
2606:4700:10::ac43:246e
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:20::681a:832
2606:4700:4400::6812:2089
2606:4700::6812:18ad
2606:4700::6812:83ec
2606:4700::6813:9f13
2606:4700:e4::ac40:a613
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:831::2002
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:3500:16::215:148b
2a02:26f0:480:794::2c79
2a02:26f0:480:f::213:7ece
2a02:fa8:8806:16::1370
2a02:fa8:8806:20::2100
2a04:4e42:400::626
2a04:4e42:600::300
2a04:4e42::626
2a05:d018:d29:3602:5aec:1139:b771:4a28
2a0c:5c87:5239::2
3.122.160.38
3.33.220.150
3.75.62.37
34.102.163.6
34.102.253.54
34.107.148.139
34.110.220.19
34.111.113.62
34.111.129.221
34.111.131.239
34.233.180.235
34.254.143.3
34.36.206.170
35.186.193.173
35.204.158.49
35.214.174.212
35.227.252.103
35.244.174.68
35.80.108.76
37.157.2.229
37.157.6.243
44.199.95.168
44.218.131.204
45.133.44.3
45.133.44.4
46.228.174.115
46.228.174.117
51.38.120.206
52.18.182.246
52.211.174.80
52.50.134.20
52.57.151.220
54.146.162.150
54.174.89.161
63.251.232.165
64.227.64.62
67.220.224.150
69.173.144.139
77.243.51.121
8.18.47.7
82.145.213.8
85.114.159.93
95.101.149.233
98.98.134.241
99.86.4.39
01b7e314743f8a5c5ce3167eff99cacd2a4cc0719a2333ab9060cde899c26004
02d2367aaf67f102ad767298bbbc9992a4878217f9c6e90bc244e4824184e454
042f7f2584ad7ef059a8a04fe074f4f1ef875d8ba45fd73580e0224106debbc0
046ab3eec19878d2c0f325c5a61d0b1f8b147ab5904bc647fe3cdd6a56756505
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0661ebcdc864598ea7c0f4811aa08de5f2feaf045e2b9ec9c2aae351a47a52d7
06758c0fb4c8e5852413486c0768eaab563c04786dd765a7e96c546fa0c5bf9d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c21d52204f6df0f2295eac770281a8f9c0eeb50f00a45dec9e35c9cabd6df4
094e34495daeac2cdad47cf80071d73ddd79df53f398481670149a12a5557f19
0acc4587ac96b58cf4b13f1fb52bbf29f6b15555aa3d52d14ccd7966d226f5f5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c66fcbd005b49322f31177cd407cb74dbcca28d8dd197efc3aa2e754e724450
0cc5068304cfb22bbddb5a9800f7c59d843824381ad7183f89291ae41a6d09b8
0cf27d2a9369374840a31464cb543e98378fabed3f97d2d4dcc6b2e600b480c4
0f7878bce0e8aafd5ee13b5e7c9dbc892b8452be39621976f0b8a9004fa6667e
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741
13999a8611659365a88f9dd85c252af76e7f72b032ccc0fed703910b796e4776
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
152588670e321c471ade3b64c472922c0baaf6f96297cfb285be886b7770c503
1574ec82e9639e92b14f9f29da076c74b16d9461a746192bd9428b7aa1254ec2
16c61195d0b627aa07cf3d5befd83ae2990cf031a836d57769b5b27a2f915928
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
199e4835af79f304e97b71d6bd8c6e970c7d03c607f8b2cec52cc93ae73b5ab4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c6e8ebb1e3e6df614cbd59b9f394419a531694c29613afec0db5105238f31bb
1d5efa1877ba09128cd3c07a1c9e9e0b2f7579817311cfd00b01a835d32634a4
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1e46342c0be92982579a97285a650bb33f8cec310189760e860564b45b42ba1e
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2027fea24d6e327a0b0439f59b703a883f4ad953b4f197d2d2a01941c9a8cad5
20b7efe8486155db01ea1304479465917360eb8fec4092f7592b5eabc9b24d53
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
25151eb49bfba2a97876839edf771241ed4328d6bb413b6b0dcbb2dfecd3bb90
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b729a2c7e76acacca858d1729626b29c8ad1e3345d40f73e9a74aed04a2f210
2c2ccf88df3bee2fba31007db1f1fc2dc45eea79a231654f197d27e5fa2d6bed
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3229d1b3a2ceaf5cd78e728fef972048e012430d2bd31b69eddbb48d70b66dd4
32ad2ce0b3c149e8e9e90671f4dda953c5cb04a744e4bb83c35e3e8c10fc3173
362cb3ee451098e7663093e3dc502c715c2c942c5e026387806197a9a815bc35
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
370ce95fb3cade298648c5e8e4b4a75fa359043f85462cf951114103072d887c
37619e5369a3825b83c19196aa81cbe8e25a28ffad018fd9667af11c6b4838ca
37abef88a91af49d4c28175753243e01c7c6bc5366e643432a21615799c7f8a6
37c704683c1286c67dc7cf01961715f7241e3888ca8a0b71e75b160305259017
3ae502bfe86929d2c34ca94df37c8948e285bfc69de4518de65fec09099dd509
3c735c4ebe1bb83751e8325342cba1b6b6044ac98ec1d9e14b63eac5603ec184
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
3de512e65eca27243b7b560005d5dfa55328125106f0013eea24cd411003fe69
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404b7aeea155776bcbbbcc0d4e845ed8f62f07cfcb1bcc31db324a44f20c20d8
411c8ac2a8c4eb17f5f1d0d9419a21235a8dbb20b4fcd49d8dde46ed9178298d
4218b75101bc538fd7f8f71f58b381fde82f2322a3f2323a40a0107e4165352e
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451ce2bcc056a9985c7d83a91689076e08450f9f5375b3f35ee6a6ff454eb6a7
45bba1c625ca7128376311c5490b2d4a283dd787eec1c011be838141bfbb42ea
4808c8e8e2350265366b6e9b590043f18be423649ffdfaaa4a87c4edc2961d5b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d098860773d68c5d80ac5f428b3c1d0ed991cb1f89964c20d059cb645aa4494
4d87337c4d45c00ab69990de4a61a289b9b49cde25c9bc29f00b460fadc1f3c6
4dd6133e1fba1bbbf41c961d2fc85e72636d2b5f9e21d242bfb8a2ddc95e177a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1dd78ad69fc4a0df1f0edb67f6c10bcbf16057588c2b6f7535930e967ef742
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
504447152b42e9590490a14287a3d471b2ee340018520a15f229e47c51dc204d
50b50177c1a5dc100fd047f23a6dd0e27fa034ff847c6742e692d916b6a21e03
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
52bd154b5d217dca9312eaa97f6032c2c671634bc19061450a15797aa55424b1
538be4d0f583d206b41eaf40ba202b642d3b7bca07ad734c834ef7ad8d13a700
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
54884e22a5a776b6c7eb41ae0e119b2ac1d2ba8765b063811b485dea1b8de946
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555cd03ff6898614166494825516fbaf15aadfb16f88611778b580257d120a24
557dd5d6af85b5639c20b92b58670a12f90b7d07a6f1277464fd05502e8b419b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5662149034f5fd127ca3fac155c369590a333672567f6d75983f58984d0b7d7b
569570d532fa6c2737ee3dccac947e9f02fbb9dde932e4f704d7ba37ca0fc7f1
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a8fa6883b77ce9e70ccb0711da606f15f0bc97434b0a167ab880a23426148c2
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bd3fcac620ef1b86850c77ac1fc5fcc02fe744cc5ac5f999421cf03f4127a75
5d6f2cecf904b1b45caa6561439a7f26cd547a36c611227f71b18b1b37139585
5e9379b04c04ded23ded2a88c24082f40dfc6aefb18f4cf021695e3d66b44f56
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60ef4cc14c7ddf4064f13e86655ef0186713e3eb6aeba049195017225d9733df
617bf1c27e03853ae5fa288ae5361889fc49736672164dbfd2007a2dcb8be86b
62a37e43f875eaacd71dd29e7745644f6ddd6470c63334bb624ec89241bc2b8d
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
683245d5f3f9976ce066aa5d899f8c533bec2ab49b9a848f1d19825c0b791566
68d915d90152855140b5fda03f779e6d2795a8913b86ae33e9eb54d3e8869057
6b0c1754513771739e14afd119d90ffe8a3d4b5148e8425288102bd1833dbcf1
6dcd7a25009c28fde817678bf4854e8bca5562347340f717af0d950c9c95fc83
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f2bd87964600e4c2d38a94ddb43203d458a261eb0b20102975857aa3d21efee
6f8b2b91c0a7c18a0eafd67bcaa80fdb350695ecc4d866f71728c74a8f886598
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
70cb36e1705100380461ae92749d1b7838286c8fd15d2773d2232695c4b5d070
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90
73d3b0665c9ba0323fbadb5cd70a07ec2fdd1a7b2e550709a93c2a51027cfa15
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5
750a19bc3e94bc62761d27d140dba1a06e1ef3ffa0522a854ba912198c42d194
75dbdae146761f03ea3bc68ee23079280ff2564778dd8a93d43c88c27fb710f9
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
771676df0a22e07f73f7710292ec29b573ac81f5c107ae4d3527071d98343fd9
77ec6beef9a776b87b4544b565cfe565be9c07e0d920660349cc2dc521c0c4bf
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a0e8cb59a8b9b723a2e298c769bcea0631bd75c7442e21702deed1d6c2813c8
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
7c5b381c0a645c3ee25d34039e042d031d06db4e864a8f7b80ff121901b07e82
7c945c76f61bf69cee97b683207ad92cb4c83136b3a6c074307258826ce88e81
7cc16a477c1a90bfd29f57eb3a725e7f3ad44be936b0d800a9045ec0857f67eb
7e6d8425e323a908a2c90d047c45e0bc2073f86d2508c04908af805adbb34486
7e726299bfb821173ffa3ab4573c0c51bee9736e4636d0024797ecb3c85dd19f
7f34c8e47b276629a716cea9d7e2555f948db14bd4d250c5b0af3b1092697a65
7f862b9f032bb4a85cdc7d4b25be8454050b6de3d1e634a3a1a61b09da2994af
80c7d2a5fca9d1f548dd2ba749e5459a1182765e711f52ea9bba638c0359cc29
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
819dcb4ae19b3c27e3374d9fa37ed58caaaaf3b897a9d80bf4046f3765da89f0
82418b28c8078ce9f2ea74d6b62008b537809b7cca62f396595097b4e3dbea16
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c3b0cd425750525a180e93326fcd9d74f41597088f5957fe1d96d93ceb5f9c
8410c8dead5dfe12d367fa1f674c5ab2ded97897440651b3352ec5370e8c0ffb
84b854ea90ac59ac69026b32e475c6b4b8078c6c45de2ce8186ce98137967f25
856fa2733ed707a50356f34d55495288a207982cb0b2814a85f09a6d761b1374
87171d091d307d077266964e43251dbffd6d69c3fa0775e26481e08d31c949d6
876ed8d39144369bb5e9bc3bd83516efcc6fd763970926f6ef46485dc818c6d9
8881b6734eaa1ef2330b7ba22a9edf08afe8d4fe3bec5ba8edb3d90eedb888d6
88b15e578ef5ff37b81641e9c94618c5e0eef0985704398b18adbe49201af992
8aabf0113f8006f81da8b7164efce760ae81669f8c606f060cc2b375cc46728d
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c6a10f569d87ccfdca58f208b0632848228105f804f587e889f512856d2bfb
91605739a2dfb9746ad599e1d4e88499641083f2fbd8017262853b605b3becc3
91c321ec1f8303eb9be3e20072da1ef37aed034ad4841c0a800d465c6432c7e5
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21
96281150fc4b153640ffd15f9ce9a133ee631aecb0f955cd67974e72af74ae64
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3977968b73bf152f52d30827ab1ca76e87a62f40d9c13e9868f975db073bb7
9b5482933146ef854dc6abdb4fe947ff1479d8e79f27d486bb9803bae120dae7
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c3bb5e6f3f98afca5fc78c20b91e44813394cc9bebfe0968438fa6c39539251
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
9dd7f3509b0c04a53f7a60edd65fd4dafd9c5c8723ba3296de33dacb56e21ff2
9ed96d3023e9f7b4ec4992578c70790583f41d3dbcca81f6e3f6d73a4889ab84
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
9fa030bd8c5330c2e8e981e3449f052b5bdf950bf9bd955d93e0c02518805ca8
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a18a2e314eb89924b1871c684a4ab96815ec3e9ec4a858b07b8227b5779544b5
a299896d755c28f0b7313d5a96517a8e8b9d8c5408971bb0784a2d8c8aa69a97
a3fdce8587c21fb3df135dc7761dd203b6883685d4f791045a673d7f1f59db47
a4b516c88139845d962dc7d766587ad4062bc40c0f84b8aab837c0f799aa43a4
a5c9f86e2b5e1d5248a84f10c2352e28e92c2c8e62d972997d622dbc8ae552bb
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a958f4668ae3475e82efb5cd8ec12e6455ed7e78245f7001fa5b79d3a5c93fc2
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa75fa22ae72c1b4edfbca3f4e9c8f3b57244c5674346e5301af41125b389b57
aace117e0e94120ae1104561a6c1f98d5f3aa24dadfd79424113a4a09b28a222
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad0515829115a158a76de585848ecd679321a3e076419f16eafd1e62af4deeb4
ad5f11dd00d48d6058bb7ab44edeb643ccb1c0ad2fc53703f3e898ef0229b681
ad8c3e06bfffa2d7a9a128b0e7fd87771e78f03c3bbab99ba7b7afcb4566bdc1
affe42e5878cb6a6d888d239d3a3f211f395539eba2813a8bba74593dcc50107
b0b26fb8e1318f612e7bc978307f18fc79b93bc58e8b7311eed80de7b21e45ac
b0cb7d4b3cef95429a64326761eecf513b476adfb30ee40b0ee7712497e4e65a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b151aa3d07143e0caf0150faf6eeb78f9869493f8eedb7ae5ad677194b5c39b4
b23823d19aa819243da10b86c35354aad004d08b0d47e5f9484e1143dbacbf60
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
b6da8fc22459051e9be93743cfce1cbae1fa4bacb56784a3fc2069851b7f23b7
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
ba0e4777ade6e76d319d95ffe9cf484ea240834e319431ff6b0a2a09bd2e3107
badbcf045249cc5d9eab597c09eac8e1e4cac6d32f71d0b73213411bec24040e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf6000ae861eaaa745128dfb1d54a771fcb19d77ab2e07f8d089051c06cdcd5
bbf903684c94e204498e6645da2359da42517d09a3d9c330f43e9c66fa58b5b7
bd1ffd0298a29b2df605ae5f258324b2a5a0f8fa59f74efd92b775c72c17b086
bea78c373ea76ea89c8ec1a21b6989b051fa55ac737af65b7ee0bae59eac9e30
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c46f47251a8cedcc92264f0ba3ab8eb34f512b76d477e402cbe79a4472b06ee7
c56fb276a7aac5bc2e05a0aaa649c6b885952a8b7747b3ff0281d8e4177a7d41
c67b2c5a246898ee41fbb13a7aa993bd4f1f446248e10afdc609a3d2462ceacb
c7550fa72c33dd4da5056c9d639cf40b7d67ae36199e0f62bfda556c7c8b28c0
c8303d94c22f8d08a2bbf554557afbb554161aa594d248b2c77286b1d3c98252
c86554a8933a7bdf79a3d3ec72511c6091be0487cfef52a044214d68697dcff5
c9820303e179668bc773ca6b0dea6a4a072a3255008a9b632d5ec95940953ec0
c9cef747eb759ceb172aaaba4857e1f3a31c5894e7448dd79818ef717ec94bd2
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6488ea543938d04ddcf314af7c203a7a5f44d950001d3219d143365a2f3468
cbe87aa6958f7231301f1cdf4ca04961f58b223d82e1147a85dddb12b97d8d4c
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
cce768cee839e01c304a426f0dbce4298f6024d856d1abe69efe450ac35863b4
cd04ec32b7c2fa3d613ef228661dc83f47eb70e35a1fc73332d9244fcb409b02
cd19cc5fc19a2b0bcf831d5455f7ce926bb88535cd47410696935df2865c669f
cd4275759d82539f3ebce0ed13a03c6c3f5fbe17c3c3a01992f41ed4fbef1321
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1636cd272110170b176c5467bc70d1e8fb96b64d61800884d8f4a6a1ffd7c6a
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3fb2d051fdbdff72e535518578fd19fdd13eae021334f3b419679b88dac21dc
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
d607757f51eb50a5a0f61a788dc2bc11b03c4ce84232f0e60e01458018b7c65d
d62735077645cd3c421d34a4b49456bb9f1d0dbc3223e3a1f4f77428a65c6a4a
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8a0e8fb64462d3b62780f316f3f56be341cf1c9939dd4979ab35b4ae1ba7c0d
d8f479be0f290b16610cc408f9d6b00831777c4428393749e171dce1affb6972
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dccb7ec234ca213511fa14bf7dc135ff1a105166bf202f3af41b549fb289c177
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
dfc9401b8d463a39e1d4f2bec4f93ed3be066120d7afc0dc7fa03d322fc24c2d
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e1a1ff9f3534170921c8598ce7927c5839aa0d03108d1096f6f0d9c9d4588dcf
e38eb3d2b538a6720761004893b118f40723de23a3c57df68b50d5037c50c8f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b924a35823385fe5d1fbf922aa99d0e37d3aa5b08c30ed3517516e3515c6be
e4c79fdd411a8e7aada2ac0eff8dac3d3fd2bc802fb1f372c725bd67851f8179
e7e43dd04a274a58748ea704967748907767444d6a04c9abfe7fc84b1aabec9b
e948eb7fd66f63fa94dee8b077495ba1c4053573182d8aebf90aa1db18d95245
ec1c3e94da29461af12dd590e39720b1c2f41d3ace2737de17336c083b3f8329
ede54aed8f87fb9a902f235291ee5d4c05a6174c882318d5d0d4accb19c61f1a
eea964b5ef902f388e56357350bd44eb9c03f0a7f70627670b807a22751d3a1e
eecf3487824fa794933630218b974db0275bfe85b4bead6bb446078aab98029e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efac4ac0fb002d9736352f180d262947cc068074d3e8db069c7b3ddb1fa842cf
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3678aab0b3567729e07aeb488a538c7417e763aff7967d1cb60b47ecc23dc7f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3e0ecbf2ffcd68e029ca07d1e31d94c6f8839de278fe825e4f483c1b9eeae77
f6e05f5bd6f9da2d90030b22960571faf14590890c05e3d932604d3ce53e54ee
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fa34a2e5ec9044ed1dc5bf38ec8144a0dcdf4abf25476015a0c4f3b36fa55d01
fa7791fec913342ea73faacc4e2b72f72e264b8d305946ddd559384bf4d124a1
fab67fbad9433a8d9ad28014c28c6ca9e73cbf05ebe341ee02a49f6b81fc6f84
fac5e74d89a9f7ebaada1c783e47de50657803bf20ced45bea0336b9a0dda254
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fda8db814549908ee137821eba45365c0c60ba6c2470a475d05354bf3c1335c3
fe91307eea221c8ee07aebdbbfa588e1ad6e5a9b502cc9aa7438727676aa044a
ffac0c4581996417333ba1c1d2f5414b232d502096d89f083cae885db2701368